Skip to content

Commit 9a9a95d

Browse files
committed
feat(workflows): align ADO pipeline with GitHub a11y scan workflow AB#2011
- replace local CLI-based scan with deployed app API calls via curl - add matrix strategy for three target URLs with parallel execution - add weekly schedule (Monday 06:00 UTC) - publish SARIF results as pipeline artifacts - update README Azure Pipelines section with correct path 🔍 - Generated by Copilot
1 parent 8522928 commit 9a9a95d

2 files changed

Lines changed: 64 additions & 2 deletions

File tree

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
trigger: none
2+
3+
schedules:
4+
- cron: '0 6 * * 1' # Every Monday at 06:00 UTC
5+
displayName: 'Weekly accessibility scan'
6+
branches:
7+
include:
8+
- main
9+
always: true
10+
11+
pool:
12+
vmImage: 'ubuntu-latest'
13+
14+
variables:
15+
SCANNER_BASE_URL: 'https://a11y-scan-demo-app.azurewebsites.net'
16+
17+
strategy:
18+
matrix:
19+
codepen-sample:
20+
siteName: 'codepen-sample'
21+
siteUrl: 'https://codepen.io/leezee/pen/eYbXzpJ'
22+
a11y-scan-demo-app:
23+
siteName: 'a11y-scan-demo-app'
24+
siteUrl: 'https://a11y-scan-demo-app.azurewebsites.net/'
25+
ontario-gov:
26+
siteName: 'ontario-gov'
27+
siteUrl: 'https://www.ontario.ca/page/government-ontario'
28+
maxParallel: 3
29+
30+
steps:
31+
- checkout: self
32+
displayName: 'Checkout repository'
33+
34+
- script: |
35+
mkdir -p results
36+
HTTP_STATUS=$(curl -s -o results/$(siteName).sarif -w "%{http_code}" \
37+
-X POST "$(SCANNER_BASE_URL)/api/ci/scan" \
38+
-H "Content-Type: application/json" \
39+
-d '{"url": "$(siteUrl)", "format": "sarif"}' \
40+
--max-time 120)
41+
42+
echo "HTTP status: $HTTP_STATUS"
43+
44+
if [ "$HTTP_STATUS" -ne 200 ]; then
45+
echo "##vso[task.logissue type=error]Scan failed for $(siteUrl) (HTTP $HTTP_STATUS)"
46+
cat results/$(siteName).sarif
47+
exit 1
48+
fi
49+
50+
echo "SARIF file written: results/$(siteName).sarif"
51+
echo "File size: $(wc -c < results/$(siteName).sarif) bytes"
52+
displayName: 'Run accessibility scan - $(siteName)'
53+
timeoutInMinutes: 5
54+
55+
- task: PublishBuildArtifacts@1
56+
condition: always()
57+
inputs:
58+
pathToPublish: 'results'
59+
artifactName: 'a11y-sarif-$(siteName)'
60+
displayName: 'Publish SARIF artifact - $(siteName)'

README.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -358,8 +358,10 @@ violations visible as Code Scanning alerts under the repository Security tab.
358358

359359
### Azure Pipelines
360360

361-
An Azure Pipelines definition (`azure-pipelines/a11y-scan.yml`) provides equivalent
362-
functionality for Azure DevOps environments.
361+
An equivalent Azure Pipelines definition (`.azuredevops/pipelines/a11y-scan.yml`) scans the
362+
same three URLs via the deployed app's CI API, using matrix strategy for parallel execution
363+
and publishing SARIF artifacts. Configure it in Azure DevOps by pointing a pipeline to this
364+
file in the GitHub repository.
363365

364366
## Observability
365367

0 commit comments

Comments
 (0)