accessibility-scanner/action.yml at main · github/accessibility-scanner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
name: "accessibility-scanner"
description: "Finds potential accessibility gaps, files GitHub issues to track them, and attempts to fix them with Copilot."

inputs:
  urls:
    description: "Newline-delimited list of URLs to check for accessibility issues"
    required: true
    multiline: true
  repository:
    description: "Repository (with owner) to file issues in"
    required: true
  token:
    description: "Personal access token (PAT) with fine-grained permissions 'contents: write', 'issues: write', and 'pull_requests: write'"
    required: true
  cache_key:
    description: "Key for caching results across runs"
    required: true
  login_url:
    description: "If scanned pages require authentication, the URL of the login page"
    required: false
  username:
    description: "If scanned pages require authentication, the username to use for login"
    required: false
  password:
    description: "If scanned pages require authentication, the password to use for login"
    required: false
  auth_context:
    description: "If scanned pages require authentication, a stringified JSON object containing 'username', 'password', 'cookies', and/or 'localStorage' from an authenticated session"
    required: false
  skip_copilot_assignment:
    description: "Whether to skip assigning filed issues to Copilot"
    required: false
    default: "false"
  include_screenshots:
    description: "Whether to capture screenshots and include links to them in the issue"
    required: false
    default: "false"
  reduced_motion:
    description: "Playwright reducedMotion setting: https://playwright.dev/docs/api/class-browser#browser-new-page-option-reduced-motion"
    required: false
  color_scheme:
    description: "Playwright colorScheme setting: https://playwright.dev/docs/api/class-browser#browser-new-context-option-color-scheme"
    required: false

outputs:
  results:
    description: "List of issues and pull requests filed (and their associated finding(s)), as stringified JSON"
    value: ${{ steps.results.outputs.results }}

runs:
  using: "composite"
  steps:
    - name: Make sub-actions referenceable
      working-directory: ${{ github.action_path }}
      shell: bash
      run: |
        RUNNER_WORK_DIR="$(realpath "${GITHUB_WORKSPACE}/../..")"
        ACTION_DIR="${RUNNER_WORK_DIR}/_actions/github/accessibility-scanner/current"
        mkdir -p "${ACTION_DIR}/.github/actions"
        if [ "$(realpath ".github/actions")" != "$(realpath "${ACTION_DIR}/.github/actions")" ]; then
          cp -a ".github/actions/." "${ACTION_DIR}/.github/actions/"
        fi
    - name: Restore cached results
      id: restore
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/gh-cache/cache
      with:
        key: ${{ inputs.cache_key }}
        token: ${{ inputs.token }}
    - if: ${{ steps.restore.outputs.value }}
      name: Normalize cache format
      id: normalize_cache
      shell: bash
      run: |
        # Migrate cache format from v1 to v2:
        # If cached data is a list of Finding objects, each with 'issueUrl' keys (i.e. v1),
        # convert to a list of (partial) Result objects, each with 'findings' and 'issue' keys (i.e. v2).
        # Otherwise, re-output as-is.
        printf '%s' "value=$(printf '%s' '${{ steps.restore.outputs.value }}' | jq -c 'if (type == "array" and length > 0 and (.[0] | has("issueUrl"))) then map({findings: [del(.issueUrl)], issue: {url: .issueUrl}}) else . end' )" >> $GITHUB_OUTPUT
    - if: ${{ inputs.login_url && inputs.username && inputs.password && !inputs.auth_context }}
      name: Authenticate
      id: auth
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/auth
      with:
        login_url: ${{ inputs.login_url }}
        username: ${{ inputs.username }}
        password: ${{ inputs.password }}
    - name: Find
      id: find
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/find
      with:
        urls: ${{ inputs.urls }}
        auth_context: ${{ inputs.auth_context || steps.auth.outputs.auth_context }}
        include_screenshots: ${{ inputs.include_screenshots }}
        reduced_motion: ${{ inputs.reduced_motion }}
        color_scheme: ${{ inputs.color_scheme }}
    - name: File
      id: file
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/file
      with:
        findings: ${{ steps.find.outputs.findings }}
        repository: ${{ inputs.repository }}
        token: ${{ inputs.token }}
        cached_filings: ${{ steps.normalize_cache.outputs.value }}
        screenshot_repository: ${{ github.repository }}
    - if: ${{ steps.file.outputs.filings }}
      name: Get issues from filings
      id: get_issues_from_filings
      shell: bash
      run: |
        # Extract open issues from Filing objects and output as a single-line JSON array
        issues=$(jq -c '[.[] | select(.issue.state == "open") | .issue]' <<< '${{ steps.file.outputs.filings }}')
        echo "issues=$issues" >> "$GITHUB_OUTPUT"
    - if: ${{ inputs.skip_copilot_assignment != 'true' }}
      name: Fix
      id: fix
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/fix
      with:
        issues: ${{ steps.get_issues_from_filings.outputs.issues }}
        repository: ${{ inputs.repository }}
        token: ${{ inputs.token }}
    - name: Set results output
      id: results
      uses: actions/github-script@v8
      with:
        script: |
          const filings = ${{ steps.file.outputs.filings || '""' }} || [];
          const fixings = ${{ steps.fix.outputs.fixings || '""' }} || [];
          const fixingsByIssueUrl = fixings.reduce((acc, fixing) => {
            if (fixing.issue && fixing.issue.url) {
              acc[fixing.issue.url] = fixing;
            }
            return acc;
          }, {});
          const results = filings;
          for (const result of results) {
            if (result.issue && result.issue.url && fixingsByIssueUrl[result.issue.url]) {
              result.pullRequest = fixingsByIssueUrl[result.issue.url].pullRequest;
            }
          }
          core.setOutput('results', JSON.stringify(results));
          core.debug(`Results: ${JSON.stringify(results)}`);
    - if: ${{ inputs.include_screenshots == 'true' }}
      name: Save screenshots
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/gh-cache/save
      with:
        path: .screenshots
        token: ${{ inputs.token }}
    - name: Save cached results
      uses: ./../../_actions/github/accessibility-scanner/current/.github/actions/gh-cache/cache
      with:
        key: ${{ inputs.cache_key }}
        value: ${{ steps.results.outputs.results }}
        token: ${{ inputs.token }}

branding:
  icon: "compass"
  color: "blue"