name: Accessibility on: pull_request: branches: [main] env: GIT_SSL_NO_VERIFY: "true" NODE_TLS_REJECT_UNAUTHORIZED: "0" jobs: # =========================================================================== # Job 1: axe-playwright — WCAG AA violations via @axe-core/playwright # =========================================================================== axe-playwright: name: axe-playwright runs-on: ubuntu-latest timeout-minutes: 20 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Node uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 with: node-version: "20" cache: "npm" cache-dependency-path: package-lock.json - name: Set up Go uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 with: go-version: "1.24" cache-dependency-path: veza-backend-api/go.sum - name: Install dependencies run: npm ci - name: Add veza.fr to hosts run: echo "127.0.0.1 veza.fr" | sudo tee -a /etc/hosts - name: Start backend services (Postgres, Redis, RabbitMQ) run: | docker compose up -d postgres redis rabbitmq echo "Waiting for Postgres..." for i in $(seq 1 30); do if docker exec veza_postgres pg_isready -U veza 2>/dev/null; then echo "Postgres ready" break fi sleep 2 done docker compose ps - name: Run database migrations env: DATABASE_URL: postgresql://veza:devpassword@localhost:15432/veza?sslmode=disable run: | cd veza-backend-api go run cmd/migrate_tool/main.go - name: Start backend API env: APP_ENV: development APP_PORT: "18080" DATABASE_URL: postgresql://veza:${{ secrets.E2E_DB_PASSWORD || 'devpassword' }}@localhost:15432/veza?sslmode=disable REDIS_URL: redis://localhost:16379 JWT_SECRET: ${{ secrets.E2E_JWT_SECRET }} COOKIE_SECURE: "false" CORS_ALLOWED_ORIGINS: http://veza.fr:5174,http://localhost:5174 RABBITMQ_URL: ${{ secrets.E2E_RABBITMQ_URL }} DISABLE_RATE_LIMIT_FOR_TESTS: "true" run: | cd veza-backend-api go build -o veza-api ./cmd/api/main.go ./veza-api & sleep 10 curl -sf http://localhost:18080/api/v1/health > /tmp/health.json || (echo "Backend health check failed"; exit 1) jq -e '.status == "ok"' /tmp/health.json || (echo "Health response invalid"; exit 1) echo "Health check OK" - name: Install Playwright Browsers (chromium only) run: npx playwright install --with-deps chromium - name: Run @a11y E2E tests run: npx playwright test --config=tests/e2e/playwright.config.ts --grep @a11y --project=chromium env: PORT: "5174" VITE_API_URL: "/api/v1" VITE_DOMAIN: veza.fr VITE_BACKEND_PORT: "18080" PLAYWRIGHT_BASE_URL: "http://localhost:5174" - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 if: failure() with: name: axe-playwright-report path: | tests/e2e/playwright-report/ tests/e2e/test-results/ retention-days: 7 # =========================================================================== # Job 2: lighthouse-ci — Performance & Accessibility scoring # =========================================================================== lighthouse-ci: name: lighthouse-ci runs-on: ubuntu-latest timeout-minutes: 20 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Node uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0 with: node-version: "20" cache: "npm" cache-dependency-path: package-lock.json - name: Set up Go uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 with: go-version: "1.24" cache-dependency-path: veza-backend-api/go.sum - name: Install dependencies run: npm ci - name: Add veza.fr to hosts run: echo "127.0.0.1 veza.fr" | sudo tee -a /etc/hosts - name: Start backend services (Postgres, Redis, RabbitMQ) run: | docker compose up -d postgres redis rabbitmq echo "Waiting for Postgres..." for i in $(seq 1 30); do if docker exec veza_postgres pg_isready -U veza 2>/dev/null; then echo "Postgres ready" break fi sleep 2 done docker compose ps - name: Run database migrations env: DATABASE_URL: postgresql://veza:devpassword@localhost:15432/veza?sslmode=disable run: | cd veza-backend-api go run cmd/migrate_tool/main.go - name: Start backend API env: APP_ENV: development APP_PORT: "18080" DATABASE_URL: postgresql://veza:${{ secrets.E2E_DB_PASSWORD || 'devpassword' }}@localhost:15432/veza?sslmode=disable REDIS_URL: redis://localhost:16379 JWT_SECRET: ${{ secrets.E2E_JWT_SECRET }} COOKIE_SECURE: "false" CORS_ALLOWED_ORIGINS: http://veza.fr:5174,http://localhost:5174 RABBITMQ_URL: ${{ secrets.E2E_RABBITMQ_URL }} DISABLE_RATE_LIMIT_FOR_TESTS: "true" run: | cd veza-backend-api go build -o veza-api ./cmd/api/main.go ./veza-api & sleep 10 curl -sf http://localhost:18080/api/v1/health > /tmp/health.json || (echo "Backend health check failed"; exit 1) jq -e '.status == "ok"' /tmp/health.json || (echo "Health response invalid"; exit 1) echo "Health check OK" - name: Start Vite dev server run: | cd apps/web npm run dev -- --host 127.0.0.1 --port 5174 & echo "Waiting for Vite dev server..." for i in $(seq 1 30); do if curl -sf http://localhost:5174 >/dev/null 2>&1; then echo "Vite dev server ready" break fi sleep 2 done curl -sf http://localhost:5174 >/dev/null || (echo "Vite dev server failed to start"; exit 1) env: VITE_API_URL: "/api/v1" VITE_DOMAIN: veza.fr VITE_BACKEND_PORT: "18080" - name: Run Lighthouse CI uses: treosh/lighthouse-ci-action@v12 with: configPath: ./.lighthouserc.js uploadArtifacts: true temporaryPublicStorage: true