SKILL

CI Integration

CI/CD accessibility pipeline patterns with axe-core CLI, SARIF output, PR annotations, baseline management, and multi-platform CI templates.

Published by @Community-Access·0 agent reads / 30d·0 saves·

Skill: CI Integration

Domain: CI/CD accessibility pipeline configuration
Agents that use this skill: ci-accessibility, web-accessibility-wizard, accessibility-lead

Purpose

Patterns, templates, and reference data for integrating automated accessibility scanning into CI/CD pipelines. Covers axe-core CLI, Lighthouse CI, SARIF output, baseline management, and multi-platform configuration.

axe-core CLI Reference

Installation

npm install --save-dev @axe-core/cli

WCAG 2.2 AA Tag Set

npx axe <url> --tags wcag2a,wcag2aa,wcag21a,wcag21aa,wcag22aa

Output Formats

FlagOutput
--reporter jsonJSON results to stdout
--reporter sarifSARIF format for code scanning
--reporter htmlHuman-readable HTML report
--save <file>Save results to file

Exit Codes

CodeMeaning
0No violations found
1Violations found
2Error running scan

Baseline Pattern

Purpose

Without a baseline, every legacy violation fails CI, making adoption impossible on brownfield apps. With a baseline, CI gates only prevent regressions.

Baseline File Schema (axe-baseline.json)

{
  "version": "1.0",
  "timestamp": "2026-03-22T00:00:00Z",
  "tool": "@axe-core/cli",
  "tags": "wcag2a,wcag2aa,wcag21a,wcag21aa,wcag22aa",
  "violations": {
    "color-contrast": { "count": 12, "pages": ["index.html", "about.html"] },
    "image-alt": { "count": 3, "pages": ["gallery.html"] },
    "label": { "count": 5, "pages": ["contact.html", "signup.html"] }
  },
  "total": 20
}

Comparison Logic

current_violations = run_axe_scan()
baseline = load("axe-baseline.json")

new_violations = current_violations - baseline
if new_violations.count > 0:
    FAIL PR — "N new accessibility violations introduced"
else:
    PASS — "No new violations (M existing in baseline)"

GitHub Actions Template

name: Accessibility Check
on:
  pull_request:
    paths: ['**/*.html', '**/*.jsx', '**/*.tsx', '**/*.vue', '**/*.svelte']

jobs:
  a11y:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: 22 }
      - run: npm ci
      - run: npx axe $(git diff --name-only HEAD~1 --diff-filter=ACMR -- '*.html' | tr '\n' ' ') --tags wcag2a,wcag2aa,wcag21a,wcag21aa,wcag22aa --reporter json --save results.json
      - name: Check results
        run: |
          violations=$(jq '[.[].violations[]] | length' results.json)
          echo "Found $violations violations"
          if [ "$violations" -gt 0 ]; then exit 1; fi

SARIF Integration

SARIF (Static Analysis Results Interchange Format) enables inline annotations in GitHub PR diffs.

Upload Step

- uses: github/codeql-action/upload-sarif@v3
  with:
    sarif_file: results.sarif
    category: accessibility

Benefits

  • Violations appear as inline annotations on the exact lines in the PR diff
  • Results visible in the Security → Code Scanning tab
  • Tracks violation trends over time
  • Supports dismissal workflow for false positives

Gating Strategies

StrategyBlocks OnBest For
StrictAny violation (all severities)New greenfield projects
StandardCritical + Serious onlyActive projects with good a11y baseline
BaselineNew violations only (regression)Brownfield adoption, legacy codebases
WarningNever blocks, comments onlyAwareness phase, gradual adoption

Multi-Platform Templates

Azure DevOps

trigger:
  paths:
    include: ['**/*.html', '**/*.jsx', '**/*.tsx']

pool:
  vmImage: 'ubuntu-latest'

steps:
  - task: NodeTool@0
    inputs: { versionSpec: '22.x' }
  - script: npm ci && npx axe $(Build.SourcesDirectory)/index.html --tags wcag2a,wcag2aa
    displayName: 'Accessibility Scan'

GitLab CI

accessibility:
  image: node:22
  script:
    - npm ci
    - npx axe $CI_PROJECT_DIR/index.html --tags wcag2a,wcag2aa
  only:
    changes: ['**/*.html', '**/*.jsx', '**/*.tsx']

Severity Mapping

axe-core ImpactCI PriorityAction
criticalp1-blockerMust block merge
seriousp2-highShould block merge
moderatep3-mediumWarn in PR comment
minorp4-lowInfo only

More on the bench

SKILL0

Gdpr Dsgvo Expert

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests with Art. 12(3) one-month deadlines. Use when running GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, or data subject rights (DSAR) management (e.g., 'check this service for GDPR risks', 'track an access request deadline'). Final compliance determinations route to the DPO or legal counsel.

Alireza Rezvani
compliance+2
0
SKILL0

Ms365 Tenant Manager

Microsoft 365 tenant administration for Global Administrators. Automate M365 tenant setup, Office 365 admin tasks, Azure AD user management, Exchange Online configuration, Teams administration, and security policies. Generate PowerShell scripts for bulk operations, Conditional Access policies, license management, and compliance reporting. Use for M365 tenant manager, Office 365 admin, Azure AD users, Global Administrator, tenant configuration, or Microsoft 365 automation.

Alireza Rezvani
operations+2
0
SKILL0

Ship Gate

Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.

Alireza Rezvani
software-engineering+2
0