Skip to content
/ ci-cd_test Public

Security/Accessibility Test Results using LighthouseCI and Dastardly with using Jenkins for SCM scheduled runs, and CD with GitHub Actions and Vercel.

ci-cdtest.vercel.app/

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bugnificent/ci-cd_test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

93 Commits
.github/workflows
.github/workflows
 
 
SoftLand
SoftLand
 
 
.gitignore
.gitignore
 
 
Jenkinsfile
Jenkinsfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
lighthouserc.js
lighthouserc.js
 
 
scroll.js
scroll.js
 
 

Repository files navigation

Portfolio CI/CD Pipeline 🚀

This repository contains a CI/CD pipeline for deploying a personal portfolio website, integrating Lighthouse CI for performance & accessibility auditing, and Dastardly for security vulnerability scanning. The setup ensures high-quality and secure web deployments using GitHub Actions, Jenkins and Vercel.

🌟 Features

  • Automated performance, SEO, and accessibility testing using Lighthouse CI.
  • Security vulnerability scanning with Dastardly by PortSwigger.
  • CI/CD pipeline to deploy the website automatically on Vercel after each successful scan.
  • Artifacts generation for security reports.

📂 Lighthouse CI Configuration

The Lighthouse CI configuration is defined in lighthouserc.js:

module.exports = {
  ci: {
    collect: {
      staticDistDir: './', // Replace with the path to your built files or if using Node.js, adjust package.json
    },
    upload: {
      target: 'temporary-public-storage', // Use public storage or setup server
    },
  },
};

📊 Generated Artifacts

  • Lighthouse CI will generate temporary reports for accessibility, performance, and SEO as HTML reports for better visualization.
  • Dastardly will generate an XML report that contains detected security vulnerabilities in the application.

📄 GitHub Actions CI/CD Pipeline

The pipeline is defined in .github/workflows/ci-cd.yml.
It consists of two jobs:

1. Lighthouse CI and Dastardly Scan

  • Runs Lighthouse CI for performance audits.
  • Runs Dastardly to generate an XML report for security vulnerabilities.
  • Uploads the scan reports as artifacts.

2. Deploy to Vercel (only if the first job succeeds)

  • Deploys the site to Vercel.
  • If on main branch, deploys production build.
  • Adds deployment URL as a comment in PR.

🔋 How to Run Locally

If you want to run Lighthouse CI locally, follow these steps:

npm install -g @lhci/cli@0.14.x
lhci autorun

🚀 Deployment

The website is automatically deployed to Vercel on each push/PR to the main branch. The deployment URL will be added as a comment in the PR.

🔑 Required Secrets

Ensure the following GitHub Secrets are configured for a successful pipeline:

  • LHCI_GITHUB_APP_TOKEN → Required for Lighthouse CI authentication.
  • VERCEL_TOKEN → Required for Vercel deployment.
  • VERCEL_ORG_ID & VERCEL_PROJECT_ID → Identifies the Vercel project.

🛠️ Technologies Used

  • Jenkins
  • GitHub Actions
  • Lighthouse CI
  • Dastardly (PortSwigger)
  • Node.js
  • Vercel (Deployment)

📚 License

This project is licensed under the MIT License.

📩 Contact

For any issues or questions, feel free to open an issue or reach out via yusufasik.com.

About

Security/Accessibility Test Results using LighthouseCI and Dastardly with using Jenkins for SCM scheduled runs, and CD with GitHub Actions and Vercel.

ci-cdtest.vercel.app/

Topics

jenkins github-actions vercel lhci dastardly

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v1.0 Latest
Mar 22, 2025

Packages

No packages published

Languages