Integration with CI/CD Pipelines
Integration with CI/CD Pipelines
GitHub Actions Security Headers Test
name: Security Headers Test
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 */6 * * *' # Every 6 hours
jobs:
security-headers-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Node.js
uses: actions/setup-node@v2
with:
node-version: '16'
- name: Install dependencies
run: |
npm install axios chalk puppeteer
- name: Start application
run: |
npm run build
npm start &
sleep 10 # Wait for server to start
- name: Run security headers tests
run: |
node tests/security-headers-test.js
env:
TEST_URL: http://localhost:3000
- name: Upload test results
if: always()
uses: actions/upload-artifact@v2
with:
name: security-headers-report
path: security-headers-report.json
- name: Check security score
run: |
SCORE=$(cat security-headers-report.json | jq '.score')
echo "Security Score: $SCORE"
if [ $SCORE -lt 80 ]; then
echo "Security score too low!"
exit 1
fi
- name: Comment PR
if: github.event_name == 'pull_request'
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const report = JSON.parse(fs.readFileSync('security-headers-report.json', 'utf8'));
const comment = `## Security Headers Test Results
**Score: ${report.score}/100**
### Summary
- ✅ Passed: ${report.passed}
- ⚠️ Warnings: ${report.warnings}
- ❌ Failed: ${report.failed}
### Details
${report.details.map(d => `- ${d}`).join('\n')}
`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});