CI Gate¶
The CI gate script provides pass/fail exit codes for continuous integration pipelines, enforcing minimum audit scores and priority thresholds.
Usage¶
Options¶
| Flag | Default | Description |
|---|---|---|
--scores |
Required | Path to scores JSON from calculate-score.py |
--threshold |
70 |
Minimum overall score to pass |
--fail-on |
P0 |
Fail if any findings at this priority or higher |
--category-thresholds |
None | Per-category minimums (e.g. seo:80,security:70) |
Exit Codes¶
| Code | Meaning |
|---|---|
0 |
Pass -- score meets threshold and no priority findings |
1 |
Fail -- overall score below threshold |
2 |
Fail -- findings at or above the fail-on priority level |
GitHub Actions Example¶
name: Site Audit
on:
push:
branches: [main]
schedule:
- cron: '0 6 * * 1' # Weekly Monday 6am
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Fetch page
run: curl -sL https://mysite.com -o page.html
- name: Analyse
run: |
python scripts/analyse-html.py page.html \
--url https://mysite.com \
--profile quick \
> analysis.json
- name: Score
run: python scripts/calculate-score.py analysis.json > scores.json
- name: Gate
run: python scripts/ci_gate.py --scores scores.json --threshold 75 --fail-on P0
Per-Category Thresholds¶
Enforce different minimums per category:
python scripts/ci_gate.py \
--scores scores.json \
--threshold 70 \
--category-thresholds "seo:80,security:75,accessibility:85" \
--fail-on P1
The gate fails if any specified category falls below its threshold, even if the overall score passes.
Integration Tips¶
- Start with
--threshold 50 --fail-on P0and gradually raise - Use
--fail-on P1once all P0 issues are resolved - Per-category thresholds let you enforce security standards independently
- Schedule weekly audits in addition to push-triggered checks