Website Evidence Collector Pipline

 Posted on May 25, 2024  |  2 minutes  |  382 words  |  Stefan Zils

Business Case Evidence Collector

In January, I mentioned that the European Union offers a free GDPR compliance checker.

Small and medium-sized businesses can benefit greatly from using their websites as digital business cards. For example, I enjoy receiving feedback and knowing that people appreciate my posts. Actively tracking website visitors is too time-consuming for me. There are other marketing activities that are more target-oriented.

When the EU introduced laws about cookie banners, I found it daunting to comply. However, I realized it was a chance to rethink my marketing strategies and ensure user privacy. This shift empowered me to understand that I do not have to track every visitor to be successful. This realization has inspired me, and I can do the same for you.

Hugo does not create cookies by default. I will ensure that future updates only create cookies with my permission. Web design is not my main focus. As a hands-on architect, I need to stay updated on the latest techniques. Even open-source software can change key quality features over time, so I will verify cookie compliance after each deployment.

GitHub Actions Job

Since I only write a limited number of posts or articles per quarter, I do not have to consider the execution times.

The GitHub action includes:

  • Installing the latest version of the Website Evidence Collector.
  • Running the tool.
  • Storing the result on GitHub for ten days.
  • Terminate the job if one or more cookies are discovered. The GitHub platform automatically triggers error notifications.

GitHub Job collect-evidence

  collect-evidence:
    runs-on: ubuntu-latest
    needs: deploy.....

    steps:
      - name: Install jq
        run: |
          sudo apt-get install jq
          sudo wget https://github.com/mikefarah/yq/releases/download/v4.6.1/yq_linux_amd64 -O /usr/bin/yq && sudo chmod +x /usr/bin/yq          

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
            node-version: '18'

      - name: Install Cypress
        run: npm install cypress

      - name: Install Website Evidence Collector
        run: npm install --global https://github.com/EU-EDPS/website-evidence-collector/tarball/latest

      - name: Collect evidence from websites
        id: collect-eifel42
        run: |
          website-evidence-collector -y -q --no-output https://www.eifel42.dev/ > eifel42.yaml
          yq e -j eifel42.yaml > eifel42.json          
  
      - name: Upload evidence
        uses: actions/upload-artifact@v4.3.3
        with:
          name: evidence
          path:  |
            eifel42.yaml             
        
      - name: Check cookies eifel42
        run: |
            isEmpty=$(jq '.cookies | length == 0' eifel42.json)
            if [ "$isEmpty" = "true" ]; then
              echo "Cookies array is empty"
            else
              echo "Cookies array is not empty"
              exit -1
            fi

Resources

Example of website-evidence-collector output