Pantheon Quicksilver Example

Triggering an accessibility scan on deploy.

Pantheon is a popular host for Drupal and WordPress projects. They provide the ability to execute commands as part of the deployment process using a system called Quicksilver.

The example below will trigger a scan for any Pantheon environment that has a valid site id and token in the /files/private/secrets.json file.

Step 1

Set up the Pantheon environment you would like to scan as a site in tidyDOM. This can be your production site, your dev or staging site, or any multidev environment.

Step 2

Add the generic webhook integration to the site, making note of the URL generated.

Step 3

If you are not already using a secrets.json file with Pantheon, create a new one. Otherwise, you will add keys to your existing JSON file. Use the contents shown at the bottom of the page, substituting your own values for tidydom_site_id and tidydom_webhook_token.

Upload the file using SFTP to the /files/private directory.

Note that if you copy the files from this environment to another, you will need to update or remove the secrets.json file in the destination environment.

Step 4

Add the pantheon.yml and /private/scripts/tidydom.php files to your codebase, and push the updates to the environment you have configured.

Going forward, after you push code to this environment, a tidyDOM accessibility scan will be started.

Example files


# Put overrides to your pantheon.upstream.yml file here.
# For more information, see:
api_version: 1
      - type: webphp
        description: Scan for Accessibility Issues on Deploy
        script: private/scripts/tidydom.php



function loadSecrets() {
  $secretsFile = $_SERVER['HOME'].'/files/private/secrets.json';

  if (!file_exists($secretsFile)) {
    throw new \Exception("No secrets file found");

  $secretsContents = file_get_contents($secretsFile);

  $secrets = json_decode($secretsContents, 1);

  if ($secrets == false) {
      die('Could not parse json in secrets file.');

  $missing = array_diff(['tidydom_site_id', 'tidydom_webhook_token'], array_keys($secrets));
  if (!empty($missing)) {
    throw new \Exception('Missing required keys in json secrets file: '.implode(',', $missing).'.');

  return $secrets;

try {
  $secrets = loadSecrets();

  $url = "{$secrets['tidydom_site_id']}/scan/{$secrets['tidydom_webhook_token']}";
  $payload['source'] = 'Pantheon: ' . $_ENV['PANTHEON_ENVIRONMENT'];
  $payload = http_build_query($payload);

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $url);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_TIMEOUT, 10);
  print("\n==== Posting to Webhook URL ====\n");
  $result = curl_exec($ch);
  print("RESULT: $result");
  print("\n===== Post Complete! =====\n");
} catch (\Exception $e) {
  print("\n==== Skipping: " . $e->getMessage() . " ====\n");


For webhook url
  "tidydom_site_id": "3QdjF5",
  "tidydom_webhook_token": "0c16e69038f8d46fdcfb9c832235af199ce9dad14ae625e0401c9daa13c0cef5"