Skip to content
play

GitHub Action

UTBot static code analysis

v1.0.0 Latest version

UTBot static code analysis

play

UTBot static code analysis

The GitHub action for generating tests and creating SARIF reports based on UTBotJava

Installation

Copy and paste the following snippet into your .yml file.

              

- name: UTBot static code analysis

uses: UnitTestBot/[email protected]

Learn more about this action in UnitTestBot/UTBotJava-action

Choose a version

UTBotJava-action

You want to reduce extra moves and save some time in your working process. We have an action for that!

See: now you can initiate unit tests generation and SARIF report creation right into GitHub with the UTBotJava engine.

The action imports the SARIF output into your GitHub repository and creates the Security Code Scanning Alerts section, where you can find all code errors displayed.

Sounds pretty cool, and it really is! 😃

How to use

  1. Start with applying the UTBot gradle plugin to your project.
  2. Then, create the workflow with UTBotJava-action. Simple workflow example:
name: "Run UTBotJava-action"

on: [push]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v2

    - name: Setup Java
      uses: actions/setup-java@v2
      with:
        distribution: adopt
        java-version: 8

    - name: Setup Gradle
      uses: gradle/gradle-build-action@v2
      with:
        gradle-version: 6.8

    - name: Run UTBotJava-action
      uses: UnitTestBot/UTBotJava-action@v1
  1. Check the Security Code Scanning Alerts to see the detected errors.

Inputs

Here are the input data parameters for the UTBotJava-action:

Name Description Options Default value
pushTests Push generated tests to the repository or not - true
targetClasses Classes for which the SARIF report will be created - all
generatedTestsRelativeRoot Relative path (against repository root) to the root of the generated tests. - .utbot/test
testFramework The name of the test framework to be used junit4, junit5, testng junit5
generationTimeout Time budget for generating tests for one class (in milliseconds) - 60000
codegenLanguage The language of the generated tests java, kotlin java
mockStrategy The mock strategy to be used no-mocks, other-packages, other-classes other-packages
staticsMocking Use static methods mocking or not do-not-mock-statics, mock-statics mock-statics
forceStaticMocking Forces mocking static methods and constructors for classesToMockAlways classes or not force, do-not-force. force
classesToMockAlways Classes to force mocking theirs static methods and constructors - some internal classes

Workflow example:

📍 Important note: in this case, GitHub displays errors in the Pull Request Checks section.

name: "Run UTBotJava-action"

on: [pull_request]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v2
      with:
        # required if you want to push generated tests in your pull request
        ref: ${{ github.head_ref }}

    - name: Setup Java
      uses: actions/setup-java@v2
      with:
        distribution: adopt
        java-version: 8

    - name: Setup Gradle
      uses: gradle/gradle-build-action@v2
      with:
        gradle-version: 6.8

    - name: Run UTBotJava-action
      uses: UnitTestBot/UTBotJava-action@v1
      with:
        pushTests: 'true'
        targetClasses: '[com.github.username.SomeClass, com.github.username.AnotherClass]'
        generatedTestsRelativeRoot: 'src/test'
        testFramework: 'testng'
        generationTimeout: 50000  # ms
        codegenLanguage: 'kotlin'
        mockStrategy: 'other-classes'
        staticsMocking: 'do-not-mock-statics'
        forceStaticMocking: 'do-not-force'
        classesToMockAlways: '[java.util.Random]'

Manual trigger configuration

Apart from the automatic action, you can also create a workflow with a Run workflow button that will let you launch the action manually. Like this:

image

How to do this? Find a step-by-step instruction in the example repository. 😉