WIth UnitTestBot GitHub Action you can generate and run unit tests for your project directly on GitHub — and get the SARIF report.

1. On GitHub.com, navigate to the main page of the repository. Under your repository name, select Settings. In the left sidebar, select Actions > General.

Scroll down and select Allow GitHub Actions to create and approve pull requests.

2. Create a .github/workflows directory in your GitHub repository with a .yml file in it:

name: "UnitTestBot code analysis"

on:
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    permissions: write-all
    steps:
      - name: UTBot code analysis
        uses: UnitTestBot/UTBotCpp-action@test-1.0.26
        with:
          add_tests: 'true'
          refresh_tests: 'false'
          utbot_version: '2022.12.0'
          scope: 'project'

Make sure you use the up to date versions:

• uses: UnitTestBot/UTBotCpp-action@[version]} — for UnitTestBot GitHub Action
• utbot_version: '[version]' — for the UnitTestBot engine

3. To run the workflow, under your repository name, select Actions, then choose the UnitTestBot workflow.

In the Run workflow dropdown section, select the branch to use the workflow from. Press Run workflow.

UnitTestBot GitHub Action creates a new project branch named like utbot-code-analysis-[short-commit-hash] and a pull request to a branch where you ran the workflow.

In this new branch, two new folders appear:

• the tests folder contains the generated tests with the related files,
• the utbot_report folder contains the SARIF report for a project (project_code_analysis.sarif) as well as the generation statistics.

To view the alerts, under your repository name, select Security, and in the left sidebar, select Code scanning.

View and manage code analysis results with the standard GitHub tools.