Skip to content
polyspace-actions

GitHub Action

polyspace-findings

24.2.1 Latest version

polyspace-findings

polyspace-actions

polyspace-findings

Provides an entry point to analysis results without GitHub Advanced Security enabled

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: polyspace-findings

              
  uses: polyspace-actions/polyspace-findings@24.2.1
Learn more about this action in polyspace-actions/polyspace-findings

Choose a version

Action for Reviewing Polyspace Analysis Results

The polyspace-findings action enables you to add information about Polyspace® analysis findings to your commit when you push changes to the repository or to your pull request. The action supports only self-hosted runners.

Examples

Add Analysis Results as Annotation in Your Commit

Use this action to start an analysis every time you push your changes to any branch on the repository. Polyspace then shows the results as annotations in the pull request.

name: Run Polyspace analysis on PR
on: [push]
  branches:
    - '**' #All branches
jobs:
  my-job:
    name: Run analysis
    runs-on: self-hosted

    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Generate compilation database
      uses: cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .
    - name: Analyze pull request
      uses: polyspace-actions/polyspace-bug-finder@24.2.0
      with:
        compilation-database-file: compile_commands.json
        checkers-file: checkers.xml
        sarif-file: results.sarif

    - name: Annotate the findings to the commit
      uses: polyspace-actions/polyspace-findings@24.2.0
      with:
        sarif-file: results.sarif

polyspace-findings

When you define your workflow in the .github/workflows folder of your repository, specify this action as polyspace-actions/polyspace-findings@24.2.0.

The action accepts these inputs. Unless otherwise specified, the inputs are optional.

Input Description
sarif-file Path of the generated SARIF file. The default name of the results file is results.sarif.
github-token Access token generated by Github for authentication in the workflow job. Polyspace uses the token to authenticate when adding annotations to a commit. The default value for this input is ${{ github.token }}. This input is mandatory.
set-commit-status When you set this input to true, Polyspace sets the status of the commit to PASS if there are no findings or FAIL if the SARIF results file contains findings. The default value of this input is true.
comment-commit-findings When you set this input to true, Polyspace adds a comment under the commit. Polyspace also adds each result finding as an annotation on the line of code where the finding occurs in the diff view. The default value of this input is true.
review-status Type of review posted in a pull request. Valid values are REQUEST_CHANGES or COMMENT. The default value of this input is COMMENT.
comment-pull-request-findings When you set this input to true, Polyspace adds analysis findings to the pull request as reviews. Since new pulls requests do not overwrite previous reviews, the diff view might end up containing many findings. The default value of this input is false.
pull-request-number Pull request number that the analysis runs on. This input evaluates to none if the action runs in a different context. If you do not specify a pull request number, the action uses the default value ${{ github.event.pull_request.number }}.

See Also

Contact Us

If you have any questions or suggestions, please contact MathWorks® at continuous-integration@mathworks.com.