tobyash86 · tobyash86 · Sep 18, 2025
diff --git a/.github/workflows/dottest_autofix.yml b/.github/workflows/dottest_autofix.yml
@@ -0,0 +1,86 @@
+# This workflow runs Parasoft dotTEST to analyze code
+# and display results with Github code scanning alerts.
+# Parasoft dotTEST is a testing tool that provides code analysis techniques
+# to improve code quality and ensure compliance with industry standards.
+# See https://github.com/parasoft/run-dottest-action for more information.
+
+name: Parasoft dotTEST Code Analysis
+
+on:
+  # Allows you to run this workflow manually from the Actions tab.
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel.
+jobs:
+  # This workflow is made up of one job "run-dottest-action".
+  run-dottest-action:
+    # Specifies the name of the job.
+    name: Run code analysis with dotTEST
+
+    # Specifies required permissions for upload-sarif action
+    permissions:
+      # required for all workflows
+      security-events: write
+      # only required for workflows in private repositories
+      actions: read
+      contents: read
+
+    # Specifies the type of runner that the job will run on.
+    runs-on: self-hosted
+
+    # Steps represent a sequence of tasks that will be executed as part of the job.
+    steps:
+
+    # Checks out your repository, so that your job can access it.
+    - name: Check out code
+      uses: actions/checkout@v4
+
+    # ---------------------------------------------------------------
+    # Runs code analysis with dotTEST and generates a .sarif report.
+    - name: Run Parasoft dotTEST
+      id: dottest
+      uses: parasoft/[email protected]
+      with:
+        # Path to the dotTEST installation directory, which contains dottestcli.exe. If not specified, dottestcli.exe will be searched for on PATH.
+        #installDir: # optional
+        # Path to the project to be analyzed when no solution is provided. Specify a semicolon-separated list of paths to analyze many projects. Supports ANT-style wildcards.
+        testConfig: Recommended Rules
+        #settings: # optional
+        # A single configuration setting in the "key=value" format.
+        #property: # optional
+        # Solution configuration, e.g. "Debug".
+        #solutionConfig: Debug
+        # Target platform of the solution configuration (e.g."Any CPU") or project configuration (e.g. "AnyCPU").
+        #targetPlatform: "Any CPU"
+        # Path to the location where console output is saved.
+        #out: ${{ github.workspace }}/.dottest/report/${{ github.run_number }}/output.txt
+
+    # ---------------------------------------------------------------
+    # Uploads an archive that includes all report files (.xml, .html, .sarif).
+    - name: Upload report artifacts
+      uses: actions/upload-artifact@v3
+      if: always()
+      with:
+        name: Report files
+        path: ${{ steps.dottest.outputs.reportDir }}/*.*
+
+    # ---------------------------------------------------------------
+    # Uploads analysis results in the SARIF format, so that they are displayed as GitHub code scanning alerts.
+    - name: Upload results to GitHub
+      uses: github/codeql-action/upload-sarif@v3
+      if: always()
+      with:
+        sarif_file: ${{ steps.dottest.outputs.report }}
+
+
+    # ---------------------------------------------------------------
+    # Runs code autofix
+    - name: Run code autofix
+      if: always()
+      shell: bash
+      run: |
+        python "${{ steps.dottest.outputs.installDir }}/integration/aider/DottestAutoFix.py" \
+          --report "${{ steps.dottest.outputs.report }}" \
+          --tool-home "${{ steps.dottest.outputs.installDir }}" \
+          --solution "${{ steps.dottest.outputs.solution }}" \
+          --fix-limit 3