Skip to main content
Teams+

GitHub Actions

To simplify setting up DCM on GitHub, install dedicated GitHub actions: setup-dcm and dcm-action.

setup-dcm

setup-dcm installs and sets up DCM for use in GitHub Actions.

Usage Example

name: DCM

on:
pull_request:
branches: [main]
push:
branches: [main]

jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Install Dart and Flutter
uses: subosito/flutter-action@v2

- name: Install dependencies
run: flutter pub get

- name: Install DCM
uses: CQLabs/setup-dcm@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: Run DCM
run: dcm analyze --ci-key="${{ secrets.DCM_CI_KEY }}" --email="${{ secrets.DCM_EMAIL }}" lib
info

Even though DCM is no longer an analyzer plugin, it's important to install dependencies via pub get before running dcm checks.

Alternatively, you can install DCM on your CI directly
- name: Install DCM
run: |
sudo apt-get update
wget -qO- https://dcm.dev/pgp-key.public | sudo gpg --dearmor -o /usr/share/keyrings/dcm.gpg
echo 'deb [signed-by=/usr/share/keyrings/dcm.gpg arch=amd64] https://dcm.dev/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list
sudo apt-get update
sudo apt-get install dcm

Inputs

The action takes the following inputs:

  • github_token: Used to get the latest DCM version from GitHub releases (required).
  • version: Which DCM version to setup:
    • A specific DCM version (e.g. 1.21.2)
    • or latest (default)
    • or auto (to reuse the version constraint from dcm_global.yaml described here)

Outputs

The action produces the following output:

  • dcm-version: The version of the DCM executable that was installed.

dcm-action

dcm-action runs DCM checks in GitHub Actions. It can also add a comment with dcm checks status to your Pull Requests.

info

This action requires write permissions for checks and pull-requests. For more information, refer to GitHub docs here and here.

Usage Example (combined with setup-dcm)

name: DCM

on:
pull_request:
branches: [main]
push:
branches: [main]

jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Install Dart and Flutter
uses: subosito/flutter-action@v2

- name: Install dependencies
run: flutter pub get

- name: Install DCM
uses: CQLabs/setup-dcm@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: Run DCM
uses: CQLabs/dcm-action@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
ci_key: ${{ secrets.DCM_CI_KEY }}
email: ${{ secrets.DCM_EMAIL }}
folders: lib
warning

working-directory option works only for run steps and has no effect when used with an action. You can find more info in GitHub docs.

Inputs

The action takes the following inputs:

NameRequiredDescriptionDefault
github_token☑️Required to post a report on GitHub. Note: the secret GITHUB_TOKEN is already provided by GitHub and you don't have to set it up yourself.
github_patRequired if you had private GitHub repository in the package dependenciesPersonal access token must have access to repo and read:user scopes
ci_key☑️License key to run on CI server.
email☑️Email used to purchase the license.
foldersList of folders and files (separated by commas) to scan.[lib]
pull_request_commentPublish report overview directly into your pull request.true
pull_request_comment_on_failPublish report overview directly into your pull request only when any DCM check fails. When this option is enabled, pull_request_comment needs to be explicitly set to false.false
package_namePackage name to differentiate the report. Set when running several DCM runs at once.
fatal_styleTreat style level issues as fatal.true
fatal_warningsTreat warning level issues as fatal.true

If you have a DCM Open Source license, pass oss to both CI key and email inputs.

Outputs

Action Console

Action console

PR Summary

PR summary

PR Comment

PR comment