A CI/CD pipeline automates your software delivery process. The pipeline builds code, runs tests (CI), and safely deploys a new version of the application (CD).
Automated pipelines remove manual errors, provide standardized feedback loops to developers, and enable fast product iterations to keep up with the modern pace of software development.
The following steps allow organizations to automatically scan pre-production releases of their mobiles apps using existing developer tools and processes. DevOps can fully automate the SDLC by integrating our API to existing CI/CD tools such as Travis CI, Jenkins, Bitrise, fastlane, Xcode server, etc.
First, you will need to retrieve your organization's Upload API key from the portal, at https://www.securetheorem.com/sdlc/api_access within the “API Key” section:
Most CI/CD systems (Travis CI, Bitrise, CircleCI, etc.) allow running a bash script as a step within the CI pipeline. A new step should be added at the end of your existing mobile pipeline to upload the signed application binary (APK or IPA) to Data Theorem.
This new upload step requires:
The Upload API key retrieved in step 1 to be available in the CI system via the
DT_UPLOAD_API_KEY
environment variable.
The path to the compiled and signed mobile binary to be available in the CI system via the
SIGNED_BINARY_PATH
environment variable.
The following bash script can then be used as the upload step:
Once the CI/CD uploads are enabled, pre-production scans will be completed automatically. Please note:
Scan alerts will still be sent when pre-production scans start and complete
Public app store releases will still be scanned as well
All results will be published to the portal (where pre-prod apps are labeled as “PreProd”)
Request a custom demo so you can be sure it's seamless for your pipeline
Sign up for a 30-day trial