...
Note: if your project does not yet have a pipeline, please refer to Bitbucket’s documentation on how to create one to build your application, before continuing with this guide
Step 1:
...
Retrieving the Upload API key
Follow the instructions in step 1 of the Pre-Production Scans: Uploads via CI/CD article.First, you will need to retrieve your organization's Upload API key from the portal, at https://www.securetheorem.com/sdlc/api_access within the “API Key” section:
...
Step 2:
...
Adding the Upload API key as an environment variable
Add your Upload API key retrieved in step 1 as a secure environment variable called DT_UPLOAD_API_KEY in your repository’s variables:
...
Step 3:
...
Defining an artifact for an existing pipeline step
In order to upload a mobile binary, it must first be defined as an artifact in one of your pipeline’s steps inside your project’s bitbucket-pipelines.yml.
...
| Code Block | ||
|---|---|---|
| ||
- step:
name: 'Build app'
script:
- ./gradlew assembleRelease
- ... |
we might should add the following lines to define the apk artifact built by this step:
...
| Code Block | ||
|---|---|---|
| ||
- step:
name: 'Build app'
script:
- ./gradlew assembleRelease
- ...
artifacts:
- build/app/outputs/apk/release/app-release.apk |
Step 4:
...
Add a step to upload the binary to Data Theorem
Add the following step to your pipeline following the previous one responsible for building the artifact:
...
Note that the value of SIGNED_BINARY_PATH should be replaced with the path of the artifact defined in the previous step. In the above example that would be build/app/outputs/apk/release/app-release.apk.
Step 5:
...
Save and deploy
Save and commit the changes to bitbucket-pipelines.yml. The pipeline is now ready. Once the CI/CD uploads are completed, pre-production scans will be run automatically. Please note:
...