...
Gitlab CI/CD allows running bash command commands as a deploy step within the gitlab-ci.yml file. A new step should be added at the end of your existing mobile pipeline to upload the signed application binary (APK or IPA) to Data Theorem.
...
You can create an environment variable if you are maintainer of the project by accessing project Settings → CI / CD → Variables
You should restrict DATA_THEOREM_UPLOAD_API_KEY access to protected branch only or at least mask the environment variable
The following gitlab Gitlab CI step can then be used as the upload step:
| Code Block | ||
|---|---|---|
| ||
deploy: # Deploy the generated apk to Data Theorem stage: deploy before_script: # jq will simplify extraction of the upload_url from the upload_init response - apt-get --quiet update --yes - apt-get --quiet install --yes jq script: # The plugin needs a valid customer API Key from Data Theorem. To find your API Key, you can connect to https://www.securetheorem.com/sdlc using your Data Theorem user account # You should store privately your API Key on gitlab: https://docs.gitlab.com/ee/ci/variables/ # Generate an upload link - export upload_url=$(curl -X POST -H "Authorization:APIKey $DATA_THEOREM_UPLOAD_API_KEY" --data "" https://api.securetheorem.com/uploadapi/v1/upload_init | jq -r ".upload_url") - echo $upload_url # Send the apk at the upload link - curl -F file=@<PATH_ToTO_YOUR_FILE> $upload_url |
Once the CI/CD uploads are enabled, pre-production scans will be completed automatically. Please note:
...
You can download a complete example here: https://gitlab.com/marcTranzerdatatheorem/testci-app-upload/-/jobsexample.
This example runs unit test tests on a simple android project, then build builds an apk and finally deploy APK, and then uploads it to Data Theorem Mobile.
...