Demo video
...
datatheorem/data-theorem-mobile-secure Buildkite plugin:
| Code Block |
|---|
steps:
- label: "Build Mobile App Binary"
# replace this step with your own logix to build the pre-prod mobile binary that you want to scan
command: "echo 'Example mobile binary build step...'"
- label: "Upload Mobile App Binary to Data Theorem for scanning"
plugins:
- datatheorem/data-theorem-mobile-secure:
UPLOAD_API_KEY: $(buildkite-agent secret get DT_UPLOAD_API_KEY)
SIGNED_BINARY_PATH: "app-debug.apk" # path to the pre-prod mobile binary built in the previous step |
See https://github.com/datatheorem/data-theorem-mobile-secure-buildkite-plugin for more details on how to use the plugin
Manual setup:
First, get your Data Theorem Upload API Key by according to step 1 on this page: Pre-Production Scans: Uploads via CI/CD
A new step should be added at the end of your existing mobile pipeline to upload the signed application binary (APK or IPA) to Data Theorem.
...
Scan alerts will still be sent when pre-production scans start and complete
Public app store releases will still be scanned as well
All results will be published to the portal (where pre-prod apps are labeled as “PreProd”)
Optional inputs:
Some additional inputs can be added along with the mobile app binary upload, such as credentials for dynamic scanning.
See documentation at: Pre-Production Scans: Uploads via CI/CD