Quickstart guide
This article describes how to configure a Bitrise CI/CD workflow to automatically upload mobile app binaries to Data Theorem for scanning.
To automatically upload a mobile binary from Bitrise, a new step should be added at the end of your existing Bitrise workflow to upload the signed application binary (APK or IPA) to Data Theorem.
Step 1: retrieving the Upload API key
Follow the instructions in the step 1 of the Pre-Production Scans: Uploads via CI/CD article.
Step 2: adding the Upload API key as an environment variable
Add your Upload API key retrieved in step 1 as a secret environment variable called DT_UPLOAD_API_KEY in your existing Bitrise workflow:
Step 3: creating a new Workflow step to upload builds
Add a new step at any point in your workflow after a signed IPA or APK has been generated.
Search for the Data Theorem Mobile Secure step
In the new "Data Theorem Mobile Secure" step, configure the step's inputs:
The file path to your generated mobile app binary, for example it can be set to
$BITRISE_APK_PATH
for Android or $BITRISE_IPA_PATH for iOS
Select your DT_UPLOAD_API_KEY secret variable set in step 2
Save the workflow and the integration should be ready. After configuring it, your workflow should like this:
Once the CI/CD uploads are enabled, pre-production scans will be completed automatically. Please note:
Scan alerts will still be sent when pre-production scans start and complete
Public app store releases will still be scanned as well
All results will be published to the portal (where pre-prod apps are labeled as “PreProd”)