Pre-Production Scans: Uploads via JetBrains TeamCity
- Alban (Unlicensed)
Quickstart guide
This article describes how to configure JetBrains TeamCity to automatically upload mobile app binaries to Data Theorem for scanning.
Step 1: retrieving the Upload API key
Follow the instructions in the step 1 of the Pre-Production Scans: Uploads via CI/CD article.
Step 2: adding the Upload API key as an environment variable
Add your Upload API key retrieved in step 1 as a hidden password type environment variable called DT_UPLOAD_API_KEY in your build parameters.
Project → Build Configuration Settings → Parameters → Add new parameter
Step 3: creating a new build step
Add a new "Script" step at any point in your workflow after a signed IPA or APK has been generated:
Build Steps → Add build step → Command line
Add the following script, adapting <PATH_TO_YOUR_FILE> according on your build output:
#!/usr/bin/env bash
# Fail if any commands fails
set -ex
# Generate an upload link
step1_response=$(curl -X POST -H "Authorization: APIKey ${DT_UPLOAD_API_KEY}" --data "" https://api.securetheorem.com/uploadapi/v1/upload_init)
# Extract the "upload_url" from the response of the first request using a python command.
upload_url=$(echo ${step1_response} | python -c 'from json import load; from sys import stdin; print(load(stdin)["upload_url"])')
# Alternatively, you can use:
# upload_url=$(echo ${step1_response} | jq --raw-output '.upload_url')
echo ${upload_url}
# Send the apk at the upload link
step2_response=$(curl -F file=@${APK_PATH} ${upload_url})
echo ${step2_response}
Save the build step and the integration should be ready. After configuring it, your build steps should look like this:
Once the CI/CD uploads are enabled, pre-production scans will be completed automatically. Please note:
Scan alerts will still be sent when pre-production scans start and complete
Public app store releases will still be scanned as well
All results will be published to the portal (where pre-prod apps are labeled as “PreProd”)