Integrating to NowSecure AUTO from Jenkins (or really any other build server) is straightforward. Once a binary is created, it just needs to use a REST API call to upload the file (it will be an .ipa or .apk).
This article is will walk-through the general Jenkins setup, however, some customization may be required depending on the unique environment.
Jenkins will need the following plugins installed:
In order to run in NowSecure AUTO, it is important to remember that all apps will be installed to a physical device. To ensure the highest rate of success, all builds must be able to install and run on a device. Additionally, iOS apps cannot be encrypted (this is usually applied to releases that are in the iOS App Store).
You should also consider that the app will be running through a fully automated system, so systems designed to defeat automation will limit coverage. These include features such as two factor authentication and reCaptcha.
The first step is to ensure that Jenkins can send builds into AUTO. To generate an API token, go to your profile within the AUTO UI. Once there, you will find a section for Access Tokens. Under Create New Token, add a meaningful name, and click Create. Make sure you copy it before you move away from the profile screen, as it will not be accessible again.
Once you have the token, we need to add it as a credential in Jenkins. Go to your Credentials section in Jenkins and add it as a secret text. This stores the key securely.
Now we need to configure our build to upload a completed binary.
To do this, simply make sure that we include the token we set up earlier. This is configured in the “Build Environment” section of our job configuration.
Then we make sure to execute a short build script to upload the binary:
curl \ -X POST \ -H 'Authorization: Bearer '$AUTO_TOKEN \ https://lab-api.nowsecure.com/build/ --data-binary @<binary apk/ipa location>
Jenkins integration is now complete for your account with NowSecure Auto. If you need assistance, feel free to contact support.