Who is the Company

The company is a fast-growing US-based brand that produces fashion apparel for women.

The Challenge

As the company developed mobile apps and added new features, it ran into a significant bottleneck that delayed new releases. Every app or new feature build required a manual check-in and test process to run for each device the company listed in its device support policy.

This procedure exposed a security vulnerability that gave access to sensitive data to anyone with code repository access. These problems were further compounded as each build had to be released for multiple environments simultaneously.

In brief, the company was looking for:

  • A way to automate the build release process: A build check-in was required to trigger an automated process that would provide build certification for all supported devices.
  • Access control for sensitive data: In the old system, anyone with code repository access could view sensitive data. The company wanted a way to safeguard sensitive data.
  • Flexibility in the build release process: The company needed the ability to dynamically select the environment for any given build.

The Solution

Our Mobility team developed a two-step solution for the company by integrating Sauce Labs with a Jenkins CI/CD (Continuous Integration / Continuous Delivery) pipeline.

Our team created a CI/CD pipeline that defines an automatic build process for every new release. We integrated the pipeline with Sauce Labs, which enables us to certify any device included in the company’s device policy.

With the automation now in place, when the company developers issue a pull request, it signifies a critical change - it causes Jenkins to automatically trigger the build and perform low-level code testing (unit testing). Another Jenkins plugin makes a call to SonarCloud, which performs an automated code quality and security scan.

For Android, Google Firebase stores mobile app builds and provides build information to Sauce Labs. For iOS, Apple TestFlight is used in a similar manner. Sauce Labs provide an automated full-scale testing cloud service across thousands of combinations of mobile browsers, operating systems, and devices.

Key aspects of our solution include:

  • Faster feedback on builds: The CI/CD pipeline-enabled automated testing vastly reduces the build release cycle time. The pipeline immediately incorporates build feedback into a release instead of waiting until a later stage.
  • No more dependencies on developers: The solution does not require a specific developer to release the build - any resource with sufficient rights can release and test. This avoids delays due to developer dependencies.
  • Improved security through key obfuscation: Production key obfuscation techniques used during pipeline creation provide security for applications. The solution restricts access to sensitive data only to an authorized team.
  • Dynamic environment selection with single build: When a given build is released, a CI/CD pipeline is enabled to support multiple environments, avoiding build redundancy. Integrating Sauce Labs into a pipeline causes Sauce Labs’ automated testing to be triggered and executed for every build.

Business Impact

  • The build cycle drops from days to hours: Earlier, the mobile app team required two or more days of manual processing to validate the back-end APIs accessed by the mobile apps. The new system executes the entire build cycle in under three hours, including running test suites on multiple devices. The reduced build lifecycle allows the company to bring new releases to the market at an accelerated pace.
  • Reduced resource requirements: The new automated pipeline requires fewer client resources as it no longer needs to run manual tests. Additional tests can easily be added without allocating additional staff.
  • Reduced device procurement costs: Because of the Sauce Labs integration, the client does not need to procure all devices, irrespective of how many new models are subsequently added to the device policy. Our team significantly reduced device procurement costs for the company, making this approach cost-effective and efficient.
  • Security enhancements reduce risk: Previously, anybody with repository access could view sensitive information, such as key pairs. Our solution strictly controls access and ensures greater security, saving the company from potentially enormous liability costs.

Technologies Used

Jenkins: Drives CI/CD and automates the QA process
Google Firebase: Stores Android builds for multiple environments
TestFlight: Stores iOS builds for multiple environments
Sauce Labs: Cloud platform for executing cross-platform automated test suites
Mac Server: Used to generate iOS builds
SonarSource/SonarCloud: Cloud platform that provides continuous code quality and security checks
Atlassian Bitbucket: Version control repository used to store source code
Jenkins Plugins: Active Choice Reactive Parameter, Email Extension, HTML Publisher, Android APK Signing, SonarScanner, Sauce OnDemand, and role-based access control

Related Capabilities

Utilize Actionable Insights from Multiple Data Hubs to Gain More Customers and Boost Sales

Unlock the power of the data insights buried deep within your diverse systems across the organization. We empower businesses to effectively collect, beautifully visualize, critically analyze, and intelligently interpret data to support organizational goals. Our team ensures good returns on the big data technology investments with the effective use of the latest data and analytics tools.

Do you have a similar project in mind?

Enter your email address to start the conversation