Jenkins Android Integration
Jenkins, a versatile open-source automation server, can be effectively paired with the DoveRunner Mobile App Security CLI tool for enhanced security automation. Follow our step-by-step guide for straightforward installation and integration using the configuration file. Additionally, explore advanced integration options through Jenkins Parameter settings for tailored security measures.
Jenkins parameter settings
Section titled “Jenkins parameter settings”| Parameters | Definition | Type | Settings Value |
|---|---|---|---|
| AS_JAR_PATH <Required> | sealing.jar file path | String | ex) /opt/appsealing/sealing.jar |
| AS_URL <Required> | Sealing API URL | String | https://api.appsealing.com/covault/gw |
| AS_AUTH_KEY <Required> | Authentication key | String | ( Provided separately ) |
| AS_SRC_APK <Required> | original APK/AAB file path | String | ex)./source/application.apk |
| AS_SEALED_APK <Required> | Path to save the Sealed APK/AAB file | String | ex)./source/application_sealed.apk |
| AS_APP_TYPE | Sealing security service - GAME : Game security service - NON_GAME : Non-game security service | String | Default : GAME |
| AS_SERVICE_VERSION | Sealing service version number | String | Ex) 2.31.0.0 Default: latest |
| AS_DEPLOY_MODE <Required> | Deploy mode # - test : AppSealing watermark displayed # - release : No AppSealing watermark_ | Choice | {test / release} Default : test |
| AS_DEX_ENCRYPT | DEX encryption option -no : DEX encryption not applied -yes : apply DEX encryption | Choice | { no / yes } Default : no |
| AS_SELECTIVE_DEX_ENCRYPT | Selective Dex Encryption Option (This option is Recognized only when the DEX encryption is applied.) - no: encryption for whole dex files - yes: encryption for some classes and packages | Choice | {no / yes} Default : no |
| AS_BLOCK_ENVIRONMENT | Emulator and root environment option - emulator : Blocks app running on emulator - rooting : Blocks app running on rooted device - Supported emulator : BlueStacks, Nox, LDPlayer | Extended choice | { emulator, rooting} Default : not selected |
| AS_ALLOW_EMULATOR | Allow exceptional emulator when all emulator is blocked - LDPlayer : Allow LDPlayer - BlueStacks : Allow Bluestacks - Nox : Allow Nox app player - Other emulators will be supported in future | Extended choice | { BlueStacks, Nox, LDPlayer } Default : not selected |
| AS_BLOCK_WORK_PROFILE | Work profile option(Block app execution from work profile environment such as Samsung Secure folder) - yes : Block app execution - no : Allow app execution | Choice | {yes / no} Default : yes |
| AS_ALLOW_WORK_PROFILES | Allow exceptional work profiles when all work profiles are blocked. - Samsung SecureFolder | Extended Choice | {Samsung SecureFolder} Default: not selected |
| AS_BLOCK_KEYLOGGER | Key logger block option - yes :Block app running with key logging tool - no : Allow app running with key logging tool | Choice | {yes / no} Default : no |
| AS_HIDE_OVERLAY_WINDOWS | Hide screen overlay option. This option will work from Android 12 device. - yes :Hide overlay windows on sealed app - no : Allow overlay windows on sealed app | Choice | {yes / no} Default : no |
| AS_ALLOW_EXTERNAL_TOOL | Macro and network tool option - macro : Allow macro tools - sniff : Allow packet sniffing and spoofing tools | Extended Choice | {macro, sniff} Default: not selected |
| AS_SERVICE_TYPE | AppSealing service type options - HYBRID_AOS : Hybrid AppSealing. React Native, Ionic, Cordova Framework should use this option. - NATIVE_AOS :Native AppSealing.If your app is not the HYBRID_AOS type, currently this option is not required. | Choice | { HYBRID_AOS / NATIVE_AOS } Default : NATIVE_AOS |
| AS_FRAMEWORK | Your App’s framework - Hybrid Frameworks should explicitly use this option - REACT_NATIVE: Use this when you are uploading React Native app. - IONIC: Use this when you are uploading Ionic app. - CORDOVA: Use this when you are uploading Cordova app. | Choice | {REACT_NATIVE / IONIC / CORDOVA} Default : not selected |
| AS_APP_SIGNING | Automatic app signing option after sealing App-signing can be applied along with sealing. - none : Only sealing is applied without additional app signing. - appsealing_key : After sealing, it is signed with the appsealing`s signing key for test purpose. In case of AAB package, this option applies as ‘none’ value and the app is unsigned. - registered_key : After sealing, it is signed with the app signing key registered on AppSealign console with your account. | Choice | {none / appsealing_key / registered_key} Default : none |
* Provided separately and only the provided value must be used
** Must select only one value
*** Multiple values can be selected by using delimiter with ’,’ (comma). Default value is None(Empty String)
[Required] Parameter must be configured and Default value is not configured
Execution Script Configuration
Section titled “Execution Script Configuration”Linux & Mac
Section titled “Linux & Mac”java -jar ${AS_JAR_PATH} -url ${AS_URL} -authkey ${AS_AUTH_KEY} -srcapk ${AS_SRC_APK} -sealedapk ${AS_SEALED_APK}-deploymode ${AS_DEPLOY_MODE} -block_environment ${AS_BLOCK_ENVIRONMENT} -allow_emulator ${AS_ALLOW_EMULATOR} -allow_external_tool ${AS_ALLOW_EXTERNAL_TOOL} -dex_encrypt ${AS_DEX_ENCRYPT}-select_dex_encrypt #{AS_SELECTIVE_DEX_ENCRYPT} -service_version ${AS_SERVICE_VERSION} -app_type ${AS_APP_TYPE} -allow_external_tool ${AS_ALLOW_EXTERNAL_TOOL} -block_work_profile=${AS_BLOCK_WORK_PROFILE} -allow_work_profiles=${AS_ALLOW_WORK_PROFILES} -block_keylogger=${AS_BLOCK_KEYLOGGER} -service_type ${AS_SERVICE_TYPE} -framework ${AS_FRAMEWORK} –app_signing ${AS_APP_SIGNING}Windows
Section titled “Windows”java -jar %AS_JAR_PATH% -url %AS_URL% -authkey %AS_AUTH_KEY% -srcapk %AS_SRC_APK% -sealedapk %AS_SEALED_APK% -deploymode %AS_DEPLOY_MODE% -block_environment %AS_BLOCK_ENVIRONMENT% -allow_emulator %AS_ALLOW_EMULATOR% -allow_external_tool %AS_ALLOW_EXTERNAL_TOOL% -dex_encrypt %AS_DEX_ENCRYPT% -select_dex_encrypt %AS_SELECTIVE_DEX_ENCRYPT% -service_version %AS_SERVICE_VERSION% -app_type %AS_APP_TYPE% -allow_external_tool %AS_ALLOW_EXTERNAL_TOOL% -block_work_profile %AS_BLOCK_WORK_PROFILE% -allow_work_profiles %AS_ALLOW_WORK_PROFILES% -block_keylogger %AS_BLOCK_KEYLOGGER% -service_type %AS_SERVICE_TYPE% -framework %AS_FRAMEWORK% -app_signing %AS_APP_SIGNING%