DevSecOps Testing Android, iOS Apps Using BitBar

Learn how to test Appdome-secured Android & iOS Apps Using BitBar automation test platform for DevSecOps. Appdome works with all leading mobile automation testing solutions to help customers achieve comprehensive mobile app security at DevSecOps speed and agility, all within the app’s existing application lifecycle.

How to Test Appdome-secured Android Apps using BitBar

First, build the Android app with Appdome security

  • From your Appdome account, build your app with your chosen Appdome security features. In order to use BitBar, you need to enable Threat Events for Anti-Tampering, as shown below:

 

anti-tampering appdome oneshield

 

  • For some devices, you will need to uncheck SELinux Enforcement, as shown below:

devsecops testing bitbar

Then test the secured Android App Using BitBar

After successfully building and signing your app on Appdome, go to https://cloud.bitbar.com and sign-in.

 

  • Under AI-driven Testing click Start AI Testbot.

 

bitbar devsecops testing appdome

 

  • Alternatively, if you prefer running an automated Appium based test, follow these steps
    • Click “Create Automated Test” under Automation Testing. Then select Android as your target OS type
    • Under “Select a Framework” section click “Appium Android Server Side”.

appdome automation testing

  • Upload your test app to the Files Library, select it and click “Use Selected”.

bitbar testing

 

  • If you’re want to run an Appium based automated test, upload the .apk file for the test app, and the .zip file containing the Appium test code.

 

appium testing bitbar

 

  • Choose devices (click to choose devices)

 

  • Click Start

 

  • When done click on “Go to results”

 

Testing Appdome-secured iOS Apps using BitBar 

First, build the iOS app with Appdome security

  • From your Appdome account, build the app with your chosen Appdome security features. In order to use BitBar, one of the following steps is required:
    • Either enable an Appdome Threat Event for “Detect App is Debuggable

appdome app.debuggable.threat.event

OR

    • When signing the app, use a provisioning profile that includes “debuggable” entitlement, and sign the app using Appdome’s automated app signing.

Then test the secured iOS App Using BitBar

  • After successfully building and signing your app on Appdome, go to https://cloud.bitbar.com/ and sign-in.

 

  • For automated XCTest click “Create Automated Test”. For AI-driven Testing select “Start AI Testing”.

bitbar ios

 

  • Upload your test app to the Files Library, select it and click “Use selected”.

bitbar automated testing ios appdome

  • Choose project (existing or new)

 

  • Choose devices (click to choose devices)

 

  • Click “Start”

 

  • When done click on “Go to results”

bitbar automation test

 

Troubleshooting Tips

Most automation test tools can typically be used in one of two modes: emulator mode and manual mode (specific terms may vary according to the testing tool). If you use the automation test tool in “emulator mode” instead of “manual mode”, the Appdome-secured application will not run on the device. This is expected because Appdome ONEShield protects apps from running on emulators/simulators.  Instead, you should run the automation test tool in manual mode.

If you see a message such as: “Application has violated security policies and it will be shut down”, this means that (1) techniques such as emulators, tampering, or reverse engineering are present, and (2) the Fusion Set does not contain Appdome Threat-Events. This is expected because Appdome ONEShield protects against those conditions. You can either remove the triggering condition or use Appdome Threat Events if applicable.

 

 

 

Alan Bavosa

Have a question?

Ask an expert

PascalMaking your security project a success!