DevSecOps Testing Android, iOS Apps Using Firebase

Learn how to test Appdome-secured Android & iOS Apps Using Firebase automation test platform for DevSecOps. Appdome works with all leading mobile automation testing solutions to help customers achieve comprehensive mobile app security at DevSecOps speed and agility, all within the app’s existing application lifecycle.

Testing Appdome-secured Android Apps using Google Firebase

  • Build your app with your chosen Appdome security features. In order to use Firebase, you need to enable Appdome Threat Events for Anti-Tampering, as shown below.  Then build your app.

 

anti-tampering appdome oneshield

 

 

  • Add a project and give it a name, then click Continue.

 

  • Unselect “Enable Google Analytics for this project

 

  • Click “Create project” to start a new project.

create.firebase.test.devsecops

 

  • On the Release and monitor tab, select Test Lab

 

google firebase test lab

  • Upload the .apk file of the app you want to test.

 

  • Click “Create a new test”.

 

  • Select Robo test and click “Continue”.

 

firebase.robotest

 

Under App APK or AAB section, select Browse, and upload your test application. Then click “Continue”.

 

select firebase apk or aab bundle

 

  • Click “Customize

 

customize firebase bundle

  • Select the devices you want to run your test on and click “Confirm“, then click “Start Test“.

customize firebase device

 

  • When completed the test results will be available for viewing.

Testing Appdome-secured iOS Apps using Google Firebase 

  • Build your app with your chosen Appdome security features. In order to use Firebase, one of the following steps is required:
    • Either Enable a Threat Event for “Detect App is Debuggable”

appdome app.debuggable.threat.event

OR

    • When signing the app, use a provisioning profile that includes “debuggable” entitlement, and sign the app using Appdome’s automated app signing.

 

  • Add a project and give it a name, then click Continue.

 

  • Unselect “Enable Google Analytics for this project

create.project.google.firebase.devsecops

  • Click “Create project” to start a new project.

 

  • On the Release and monitor tab, select Test Lab

firebase.select.test.device.tab

  • Click “Get started” (IOS XCTest section)

configure.google.firebase.automation.test.devsecops

  • In the next displayed window, upload the .zip file containing the XCTest package and select the Xcode version. Then click “Continue”.

 

  • Click “Customize

customize firebase bundle

  • Select the devices you want to run your test on and click “Confirm“, then click “Start Test“.

select.google.firebase.ios.device.test

  • When completed the test results will be available for viewing.

Troubleshooting Tips

If you see the message such as: “Application has violated security policies and it will be shut down”, this means that (1) techniques such as emulators, tampering, or reverse engineering are present, and (2) the Fusion Set does not contain Appdome Threat-Events. This is likely because the user is running their automation testing tool in ’emulator testing’ mode, which Appdome protects against.

Automation test tools can typically can be used in two modes: emulator mode and manual mode. If you use your automation test tool in “emulator mode” instead of ‘manual testing’ mode, the Appdome-secured application will not run on the device.

 

 

Alan Bavosa

Have a question?

Ask an expert

DanaMaking your security project a success!

Get Your Copy
2021 Global Mobile
Consumer Security
Survey