How to Secure Android & iOS Apps in Jenkins CI/CD pipelines

Last updated June 5, 2023 by Appdome
This Knowledge Base article provides instructions for using the Appdome Build-2Secure plugin for Jenkins CI/CD pipelines. Appdome’s Build-2Secure plugin for Jenkins is an out-of-the-box Jenkins CI/CD integration, making it easy for mobile developers to automate the building, signing, and certification of security, anti-fraud, and other protections in Android & iOS apps in Jenkins CI/CD pipelines. No code and no SDKs are required.
The purpose of Appdome’s Build-2Secure plugin for Jenkins is to streamline and accelerate cyber and anti-fraud delivery in CI/CD pipelines. To do this, the Build-2Secure plugin for Jenkins automates three important steps in delivering more secure mobile applications to your users fast: (1) building app-level protections into mobile apps, (2) code signing the protected mobile app, and (3) certifying the security of each protected mobile app. The Appdome Build-2Secure plugin for Jenkins can be used to deliver Certifed Secure™ mobile app security, anti-fraud, anti-malware, mobile anti-bot, and other cyber defense updates to mobile apps on the Appdome Cyber Defense Automation Platform. Use this plugin for Jenkins as a stand-alone DevSecOps integration or in combination with other DevSecOps integrations in your CI/CD pipeline.
For more general information on this plugin, see Managing Plugins on the Jenkins website.
Here are the step-by-step instructions on using the Appdome Build-2Secure plugin for Jenkins. Enjoy!

Prerequisites to Appdome’s plugin for Jenkins

Beofre you use Appdome’s plugin for jenkins, there are a few things you need to have:

Step 1: Installing the Build-2Secure plugin in Jenkins

To install the Appdome Build-2Secure plugin:

  1. Go to the Jenkins homepage.
  2. Select Manage Jenkins on the left menu.
    Appdome plugin for Jenkins - Manage Jenkins
  3. Select the Manage Plugins command.
    Appdome plugin for Jenkins - Settings: Manage Plugins
  4. Add the Appdome Build-2Secure plugin to Jenkins through Jenkins Plugin Index as follows:

        1. Select the Available tab.
        2. Search for Appdome Build-2Secure.
        3. Select the Appdome build-2Secure and click Download now and install after restart.
        4. Restart your Jenkins server.
          Appdome plugin for Jenkins - Installing Appdome-build2secure
        5. To confirm the successful installation of the plugin, navigate to Manage Jenkins > Installed plugins and then search for Appdome Build-2Secure.Appdome plugin for Jenkins - Veryfing the plugin is installed
The Appdome Build-2Secure plugin is versatile and can be used in both freestyle projects and pipelines. To utilize the plugin in a freestyle project, it is necessary to add the plugin as a build step, which will be explained in the following section. Alternatively, if you opt to use a pipeline, we have also included instructions on how to incorporate the plugin into the appropriate stage of your pipeline script later in the guide.

Appdome Build-2Secure Plugin in Jenkins (Freestyle Project)

Step 2: Creating the Build-2Secure plugin in Jenkins

This step provides instructions for adding the Appdome Build-2Secure Plugin in both of the following methods:

    • Adding the Appdome plugin to a new project
    • Adding the Appdome plugin to an existing project

Adding the Appdome Plugin to a New Project

To add the Appdome plugin to a new project:

      1. From the Jenkins menu, click New Item.
        Appdome plugin for Jenkins - menu: New Item
      2. Assign a name to your project and select the Freestyle Project type, then click OK.
        Appdome plugin for Jenkins - Freestyle project
      3. Use the next page to select the Build Steps command.
        Appdome plugin for Jenkins - menu : Configure - build steps
      4. Expand the list Add build step and select Appdome Build-2Secure.
        Appdome plugin for Jenkins - Add build step Appdome Build-2secure
      5. Proceed to set the Appdome build-2Secure plugin configuration, as described in the next step.

Adding the Appdome Plugin to an Existing Project

To add the Appdome plugin to an existing project:

      1. Select the project to which you want to add the plugin to.
      2. Go to Configure from the Jenkins menu.
        Appdome plugin for Jenkins- Jenkins configure Menu
      3. Open the Add build step menu and then select Appdome Build-2Secure.
        Appdome build-2Secure UI shows up, allowing you to enter your configuration.
      4. Proceed to set the Appdome build-2Secure plugin configuration, as described in the next step.

Step 3: Configure Appdome build-2Secure Plugin Configuration

After you select Appdome Build-2Secure as a build step, the screen shown below is displayed.

Appdome plugin for Jenkins- Build 2secure plugin configuration

  1. Use the Token field to enter your Appdome Build2Secure API token, by following the instructions provided in section Getting and resetting your API Token on Appdome website.
  2. Use the Team ID field to enter your Team ID API token, by following the instructions provided in section Getting a Team’s ID on Appdome website.
  3. Use the Fusion-set-id field to enter the appropriate Fusion Set ID, by following the instructions provided in section Getting a Fusion Set’s ID on Appdome website.
  4. Use the Platform field to select either iOS or Android, depending on the type of application you are building.
    If you want to learn more about file paths read the description below, otherwise, proceed to the next step.

File Paths
When working with files, you can set the files in any of the following methods:
– Provide the full path to the file, which should be located on the node machine.
– Use environment variables with the Environment Injector plugin or Configure the node machine settings in Jenkins.
– Set a remote URL link to a file either on the configuration page.

For instructions on how to set environment variables, see Appendix A: How to Set Environment Variables.

Warning
When using the configuration form, any input that has the same field as an environment variable (e.g. keystore’s path) will take precedence, i.e. it will override the environment variable. Therefore, to ensure proper use of the environment variable input, you must verify that these variables are unique and do not also appear in the configuration form.

 

    • Use the iOS/Android application field to choose any of the following options:
      •  Specify the full path to the application file on the node where it is running
      •  Set the environment variable name as APP_PATH. If an environment variable is defined, leave the <platform> application field (i.e.: Android application or iOS application) empty.
      •  Set a remote URL link to a file either on the configuration page or as an environment variable named APP_PATH.
        Note: The URL link should not contain any commas.
    •  Use the keystore file field to choose any of the following options:
      • Specify the full path to the keystore file on the node where it is running
      •  Set the environment variable name KEYSTORE_PATH. If an environment variable is defined, leave the keystore field empty.
      • You can set a remote URL link to a file either on the configuration page or as an environment variable named KEYSTORE_PATH.

        Note: The link should not contain any commas.
    • Use the Provisioning Profile field under iOS signing, choose any of the following options:
      •  Specify the full path to the provisioning profile file(s) on the node where it is running, can add as many files as needed, each file on a new textbox
      • You can set a remote URL link to a file either on the configuration page or as an environment variable name MOBILE_PROVISION_PROFILE_PATHS.  If an environment variable is defined, leave the Provisioning Profile field empty.
      • Set the environment variable name as MOBILE_PROVISION_PROFILE_PATHS, to insert multiple files in an environment variable, each file must be separated by ‘,’ without any spaces.
        For example: First_file.mobileprovision,second_file.mobileprovision,third_file.mobileprovision
    • Use the Entitlements field under iOS signing, choose any of the following options:
      • Specify the full path to the entitlement file(s) on the node where it is running, can add as many files as needed, each file on a new textbox
      •  Set the environment variable name as ENTITLEMENTS_PATHS
      • You can set a remote URL link to a file either on the configuration page or as an environment variable named ENTITLEMENTS_PATHS
        To insert multiple files in an environment variable, each file must be separated by ‘,’ without any spaces.
        For example: First_file.plist,second_file.plist,third_file.plist
    • Use the Sign Method field to choose the method by which you want to sign your application. The options available will depend on the platform you have.
      The available sign options are:

    • Use the Output Location field to enter a new value or leave the default value WORKSPACE/output/appdome_name_of_original_app.aab/.apk/.ipa.
      If you would like to save the output of the built and secured application in a different location, specify a full path of the application example: <your_path/name_of_original_app’.aab/.apk/.ipa>.
      The certified secure document will also be saved to this location.

After filling in all the required parameters, you can save the configuration and begin building your application and securing it with the Appdome Build-2Secure for Jenkins. Skip to Step 5 to do that.

Appdome Build-2Secure Plugin in Jenkins (Pipeline Project)

Step 2: Creating the Build-2Secure plugin in Jenkins

This step provides instructions for adding the Appdome Build-2Secure Plugin in both of the following methods:

    • Adding the Appdome plugin to a new project
    • Adding the Appdome plugin to an existing project

Adding the Appdome Plugin to a New Project

To add the Appdome plugin to a new project:

    1. From the Jenkins menu, click New Item.
      Appdome plugin for Jenkins - menu: New Item
    2. Assign a name to your project and select the Pipeline type, then click OK.
      Appdome plugin for Jenkins - Pipeline project
    3. Use the next page to select the Pipeline command.
      Appdome plugin for Jenkins- Pipeline menu
    4. Write your pipeline steps as required.
      Appdome plugin for Jenkins - Jenkins pipelines script
    5. Proceed to setting the Appdome build-2Secure plugin configuration, as described in the next step.

Adding the Appdome Plugin to an Existing Project

To add the Appdome plugin to an existing project:

    1. Select the project to which you want to add the plugin.
    2. Go to Configure from the Jenkins menu:
      Appdome plugin for Jenkins - Configure menu
    3. Use the next page to select the Pipeline:
      Appdome plugin for Jenkins- Pipeline menu
    4. Write your pipeline steps as required.
      Appdome plugin for Jenkins - Jenkins pipelines script
    5. Proceed to setting the Appdome build-2Secure plugin configuration, as described in the next step.

Step 3: Configuring Build-2Secure Plugin on Appdome

To use the Appdome build-2Secure plugin, add one of the next pipeline templates:

Inputs explanation:

Replace all placeholders, which are located within brackets (for example, ‘<YOUR_TOKEN>’) with the right value in accordance with the relevant template:

    • To use the token field, replace ‘<YOUR_TOKEN>’ with your Appdome Build2Secure API token. You can obtain this token by following the instructions provided in the API guide.
    • To use the teamId field (optional), replace ‘<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>’ with your team ID or leave it empty for personal workspace. You can obtain this key by following the instructions provided in the API guide.
    • To use the fusionSetId field, replace ‘<YOUR_FUSIONSET_ID>’ with the appropriate fusion-set-id for your iOS or Android application. For details, see the section Getting a Fusion Set’s ID in the API guide. If you want to learn more about file paths read the description below, otherwise, proceed to the next step.

File Paths
When working with files, you can set the files in any of the following methods:
– Provide the full path to the file, which should be located on the node machine.
– Use environment variables with the Environment Injector plugin or Configure the node machine settings in Jenkins.
– Set a remote URL link to a file either on the configuration page

For instructions on how to set environment variables, see Appendix A: How to Set Environment Variables.

    • To use the appPath field
      • Replace ‘<FULL_PATH_OR_URL_TO_APP_FILE>’ with the full path on the node machine.
      • Specify a full path to the file as an environment variable name APP_PATH. If using the environment variable, leave appPath empty.
      • Replace ‘<FULL_PATH_OR_URL_TO_APP_FILE>’ with a remote URL link to a file either on the pipeline page or as an environment variable named APP_PATH.  If using the environment variable, leave appPath empty.
        Note: The URL link must not contain any commas.
    • To use the keystorePath field under auto signing for iOS and Android.
      You can choose one of the following options:

      • Replace ‘<FULL_PATH_OR_URL_TO_KEYSTORE_FILE>’ with the full path to the keystore file on the node where it is running.
      • Specify a full path to the file as environment variable name KEYSTORE_PATH. If using the environment variable, leave keystorePath empty.
      • Replace ‘<FULL_PATH_OR_URL_TO_KEYSTORE_FILE>’ with a remote URL link to a file either in the pipeline page or as an environment variable named KEYSTORE_PATH.

        Note: The URL link should not contain any commas.
    • To use the provisioningProfiles field under iOS signing. If you insert multi files, each path to a file must be wrapped with “StringWarp” as shown in the template.
      You can select any of the following options:

      • Replace ‘<FULL_PATH _OR_URL_TO_MobileProvision_FILE>’ with the full path to provisioning profile file(s) on the node where it is running, you can add as many files as needed, each path to a file must be wrapped with “StringWarp” as shown in the template.
      • Replace ‘<FULL_PATH _OR_URL_TO_MobileProvision_FILE>’ with a remote URL link to a file either on the pipeline page or as an environment variable named MOBILE_PROVISION_PROFILE_PATHS. If using the environment variable, leave provisioningProfiles empty.

        Note: The URL link should not contain any commas.
      • Specify a full path to the file as environment variable name MOBILE_PROVISION_PROFILE_PATHS. If using the environment variable, leave provisioningProfiles empty.
        To insert multiple files as an environment variable, each file must be separated by ‘,’ without any spaces.
        For example:
        First_file.mobileprovision,second_file.mobileprovision,third_file.mobileprovision
        or:
        https://url_to_download/first_file.mobileprovision, https://url_to_download/second_file.mobileprovision,https://url_to_download/third_file.mobileprovision

        Note: You can combine URL links with the complete path to local files stored on the node machine.
    • To use the entitlements field under iOS signing
      If you insert multi files, each path to a file must be wrapped with “
      StringWarp” as shown in the template.
      You can select any of the following options:

      • Replace ‘<FULL_PATH _OR_URL_TO_entitlements_FILE#i>’ with the full path to entitlement file(s) on the node where it is running, you can add as many files as needed, each path to a file must be wrapped with “StringWarp” as shown in the template.
      • Replace ‘<FULL_PATH _OR_URL_TO_entitlements_FILE#i>’ with a remote URL link to a file either on the pipeline page or as an environment variable named ENTITLEMENT_PATHS.  If using the environment variable, leave entitlements empty.
        Note: The URL link should not contain any commas
      • Specify a full path to the file as environment variable name ENTITLEMENT_PATHS as explained above. If using the environment variable, leave entitlements empty.
        To insert multiple files as an environment variable, each file must be separated by ‘,’ without any spaces.
        For example:
        First_file.plist,second_file.plist,third_file.plist
        or:
        https://url_to_download/first_file.plist, https://url_to_download/second_file.plist,https://url_to_download/third_file.plist

        Note: You can combine URL links with the complete path to local files stored on the node machine.
    • To use the outputLocation field
      If you leave outputLocation empty, the default value is set to ‘WORKSPACE/output/appdome_name_of_original_app.aab/.apk/.ipa’. If you would like to save the output of the build and secured application in a different location, replace ‘<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>’ with the full path of the application example: <your_path/name_of_original_app’.aab/.apk/.ipa>.
      The certified secure document will also be saved to this location.

Step 4: Select the method by which you want to sign your iOS or Android application.

  • stage('Appdome Builder') {
        steps {
            AppdomeBuilder (
                outputLocation: '<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>',
                platform: AndroidPlatform(
                    appPath: '<FULL_PATH_OR_URL_TO_APP_FILE>',
                    certificateMethod: Android_AutoSign(
                        keyPass: hudson.util.Secret.fromString('<YOUR_KEYSTORE_KEY_PASS>'),
                        keystoreAlias: hudson.util.Secret.fromString('<YOUR_KEYSTORE_ALIAS>'),
                        keystorePassword: hudson.util.Secret.fromString('<YOUR_KEYSTORE_PASSWORD>'),
                        keystorePath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_KEYSTORE_FILE>'
                    ),
                    fusionSetId: '<YOUR_FUSIONSET_ID>'
                ),
                teamId: '<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>',
                token: hudson.util.Secret.fromString('<YOUR_TOKEN>')
            )
        }
    }
  • Private Signing – for further information, follow the instructions specified in the Knowledge Base article How To Privately Code Sign Sealed Android Apps using DevSecOps Build System.

    stage('Appdome Builder') {
      steps {
        AppdomeBuilder(
     	outputLocation: '<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>',
     	platform: AndroidPlatform(
      		appPath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_APP_FILE>',
      		certificateMethod: Android_PrivateSign(
        			fingerprint: '<Your_SHA1_Fingerprint>',
                            googleSigning: true/false
      			),
      			fusionSetId: '<YOUR_FUSIONSET_ID>'
      		),
     		teamId: '<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>',
     		token: hudson.util.Secret.fromString('<YOUR_TOKEN>'))
       }
    }
  • Auto-DEV Signing – for further information, follow the instructions specified in the Knowledge Base article How to Automate Secure Android App Code Signing in DevOps CI/CD.
      stage('Appdome Builder') {
        steps {
          AppdomeBuilder (
     	outputLocation: '<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>',
     	platform: AndroidPlatform(
      		appPath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_APP_FILE>',
      		certificateMethod: Android_AutoDevSign(
        			fingerprint: '<Your_SHA1_Fingerprint>',
        			googleSigning: true/false
      			),
      			fusionSetId: '<YOUR_FUSIONSET_ID>'
      		),
     		teamId: '<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>',
     		token: hudson.util.Secret.fromString('<YOUR_TOKEN>'))
    
     	}
    }
    


    For iOS:
    Auto Signing – for further information, follow the instructions specified in the Knowledge Base article How to Use Code Sign on Mac for Secured iOS Apps 

    stage('Appdome Builder') {
        steps {
     	AppdomeBuilder(
     		outputLocation: '<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>',
     		platform: IosPlatform(
      		appPath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_APP_FILE>',
      			certificateMethod: iOS_AutoSign(
        				entitlements: [
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_entitlements_FILE#1>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_entitlements_FILE#2>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_entitlements_FILE#N>')
        ],
        			keystorePassword: hudson.util.Secret.fromString('<YOUR_KEYSTORE_PASSWORD>'),
        			keystorePath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_KEYSTORE_FILE>',
        			provisioningProfiles: [
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#1>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#2>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#N>')
        ]
      			),
      			fusionSetId: '<YOUR_FUSIONSET_ID>'
      		),
     		teamId: '<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>',
     		token: hudson.util.Secret.fromString('<YOUR_TOKEN>'))
    	}
    }

    Private Signing – for further information, follow the instructions specified in the Knowledge Base article How to Privately Code Sign Sealed iOS Apps using DevSecOps Build System.

    stage('Appdome Builder') {
      steps {
      	AppdomeBuilder (
      		outputLocation: '<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>',
     		platform: IosPlatform (
      		appPath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_APP_FILE>',
      		certificateMethod: iOS_PrivateSign ([
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#1>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#2>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#N>')
                     ]),
      		fusionSetId: '<YOUR_FUSIONSET_ID>'
      		),
      	teamId: '<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>',
     	token: hudson.util.Secret.fromString('<YOUR_TOKEN>'))
    
     	}
    }
    


    Auto-DEV Signing – for further information, follow the instructions specified in the Knowledge Base article How to Automate Secure iOS App Code Signing in DevOps CI/CD.

    stage('Appdome Builder') {
      	steps {
      		AppdomeBuilder (
     			outputLocation: '<FULL_PATH_TO_OUTPUT_APP_OR_EMPTY_FOR_DEFAULT>',
     			platform: IosPlatform(
      			appPath: '<FULL_PATH_OR_ENV_VAR_OR_URL_TO_APP_FILE>',
      				certificateMethod: iOS_AutoDevSign(
        				entitlements: [     
           StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_entitlements_FILE#1>'),
           StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_entitlements_FILE#2>'),
           StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_entitlements_FILE#N>'),
       			 ],
        				provisioningProfiles: [
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#1>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#2>'),
          StringWarp('<FULL_PATH_OR_ENV_VAR_OR_URL_TO_MobileProvision_FILE#N>')
        			]
      				),
      				fusionSetId: '<YOUR_FUSIONSET_ID>'
      			),
                           teamId: '<YOUR_TEAMID_OR_LEAVE_EMPTY_FOR_PERSONAL>',
                           token: hudson.util.Secret.fromString('<YOUR_TOKEN>'))  
                     
            }
    }
    
Note:When using pipelines, your initial build attempt might fail because of the use of the fromString function. If this happens, navigate to the failed build and select Console Output. You will see the following message:
Scripts are not allowed to use “staticMethod hudson.util.Secret fromString java.lang.String”. Administrators can choose to approve or reject this signature.
Clicking the hyperlink takes you to a new page where you can approve the script. Ensure that you approve the script, by clicking the Approve button shown on the left in the image below, in order to successfully proceed with your pipeline build.
Appdome plugin for Jenkins - Approve button

 

Step 5: Build Android & iOS security with the Build-2Secure plugin

After setting up the Build-2Secure plugin for Jenkins, you can initiate the build process in Jenkins. Once the build is complete, you can access its output by navigating to the “workspace“.

Appdome plugin for Jenkins - Build Workspace

The Appdome Build-2Secure will automatically verify the request sent from Jenkins and add the mobile app security, anti-fraud, and other protections to your Android and/or iOS mobile app as specified in the Fusion Set associated with this app. After the build process is finished, the protected application will be accessible at the designated Output Location that you defined in the Build-2Secure plugin setup. Alternatively, if you left the location as default, you can just go to your job and click on Workspace to find the output folder that contains the Appdome secured application
Congratulations, you can now use your secured mobile app.

Step 6: Retrieve DevSecOps Certification with Build-2Secure

Each build produces a Certified Secure™ artifact used to clear your release and ensure DevSecOps compliance. This file will be located in the designated Output Location that you defined in the Build-2Secure plugin setup. Alternatively, if you left the location as default, you can just go to your job and click on Workspace to find the output folder that contains the Appdome secured application

Step 7: Confirming Cyber Build and Sign on Appdome

In Jenkins, you can monitor the build process and results by checking the following sections:

    • Build History
      Displays the status and result of each build.
    • Console Output
      Provides detailed information about the build process and any errors or warnings that may have occurred.

Appdome plugin for Jenkins - Monitor build process

You can also use Appdome’s platform to monitor the status of your builds and see a complete history of all your builds.

Appendix A: Jenkins environment Set Up for Build-2Secure

To set environment variables:

    1. Go to Manage Jenkins.
      Appdome plugin for Jenkins - Menu: Manage Jenkins
    2. Go to Manage Nodes and Clouds.
      Appdome plugin for Jenkins - Settings: Manage nodes and clouds
    3. Select the agent on which you want to build.
      Appdome plugin for Jenkins - Choose agent
    4. Click Configure.
      Appdome plugin for jenkins - Configure menu
    5. Scroll down to Node Properties and select the Environment variables check box if it has not already been selected.
      Appdome plugin for Jenkins - Environment variables
    6. Add as many environment variables as required and save.
      Appdome plugin for Jenkins - Add env variables

 

Need Additional Help?

The description above is designed to help you secure Android & iOS apps in Jenkins CI/CD pipelines. If you have questions about using this Build-2Secure plugin, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Related Articles

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.

NEED HELP?

let's solve it together

DanaMaking your security project a success!
By filling out this form, you opt-in to recieve emails from us.