React Native Developer Series: Advanced Jenkins Pipelines, Notifications and Security

Written by: madelyn

4 min read

This is Part Four of a four-part developer series from Evan Glazer.

Series Abstract

Finishing the application build process is normally the toughest part, especially in mobile platforms that need to use very specific criteria. In this series, building an application in React Native won’t be our primary goal; building build processes that give us the ability to Build, utilize CI/CD mechanisms through a pipeline and deploy (CD) to different environment types for testing and publishing to the app store in React Native. In this part, we will focus on improving the process of the pipeline by adding some more steps to take care of quality and unit tests, and UI tests. We will add Slack notifications to our pipeline to give us more context on what is happening with the build, and additional security items to think about when development is underway.

Pipelines

In the last part we built a pipeline with three stages:

  • Checkout: clone the GitHub repository.

  • Build: build and sign the app.

  • Push: store the deployment package (.ipa file) to an S3 bucket.

You may feel that it’s necessary to change the stages to:

  1. Checkout: clone the GitHub repository.

  2. Quality & Unit Tests: check whether our code is well-formatted and follows Swift best practices and run unit tests.

  3. Build: build and sign the app.

  4. Push: store the deployment package (.ipa file) to an S3 bucket.

  5. UI Test: launch UI tests on Firebase Test Lab across a wide variety of devices and device configurations.

To integrate the above changes you can visit this guide to modify the Fastfile accordingly with the plugins you choose. Once you modify the Fastfile you will need to add the new stages to the Jenkinsfile like below:

stage('Test') {

How do I get notified when the build succeeds or fails?

Utilizing Jenkins slackSend integration we can build another method in our Jenkinsfile to notify us when a build succeeds or fails and some extra information about it.

def notifySlack(String buildStatus){

Now add this in the stages that define the pipeline has started and finished.

Introduce Expo Release Channels to our pipeline

How do I accomplish OTA releases?

OTA updates allow you to publish a new version of your app JavaScript and assets without building a new version of your standalone app and resubmitting it to app stores.

We can add a lane that is specifically for Over the Air (OTA) release that is meant for a rapid hotfix. It will be imperative to look into Expo Release Channels to configure the proper logic for your pipeline. An example would be to add a lane for publishing the release channel and setting a check in the build stage to look for a OTA-1 regex type branch name. Then run the build and publish it to the current channel of people using that version.

# Jenkinsfile

Security

Mac Mini

It will be imperative that you set up the mac mini network to be secure from intruders having access to these certificates and such. You might do this by locking the server to communicate using a VPN to connect or IP locks. You also want to make sure you backup your drive so you can recover the mac mini if something were to happen so you don’t have to go through the trouble of re-doing everything.

Gradle

While in our implementation, we stored the passwords of our certificates in a gradles.properties file – it is not a smart practice to store key passwords in plaintext config files. I would recommend following this guide to switch from plaintext to storing the password in keychain access and accessing the information from the terminal.

While the react native developer series has concluded here – I wouldn’t say this is anywhere near completion for production, but this gives us the architecture and framework to continue to build upon to create a successful system more custom for your company while being able to have a CI/CD process for iOS and Android.

Stay up to date

We'll never share your email address and you can opt out at any time, we promise.