Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Android CI/CD with Zero Infrastructure

Arnav Gupta
October 05, 2017

Android CI/CD with Zero Infrastructure

Using Travis, CircleCI, CodeCov, Coveralls, Codeclimate, Codacy, Codebeat to create a zero config, zero maintenance, zero infra continuous integration and deployment pipeline.

Arnav Gupta

October 05, 2017
Tweet

More Decks by Arnav Gupta

Other Decks in Technology

Transcript

  1. Push to Play
    End-to-End CI/CD Setup using Zero
    Infrastructure
    Arnav Gupta
    Co-Founder, Coding Blocks

    View Slide

  2. IF YOU HAVEN’T REALIZED THE
    NEED OF CI/CD, YOU’RE NOT
    WORKING ON ANYTHING BIG YET

    View Slide

  3. The ‘batteries included’ CI/CD setup
    • Connected well with your git workflow
    • Unit Tests, Integration Tests, UI Tests
    • Code Coverage Reporting
    • Test + Coverage based git push barriers
    • Automated release builds
    • Automated publication

    View Slide

  4. WHAT IF YOU’RE POOR ?
    OR NON-PROFIT ?
    OR OPEN SOURCE ?
    OR JUST A MISER :D

    View Slide

  5. Can we do it for free ?

    View Slide

  6. Can we do it for free ?
    *Conditions Apply

    View Slide

  7. Assumption 1: Open Source
    • Usually indie projects are open source
    • Non-profits / OSS orgs would want free CI/CD
    • If you’re a small startup, why not make your
    frontend OSS ? (Surely there’s no IP in
    frontend?)
    • If not OSS (you probably have the $$$ to pay)
    – $5/month for CI,
    – $5/month for code-coverage,
    – $5/month for static code analysis

    View Slide

  8. Assumption 2: Trust CI host with key
    • Your .jks file will be encrypted
    • It is decrypted in a automated process
    • Still, theoretically it is possible for the CI host
    (an employee thereof) to decrypt, read and
    abuse it.

    View Slide

  9. What all do we get ?
    • Build checks ?
    • Unit tests ?
    • Integration tests ?
    • Coverage reports ?
    • Code style checks ?
    • Code complexity ?
    • Automated code review?
    • Deploy to Play Store ?
    ü
    ü
    ü
    ü
    ü
    ü
    ü
    ü

    View Slide

  10. A HYPOTHETEICAL SCENARIO
    You wrote (a == b) instead of (a != b)

    View Slide

  11. What this setup provides ?
    a) (a==b) instead of (a!=b) won’t happen if the
    tests are in place, but still. . .
    b) Open Github on a browser (even on your
    mobile)
    c) Edit within Github
    d) Within few hours, corrected App published to
    Play Store.

    View Slide

  12. View Slide

  13. View Slide

  14. SERVICES WE ARE USING

    View Slide

  15. Builds, Unit Tests, Integration Tests
    • Travis CI
    • Only Github repos
    • Has Mac OS servers (Yay! iOS too)
    • Circle CI
    • Faster, if using v2.0 config (warn: verbose to setup)
    • Supports Butbucket and Gitlab as well

    View Slide

  16. Builds, Unit Tests, Integration Tests
    • Gitlab Builds
    • Free (even closed source)
    • Slow, limited slots, not very reliable
    • Bitbucket Builds
    • 500 min free with base back
    • Cost approx $1~2 per developer (unlimited repos)
    • Appveyor
    • Allows building on Windows
    • Can be used for Electron app builds for Windows

    View Slide

  17. Code Coverage Reports
    • Codecov
    • Zero-config setup with Travis/Circle CI
    • Only Github
    • Cool Chrome/Firefox extension to view coverage inside
    Github
    • Wider support of coverage formats (lcov, jacoco and more)
    • Coveralls
    • Faster & snappier web ui
    • Not locked to Github

    View Slide

  18. Static Code Analysis
    • CodeClimate
    • Supports way too many things
    • Requires verbose config file
    • Also supports coverage report
    • Some reports are not generated (no way to force re-
    generate)

    View Slide

  19. Static Code Analysis
    • Codacy
    • Works well with Java code
    • Fast and clean web UI
    • Ambiguos marking scheme
    • CodeBeat
    • Opt-in configs, automatically reads code too
    • Best marking scheme (personal experience)
    • Complexity analysis is top notch

    View Slide

  20. Deployments
    • Library
    • Jitpack (publish directly from Github)
    • Skip the Maven/Jcenter publishing headache
    • App (Play Store)
    – Fastlane
    • A tool/script, not a service
    • Needs to be configured and run from Travis/Circle

    View Slide

  21. git push
    build
    Static
    analysis
    passed
    notify github notify github
    run tests
    passed
    no yes
    no
    Deploy to Play Store
    yes
    • Github
    • Travis/CricleCI
    • Code Analysis Service
    • Google Play API
    Process Overview

    View Slide

  22. SETTING THINGS UP

    View Slide

  23. What kind of tests ?
    • Unit Tests
    • Runs on local JVM
    • Cannot use Android SDK stuff (com.android.** )
    • Integration Tests
    • Runs on a device/emulator/cloud device farm
    • PRETTY DAMN slow (many tests = builds in hours)
    • Robolectric (the middle ground)
    • Mockito on steroids, done correctly, for Android
    • Run integration tests on local JVM

    View Slide

  24. Unit Tests
    • Business logic
    • Does not depend on Android SDK
    • Try to get 100% coverage of non Android
    component code here
    Robolectric
    Tests
    • Depends on Android SDK, but not UI
    • SQLite, HTTPClient, JSON libcrypto all work
    OK
    • Cover everything that’s not UI or requires
    lifecycle
    Integration
    Tests
    • UI tests and lifecycle tests
    • Tests are flaky, so do not depend critically
    • Use Espresso for UI tests

    View Slide

  25. Merging coverage reports
    • Android Studio shows coverage in-IDE for unit
    tests. Not for integration tests
    • gradle generates jacoco xml report for
    integration tests, not unit tests.
    • UGGGGGHHHHHHHHHHH!!!!!!
    • Let’s merge them

    View Slide

  26. Merging coverage reports

    View Slide

  27. Merging coverage reports

    View Slide

  28. Deploying to Play Store (even iTunes)
    • Use Fastlane “Supply” module
    • Lookup reference config on
    http://github.com/tdillion/android

    View Slide

  29. Create keystore and encrypt on Travis
    keytool -genkey -v -keystore /PATH_TO_/MY.jks \
    -alias MY_KEYSTORE_ALIAS \
    -keyalg RSA -keysize 2048 -validity 10000
    travis encrypt-file /PATH_TO_/MY.jks --add

    View Slide

  30. Build signed apps from Travis
    script:
    - "./gradlew assembleRelease"
    - jarsigner -verbose -sigalg SHA1withRSA \
    -storepass $storepass -keypass $keypass \
    -digestalg SHA1 \
    -keystore MY.jks PATH_TO_/MY.apk MY_KEYSTORE_ALIAS
    - zipalign -v 4 PATH_TO_/MY.apk PATH_TO_/MY_RELEASE.apk

    View Slide

  31. Enable Play Store Publishing API

    View Slide

  32. Publish using Fastlane Supply
    supply init -j PATH_TO_GOOGLE_API.json -p MY.PACKAGE.NAME
    supply run -j PATH_TO_/FOO.json \
    -p MY.PACKAGE.NAME \
    -b PATH_TO_/MY_RELEASE.apk

    View Slide

  33. CASE STUDIES

    View Slide

  34. View Slide

  35. View Slide

  36. View Slide

  37. Easy to evaluate PRs at a glance

    View Slide

  38. Detailed report per PR

    View Slide

  39. Code Quality Report, Codacy

    View Slide

  40. Track quality over time

    View Slide

  41. Detailed code analysis

    View Slide

  42. View Slide

  43. Bonus: Previews
    • Using Appetize.io API
    • Publish to Appetize on every RC build
    • Preview App over web (easy to show project
    managers without having them build/install)

    View Slide

  44. View Slide

  45. Bonus: Automated Github Releases
    • Supported by both Travis and Circle (Travis
    easier to configure)
    • Release on every tag
    • Specify particular branches
    • Specify release artifacts to upload

    View Slide

  46. Bonus: Automated Github Releases

    View Slide

  47. Bonus: Automated Github Releases

    View Slide

  48. Bonus: Automated Github Releases

    View Slide

  49. View Slide

  50. Bonus: Complexity reports on PR
    comments

    View Slide

  51. Bonus: Coverage delta comments

    View Slide

  52. Bonus: Coverage delta comments

    View Slide

  53. Codebeat: Quick Wins

    View Slide

  54. HOW ABOUT DESKTOP APPS ?

    View Slide

  55. View Slide

  56. Automated signed builds for Win + Mac

    View Slide

  57. Automated signed builds for Win + Mac

    View Slide

  58. YOU DESIGN THE PRODUCT,
    LET THE MACHINES BUILD IT

    View Slide

  59. YOU WRITE THE CODE,
    LET THE MACHINES PACKAGE IT

    View Slide

  60. YOU CONJURE NEW FEATURES,
    LET MACHINES CHECK OTHERS’ BUGS

    View Slide

  61. @championswimmer
    [email protected]

    View Slide