arrow_back Mobile AppSec From an Attacker's Perspective
Empowering Mobile Team to Harness Real Power of CI/CD
Submitted by Abhinandan Kothari (@abhinandankothari) on Wednesday, 30 August 2017
We at GO-JEK grew by 90,000% i.e 900X in last 18 months. Being an App Only Platform Mobile Team played a very important role in our growth as this is the only consumer facing facade that exists for us. More importantly this changed the way we work in Mobile Team, everything changed ranging from development Workflow, Processes, Tooling, App Architecture, team structure.
We were able to grow and scale our app because we were able to scale our team and the way we work. One of the Core Change response for this scale was changing our CI tool, we migrated from Jenkins to Gitlab which changed everything I mentioned above for us.
Key takeaways of my talk are how to have Happier teams, Smooth and Quality Delivery, Minimal Manual interaction and full automation, faster feedback cycles using CI/CD.
This talk is for everyone who is working on mobile team developing awesome apps as an independent developer, in a startup or an enterprise.
After mentioning the agenda of the talk, will move to the details and will explain how we improved following by introducing GO-JEK.
We are now able to harnessing the power of Single (CI/CD) tool which allows us to push the code, build it, run the tests and deploy the artifacts when everything is splendid and foolproof. We are now able to push, review and test the code, get feedback and reports and deliver on a same platform i.e Gitlab. Also, extreme automation and major enhancements were done to reduce feedback cycle.
Two Monolith Repos(previously one for each android and ios) were broken into 40 repositories, neatly decoupled and published as an standalone artifact to artifactory.
All of these had their own CI/CD setup and had their own development workflow in isolation.
Team of 40 Developers(iOS+Android+React Native) working on same CI/CD Platform helped us in solving a lot of people problems and simplified lots of processes.
Every developer was empowered to create and update his own pipeline with very simple yml syntax at gitlab-ci.yml file, which was previously tedious in the form of Groovy/Java in Jenkins world. Core Review was easier since now modulated code has changes relevant to that particular app.
Most of the part we needed was already part of feature set provided with Gitlab. In form of really innovative ways i.e. Gitlab Pages for sites and reports hosting, Integration with External Tools via APIs/Integrations like slack, emails and other build notifiers, deployments to artifactory and other commonly used tool set when it comes to CI.
Gitlab Runners were provisioned for all platform which will execute the build natively or on docker containers. Depending on type of the build requested.
Technology specific teams(Android and iOS) were split and regrouped as Product teams - GO-PAY, GO-RIDE, GO-FOOD etc. similar to how a microservices concept is at backend.
These Product teams comprises of both Android and iOS developers dedicated to this Product. The final app is acting up as container of these products which previously hosted complete source code. Build time was reduced to less than a minutes from 50 minutes previously which improved developer productivity manifold.
- Typical Gitlab pipeline at GO-JEK
- Understand the pipeline from .gitlab-ci.yml
I am Abhinandan working as Product Engineer at Go-Jek Engineering. I am working in Android and Release engineering teams developing Android Apps along with the CI/CD setup for the iOS/Android/React-Native Apps at Go-Jek. You should attend my talk because I am the key person responsible for this change at GO-JEK as described above in my talk.
Also, I have spoken at various conferences in last couple of years:
Droidcon Krakow 2016 - Mobile Apps Delivered Via Jenkins , Are you kidd’n me ?!! Flash Talk at Rootconf 2016 - Devops in Mobile World Rubyconfindia 2016 - Kochi on Function Testing of Mobile Apps using Appium Deccanrubyconf 2015 - Pune on Web Marries Ruby