Using Azure variables in Gradle Build
Android, an open-source operating system. This allows users to review, understand and even modify the source code of Android.
The source code developed by users is not open. You cannot access them directly, but it is possible to access the source code through reverse engineering methods.
In addition to all other methods such as encryption and obfuscation of the source code, moving critical data to the server is also a measure that enhances the security of mobile applications.
API_KEY="XXXXX-YYYYY-ZZZZZ"We can store critical data on the server as an Azure variable.
Variable groups store values and secret strings that you may want to pass to the YAML pipeline or make available for use in multiple pipelines. You can share and use variable groups across multiple pipelines in the same project.
Azure variables can be used in YAML pipelines.
variables:
- group: PrivateVariables
trigger:
branches:
include:
- your_branch
pool:
name: Azure Pipelines
vmImage: 'your_agent'
demands:
- java
- JDK
steps:
- task: Gradle@2
inputs:
workingDirectory: ''
gradleWrapperFile: 'gradlew'
options: '-PmyAppApiKey=$(myAppApiKey) -PversionName=$(myAppVersionName) -PversionCode=$(myAppVersionCode) -PmyAppBaseUrl=$(myAppBaseUrl)'
tasks: 'assembleDebug'We made Azure variables available for use in our application’s gradle build step by adding following code snippet to our YAML file.
buildTypes {
debug {
buildConfigField 'String', "API_KEY", "\"$myAppApiKey\""
debuggable true
}
release {
buildConfigField 'String', "API_KEY", "\"$myAppApiKey\""
debuggable false
minifyEnabled true
shrinkResources true
}
}Using the same method, we can also move our application’s version number, version name, and web service base URLs to Azure servers.
buildscript {
def getVersionCode = { ->
def v_code = System.getenv('MYAPPVERSIONCODE') ? versionCode.toInteger() : 1
println "VersionCode is set to $v_code"
return v_code
}
def getVersionName = { ->
def v_name = System.getenv('MYAPPVERSIONNAME') ? versionName : "1.0"
println "VersionName is set to $v_name"
return v_name
}
ext {
versionName = getVersionName()
versionCode = getVersionCode()
}
}We can access Azure variables by writing variable names in upper case in the project-level Gradle file. We can use the ‘versionCode’ value that we read numerically in the app-level Gradle file as shown below.
android {
compileSdkVersion 33
defaultConfig {
applicationId "your.package.name"
minSdkVersion 23
targetSdkVersion 33
versionCode rootProject.ext.versionCode
versionName rootProject.ext.versionName
}We have shared how Azure variables can be used in the Gradle build step. With this method, we can both increase the security of our source code and improve our software development processes.
Ford Otosan — Connected Products & Engineering Tribe
Mobile Chapter Lead
Kaan DOĞRUER
