Continuous Integration Google Play Store Internal App Sharing In Tokopedia
The Background of this story
Since Google introduced the dynamic delivery with app bundle (aab) in Google I/O 2018, the Tokopedia Android team becomes enthusiast with researching the possibility to implement this dynamic feature module because our app size is increasing from time to time along with the growth of the application feature, we need to tackle this issue.
We start with implementing the feature as dynamic delivery, but testing the feature as dynamic delivery has a couple of processes we need build the app bundle file and uploaded into Internal App Sharing in Google Play console to make sure all feature works well as expected, but the problem is the Google console dashboard is limited access, not all developers have access to upload the artifact into the dashboard.
Tokopedia Android team is a big team with a big cycle of development we cannot ask everyone who has access to the Google Play console to help upload the aab artifact, so we need to integrate the internal app sharing with continuous integration tools like Jenkins or other CI software to make developer’s life easier.
Google Internal App Sharing
With internal app sharing, we can quickly share an app bundle or APK with the internal team and testers by uploading an app bundle or APK on the internal app sharing upload page and generating a link. When sharing the app this way, we can allow anyone with a shared link to download and test the dynamic features.
Based on the Wikipedia page. In software engineering, continuous integration is the practice of merging all developers’ working copies to shared mainline several times a day. That means continuous integration (CI) is an integration of all or several parts of iterative development into a pipeline process and can be automated with CI software.
Overview The Architecture
Here is the overview of the architecture process, we Android Engineers just need to trigger the build button and Jenkins will do the job until the process is completed.
We create the process as seamless as possible, the users just need to put the branch name and trigger the Jenkins build. The workflow will proceed to check out the repository and build the project to create the aab file and the system will continue to request the internal app sharing access token to proceed with the upload and send back to the user with the Internal App Sharing download URL shared through Slack channel.
Prepare The Integration
Google provides an API for internal app sharing. You can explore the API at the official documentation. They offer Java or Python client libraries. To integrate the internal app sharing into Jenkins CI, we had to go through HTTP and create the Google service account.
Create Google Service Account
The first step, we need to prepare a service account to access the API to upload into internal app sharing. Follow this step in the official documentation to create a service account. After creating the service account, you need to keep the JSON file. This JSON key is needed to create the JWT access token.
Create JWT access token script
In the second step, after you created the service account and downloaded the JSON key file, you need to create the script to generate the access token with JWT. In our case, we are using the bash script to create the JWT access token because the bash script is easy to integrate with the Jenkins pipeline.
After we created the script for generating the JWT access token, we can use the token to access Google API for uploading to Internal App Sharing.
The piece of code above can combine all with one bash file and save as
internal-app-sharing.shso we can execute this file in the next step. We can also try to test in the terminal to make sure everything is working well.
Integrate to Jenkins CI
The third step is Jenkins integration. To integrate with Jenkins CI, we need to store the JSON key (P12 file) generated from Google Play Console to Jenkins as the credential.
To open this page, go to :
Jenkins > Credentials > System > Add Credentials
Secret file as credential kind and choose your JSON key file set the
PLAYSTORE_KEYFILE as credential id and click OK, then your credential key has been set up on Jenkins, and you can use it to generate the JWT access token in Jenkins pipeline to upload the aab file to Play Store internal app sharing.
After done adding the credential, we need to integrate the script into Jenkins Pipeline. In our case, we already had the Jenkins job, so we need to add a new parameter option to the pipeline, so the developer can tick the option if they need to upload into internal app sharing.
To integrate with the Jenkins pipeline, we execute the bash script after building the aab file.
sh '(./internal-app-sharing.sh $PLAYSTORE_KEYFILE $AAB_PATH $PACKAGE_NAME)'
The script above will return the download link from internal app sharing. With this link, we can send it to Slack or share it with another team.
Integrating with Slack
To integrate with Slack we can use https://slack.com/api/chat.postMessage API to sending the message slack channel. To learn this API, please refer to the official documentation. In our case, we just pass the download link from the uploading script with curl to the Slack channel.
Now we can automate and integrate the internal app sharing into our internal development process, the benefits that we can get are.
- Speed up the development process. Android engineers can upload and test their features by themselves without asking their Lead or Google Play console administrator to upload the bundle file.
- Improve productivity. Since Android engineers are not required to upload manually to Play Store and wait for the process, they have plenty of time to do something else. They can do tech-improvement, backlog stories, or even do unit tests for features!