Mobile Code Signing Architecture Proposal
I'm opening up this issue to start an engineering architecture/design discussion around a feature I'm working on in the DevOps for Mobile Apps SEG. I will tag a few folks in this issue, but please include others that may be interested in this discussion.
Background
One of the big pain points for mobile teams is Code Signing. This process is required in order to distribute any app in the app stores. Android and iOS have different processes, and there is a fair amount of complexity involved.
We can make this easier on GitLab by allowing code signing assets to be uploaded to projects. In its most basic form, it would be delivering #205379 (closed), but I think we can do a bit more to provide a better experience, and create an approach that is easier to use than other alternatives.
Proposal
Create the ability for code signing assets to be uploaded to a GitLab project, so that they can then be automatically added to CI jobs and used for various code signing tasks.
There are three different types of assets we would want to support with various attributes (details below). I would propose creating separate models in the database for each asset type so we can enforce proper validations.
Since much of this content is sensitive data, we would use attr_encrypted as we do for environment variables. We could also look at how Fastlane does the file encryption in the Fastlane Match process as a way to process the file data.
With the necessary data persisted in the database, the other part to making this would we be to pass the relevant attributes to the CI jobs. This would be done using the existing mechanism for attaching environment variables to CI jobs (via the Ci::JobVariable models), with a change to support decoding and writing the binary files to the running CI jobs. Only some attributes of the code signing assets would need to be available in the CI jobs (noted below).
Code Signing Assets
Android Keystore
- File name
- File content *
- Keystore password *
- Keystore alias *
- Keystore alias password *
iOS Provisioning Profile
- Profile name
- File content *
- ID
- Type (app store, development, etc)
- Team
- Bundle ID
- Expiration timestamp
iOS Signing Certificates
- Certificate name
- File content *
- ID
- Type (distribution, development, etc)
- Certificate password *
- Team
- Expiration timestamp
* Attributes needed for CI jobs
Mockup
I've also created a very basic UI mock-up to help visualize what I'm thinking. The mock is very much WIP but hopefully, it will make it a bit easier to see what I'm describing.
Thanks for taking the time to review this! Please let me know any thoughts you have around feasibility, areas of concern, areas I could provide more detail, or any other complexities I may have not considered yet.