Using Gitlab to set up a CI/CD workflow for an Android App from scratch

  • Tim Landenberger (tl061)
  • Johannes Mauthe (jm130)
  • Maximilian Narr (mn066)

This blog post aims to provide an overview about how to setup a decent CI/CD workflow for an android app with the capabilities of Gitlab. The blog post has been written for Gitlab Ultimate. Nevertheless, most features are also available in the free edition.

The goal is mainly to provide an overview about Gitlab’s CI/CD capabilities. It is not object of the blog post to test and/or develop a complex android app, or to handle special edge-cases in android app development.

The blog post covers the following topics:

  • Defining a decent pipeline
  • Automatically running unit tests
  • Automatically running integration tests
  • Automatically running static code analysis checks
  • Automatically running debug/release builds
  • Automatically distribute the app for testers
  • Adding Gitlab’s drop-in features
    • SAST
    • Dependency management
    • License management
Continue reading

How to increase robustness of a large scale system by testing

When a distributed software system grows bigger and bigger, one will end up with a big amount of various components which all need to scale independently. In order to achieve these components working smooth together, it is necessary to figure out at which time a component needs to be scaled, to avoid having one component as a bottleneck.

This blog post focuses on the possibility to test the behaviour of a large scale system under extreme load in order to discover vulnerabilities. Therefore I will provide an overview of scalability testing and a more specific variant, which has already proven itself as a successful testing variant for such systems, called Chaos Engineering.

Continue reading

Mobile Security – How secure are our daily used devices?

Nowadays, the usage of mobile devices has become a part of our everyday life. A lot of sensitive and personal data is stored on these devices, which makes them more attractive targets for attackers. Also, many companies offer the possibility to work remotely, which results in storing confidential business information on private phones and therefore increases the organizations’ vulnerability. The following content shows what kind of attacks the mobile platform is facing and how secure we really are.

Continue reading