CI/CD Integration
Use CI/CD integration to protect release candidates automatically after your normal mobile build step completes. AppTego uploads the compiled app, applies the selected configuration, waits for protection to finish, and returns the protected artifact to later pipeline stages.
The CI/CD path is best after your team has already validated the manual AppTego Portal workflow. That way the pipeline automates a process your mobile and security teams already understand.
| Guide | Use it when... |
|---|---|
| GitHub Actions | Your mobile build runs on GitHub-hosted or self-hosted Actions runners. |
| CircleCI | Your pipeline uses CircleCI workflows and workspaces. |
| Automation API | You use another CI provider or need a custom upload/status/download flow. |
Supported Artifacts
The GitHub Action and CircleCI orb accept Android .apk files and iOS .ipa files. AppTego also supports Android App Bundles (.aab) through the AppTego Portal and Automation API; use the Automation API path for AAB workflows.
Pipeline Pattern
- Build the mobile app using your normal platform tooling.
- Store the AppTego automation key in the CI secret manager.
- Run the AppTego protection step with
platform,file-path, andversion. - Save the protected output as a CI artifact or hand it to the next signing/release stage.
- Run device tests or manual QA against the protected artifact.
- Promote only artifacts that passed validation and were produced from the intended configuration version.
Never print automation keys in job logs. Store them only in CI secrets or contexts.
Release Safety Checklist
| Check | Recommended practice |
|---|---|
| Secrets | Store automation keys in CI secrets, contexts, or environment protections. |
| Environments | Use dev or staging for validation jobs and prod only for release candidates. |
| Artifact paths | Persist the exact mobile artifact path before the AppTego step runs. |
| Timeouts | Allow enough time for larger apps, iOS builds, and native-heavy artifacts. |
| Outputs | Archive the protected artifact and the AppTego job ID with build metadata. |
| Parallel jobs | Keep concurrent protection jobs within your plan limit. |
| QA | Install and test the protected output, not only the original app build. |