In the series, I will build a simple Hacker News reader for iOS using Firebase, SwiftUI and GitHub Copilot X. In part 7, I reimport my code after properly setting up my GitHub repo and GitHub Actions:
Using GitHub Copilot Chat for help on git branches Create and checkout a new git branch Copy previous code over Install Firebase SDK for iOS Forgot to save our source control previously working code!
In the series, I will build a simple Hacker News reader for iOS using Firebase, SwiftUI and GitHub Copilot X. In part 6, I use GitHub Copilot X to automate security and privacy testing on each pull request using GitHub Actions:
GitHub Actions plan for automated build and security scans GitHub Action to build and scan iOS app - static only Use GitHub Copilot to help write a GitHub Action Dynamic security scans on pull requests or new releases Thoughts on GitHub Copilot X results for GitHub Actions 1.
GitHub Actions are a great way to incorporate DevOps and DevSecOps into mobile development. This post documents the steps to build a React Native iOS app with GitHub Actions (without using any 3rd party actions). Many of the steps will be the same as the previous post on “How to build an iOS app with GitHub Actions [2023]” so definitely check that out for a more complete explanation of the various steps below.
Building on my previous “How to build an iOS app archive via command line” post, let’s now automate the process using GitHub Actions! There are a number of mobile CI/CD capabilities out there such as BitRise, CodeMagic, Jenkins, CircleCI and even Xcode Cloud but there are a lot of advantages to handling CI/CD directly in GitHub including (to name a few):
Already has access to source code Native developer experience Managing your CI/CD configuration in a source controlled yaml file GitHub Marketplace is open and has a massive number of integrations and helpful actions When I first embarked on this technical how to, I have to admit it was pretty overwhelming.
In this post, I’m going to automate the build process (see my previous post) for a React Native Android app with GitHub Actions. This obviously ties into the the DevOps tidal wave but in a way that’s very developer friendly. Developers spend significant time in GitHub and have a great developer experience (DX). Instead of popping out to external systems, you can build, test and deploy you app within GitHub and also leverage the extensive, open GitHub Marketplace to reuse workflows and integration into other systems.
If you’d like to generate an Android SBOM every time you build your app, you can combine previous techniques discussed on this blog to achieve this with GitHub Actions + NowSecure. If you’re not a NowSecure customer, first sign up for 10 free SBOMs so you can follow along in the tutorial.
To brush up on the previous techniques, check out my blog+video on how to generate an Android SBOM in CycloneDX format.