Mdma helps you deploy an iOS app to many devices at scheduled times with SimpleMDM.
The source code is available on GitHub.
After setting up the right groups on SimpleMDM, you can do the following:
[1] Upload a new build for an iOS app and decide when it should be pushed to devices
[2] Check the status of every pending, scheduled, and completed push
[3] Browse the list of all devices to check the current version of the app
The app is hosted on Heroku and relies on one job run by Heroku Scheduler every 10 minutes.
bundle exec rake deploys:enqueue
checks whether any build needs to be deployed soon and adds to the queue.
A separate job is run on Heroku Scheduler every day.
bundle exec rake devices:fetch
fetches the list of devices with the latest app version.
Apart from using the web flow, third-party clients can also create internal builds by means of an API.
In order to do so, an option MDMA_TOKEN
must be set in the mdma app and communicated to the third-party clients.
Clients will use this token to submit requests like this:
curl -X POST \
-H "Authorization: Token token=[mdma token]" \
-F "build[package]=@[path to the IPA file]" \
[mdma host]/api/builds
and can expect one of the following responses:
- 201 Created (no body): the file was uploaded and the internal build created
- 401 Unauthorized (no body): the provided token is missing or invalid
- 400 Bad Request (JSON body with "message" String): the params are invalid
Whenever a new PR is opened, a new Review App is created on Heroku, where you can test your code. The Review App uses a test app called Ugly Sweater with a test device group. Test your features on the review app and make sure that Code Climate is happy, then merge.
In order to use mdma
, the following environment variables need to be set:
MDMA_APP_ID
: The SimpleMDM ID of the app to pushMDMA_APP_GROUP_ID
: The SimpleMDM ID of the app group that identifies the devices to push toMDMA_APP_IDENTIFIER
: The unique identifier of the iOS appRAILS_MASTER_KEY
: The key to decrypt the credentials stored inconfig/credentials.yml.enc
The following environment variables are optional:
EMAIL_DOMAIN
: Only allow logins from Google accounts belonging to this domainGITHUB_PROJECT
: The GitHub "username/project" path to fetch release notes fromSLACK_CHANNEL
: The Slack channel to post notifications to (defaults to #deploys)MDMA_TOKEN
: An authorization token for third-party API clients
For completeness, these are the credentials stored in the app:
aws:
access_key_id: "[Access key for an S3 Bucket to upload builds to]"
secret_access_key: "[Access secret for an S3 Bucket to upload builds to]"
simple_mdm:
key: "[SimpleMDM API key]"
google:
client_id: "[Google app Client ID to log into the app]"
client_secret: "[Google app Client Secret to log into the app]"
github:
username: "[Username of a GitHub account with read access to clutter/clutter-ios-wms]"
token: "[Personal access token for the account to read the releases for that app]"
slack:
token_url: "[Slack token URL to send build notifications to Slack]"