Every so often during development we find ourselves in the need of having a secure (SSL) connection to a locally running project. In most cases we are developing against a service that has webhooks. Some services have a robust library of mock payloads and others just require us to wire up a webhook tunnel to our local machine and trigger some events in order to complete development.

There is an endless amount of services that provide this tunnel functionality. We historically used ngrok, but since moved on to a self-hosted solution of SirTunnel. It worked under the hood by running Caddy and minting fresh SSL certificates for whatever subdomain you requested.

Of course minting fresh SSL certificates had a downside: certificate transparency logs. We'd notice moments after creating a new certificate that a bunch of different IP addresses would start hitting our local machine. We assume this is because the certificate transparency logs were being monitored by bots that then crawled the new certificate to investigate. So we were surprised one day to be alerted to one of our API keys being leaked & stolen.

No matter the project or stack we strive to automate the testing and deployment pipeline as much as possible. Mobile applications are no different, but do come with their own set of challenges between iOS and Android. We are happy to have a fully automated solution for both platforms that pieces together several fastlane tools to achieve an elegant solution.

We can share how all these pieces fit together to create a robust mobile app pipeline.

As our pipelines evolved to support many different environments we felt we needed a bit more automation around our alpha builds. Builds past alpha were generally tagged releases with human written changelogs, but alpha builds were bleeding edge right from our main branch for internal use. We wanted to provide testers with a bit more context on what changed in each build without them needing to go hunt for information.

This is our journey of a bit of automation to plug into Firebase App Distribution to provide automatic changelogs for our builds.

One day our iOS fastlane repository responsible for automatically renewing provisioning profiles and certificates started failing. We utilize match which was affected by this removal causing our provisioning profiles to not renew and thus application builds to fail. The error was suggesting that Apple was removing a parameter we depended on.

The provided entity includes an unknown attribute - 'templateName' is not an attribute on the resource 'profiles' - /data/attributes/templateName

This is our journey of solving it both as a temporary workaround and a long-term solution.

Over the course of a year in 2020, we fully migrated off our Jenkins installation which housed our entire set of pipelines for continuous integration and deployment. This is our journey of creating and open-sourcing a set of actions to grow our GitHub pipelines.

One day we saw an interesting crash that one of our applications was generating a URL so long that Google's static map generation refused to generate it. With a bit of research we discovered lodged in the official documentation that there was a known limit.

This led us to discovering that Google had the Encoded Polyline Algorithm Format designed to help pack information in the URL into a dense binary format in plain ASCII text in order to reduce characters. This blog is our journey to writing a little package to accomplish this in PHP.

As our application pipeline elevated into ephemeral GitHub Action containers the Fastlane plugin codenamed "badge" we used was showing some age. It depended on a few native dependencies and took a bit of time to install on our runners. We saw this chance to leverage some exciting new technology and produce an alternative.

As Laravel said goodbye to Laravel Mix and embraced Vite we saw some new exception in our logs as we completed the migration.

Unable to preload CSS for /build/assets/Map-BjJvrIF-.css
Failed to fetch dynamically imported module build/assets/en-c7059b5d.js

We went on a journey to fix this issue and this blog is our findings.

As a project we built evolved with websockets becoming a far more important feature we wanted to move off of a regular implementation of Redis onto a Redis Cluster to scale for larger usage while giving us the safety of failover and redundancy.

As the year clocked into 2023 a package we depended on exceeded a year without a merge with pull requests stacking. At this point we already had a few patches applied locally with patch package, but we decided to fork the package due to our dependency on it.