Versions Compared

Old Version 1

changes.mady.by.user Alexandre PERRIER

Saved on

compared with

New Version 2

changes.mady.by.user Alexandre PERRIER

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of contents

Table of Contents
minLevel1
maxLevel7

The Agnos for COTS components is delivered through an intermediate repository called JFrog Artifactory. This repository allows up to upload and hold artifacts (AAR or Docker) that customers can access whenever they need, provided they have the proper credentials.

Credentials will be provided upon demand or account setup

AAR and Android project integration

Android project structure

...

The Android application must declare a JFrog Artifactory account to access the SDK dependencies.

Gradle files configuration

gradle.properties

The gradle.properties file must declare the Artifactory server URL as well as the repos name.

Code Block
artifactory_url=https://amadis.jfrog.io/artifactory
agnos_repository_name_virtual=aone-<customer>-virtual
Note

<customer> needs to be changed to an appropriate value

local.properties

The local.properties file should contain the login and password needed to access the repos.

Code Block
 artifactory_user=user@gmail.com
 artifactory_password=Aqzefj6&
Note

No quote on the password

Warning

local.properties should not be versioned in your CVS system

build.gradle (root)

The root build.gradle file should read the credentials from the local.properties files.

Code Block
Properties properties = new Properties() 
properties.load(project.rootProject.file('local.properties').newDataInputStream())
def artifactory_user = properties.getProperty('artifactory_user')
def artifactory_password = properties.getProperty('artifactory_password')

Then declare the repositories on which to look for dependencies.

Code Block
allprojects { 
  repositories {
    google()  
    mavenCentral()
    
    maven {
      url ""${artifactory_url}/${repository_name}"
      // The Artifactory (preferably virtual) repository to resolve from 
      credentials {
        username "${artifactory_user}"
        password "${artifactory_password}" }
    } 
  }
}

build.gradle (app or module)

The app/module build.gradle file should simply declare its dependencies in the form of implementations.

Code Block
plugins {
  id 'com.android.application' 
}

android { 
  compileSdkVersion 31
  defaultConfig {
    ...
  }
  
  buildTypes {
    ...
  }
  
  compileOptions {
    ...
  }
}
  
dependencies {
  ...
  implementation 'ca.amadis.agnos:agnos-<customer>-<mode>-<build_type>:<version>' 
}

With:

  • <customer>: the name of your company (e.g. ‘amadis')

  • <mode>: either ‘sred’ or ‘nosred’

    • 'sred' means the PCI SRED protection is active, all sensitive card data are store securely, encrypted

    • ‘nosred’ means the PCI SRED protection is not active

  • <build_type>: either ‘debug’, ‘release’ or ‘protect’

    • ‘debug’ is the classic Android debug mode with all logs and debugging capability

    • ‘release’ is the classic Android release mode plus our custom ProGuarg configuration

    • ‘protect’ is the most secure build type (and the only one that should go in production), the whole code is obfuscated and protected against a variety of attacks and reverse engineering

Agnos is the only dependency that needs to be declared. The Secure Client (secclt) is a transitive dependency and will be automatically downloaded if required.

Docker images

The Secure Backend images are split into 3 images:

  • secbkd-http

  • secbkd-php

  • secbkd-database

To pull the images from a terminal for instance, you can use the below command:

Code Block
docker login amadis.jfrog.io
docker pull amadis.jfrog.io/aone-secbkd-local/<image>:<version>
Warning

‘latest’ does not work as <version> at the moment