Table of contents
Table of Contents | ||||
---|---|---|---|---|
|
The Amadis One components are delivered through an intermediate repository called JFrog Artifactory. This repository allows up to upload and hold artifacts (AAR or Docker) that customers can access whenever they need, provided they have the proper credentials.
...
The gradle.properties file must declare the Artifactory server URL as well as the repos name.
Code Block |
---|
android.useAndroidX=true android.enableJetifier=true artifactory_url=https://amadis.jfrog.io/artifactory agnos_repository_name_virtual=amadisaone-agnos-libs-release<customer>-virtual |
Note |
---|
<customer> needs to be changed to an appropriate value |
local.properties
The local.properties file should contain the login and password needed to access the repos.
...
Note |
---|
No quote on the password |
Notewarning |
---|
local.properties should not be versioned in your CVS system |
...
Code Block |
---|
allprojects { repositories { google() mavenCentral() maven { url 'https://jitpack.io' } maven { url ""${artifactory_url}/${repository_name}" // The Artifactory (preferably virtual) repository to resolve from credentials { username "${artifactory_user}" password "${artifactory_password}" } } } } |
...
Code Block |
---|
plugins { id 'com.android.application' } android { compileSdkVersion 31 defaultConfig { ... } buildTypes { ... } compileOptions { ... } } dependencies { ... implementation 'ca.amadis.agnos:agnos-amadis-sred:3.5.7' }<customer>-<mode>-<build_type>:<version>' } |
With:
<customer>: the name of your company (e.g. ‘amadis')
<mode>: either ‘sred’ or ‘nosred’
'sred' means the PCI SRED protection is active, all sensitive card data are store securely, encrypted
‘nosred’ means the PCI SRED protection is not active
<build_type>: either ‘debug’, ‘release’ or ‘protect’
‘debug’ is the classic Android debug mode with all logs and debugging capability
‘release’ is the classic Android release mode plus our custom ProGuarg configuration
‘protect’ is the most secure build type (and the only one that should go in production), the whole code is obfuscated and protected against a variety of attacks and reverse engineering
Agnos is the only dependency that needs to be declared. The Secure Client (secclt) is a transitive dependency and will be automatically downloaded if required.
Docker images
The Secure Backend images are split into 3 images:
secbkd-http
secbkd-php
secbkd-database
To pull the images from a terminal for instance, you can use the below command:
Code Block |
---|
docker login amadis.jfrog.io
docker pull amadis.jfrog.io/aone-secbkd-local/<image>:<version> |
Warning |
---|
‘latest’ does not work as <version> at the moment |