Fastlane helps automate iOS development workflows including building, signing, and App Store distribution.
This guide explains how to integrate AppSweep scanning into your Fastlane pipeline.
Prerequisites
1. Install Guardsquare CLI in your CI environment
2. Create an API key from AppSweep application settings
3. Set the APPSWEEP_API_KEY environment variable in CI to the created key
Basic Upload Integration
Add this lane to your Fastfile to upload builds to AppSweep:
desc "Upload to AppSweep"
lane :appsweep_upload do
build
result = JSON.parse(sh("guardsquare scan --dsym #{lane_context[SharedValues::DSYM_OUTPUT_PATH]} #{lane_context[SharedValues::IPA_OUTPUT_PATH]} --format json 2>/dev/null"))
lane_context[:APPSWEEP_ID] = result['id']
lane_context[:APPSWEEP_URL] = result['url']
end
Run with: fastlane appsweep_upload
CI Pipeline Integration
Add this lane to make CI fail when security issues are found:
desc "Check AppSweep Results"
lane :appsweep_check do
appsweep_upload
result = JSON.parse(sh("guardsquare scan summary --wait-for static #{lane_context[:APPSWEEP_ID]} --format json 2>/dev/null"))
high_severity = result["high"]
findings_pluralized = high_severity == 1 ? "finding" : "findings"
UI.user_error!("AppSweep scan contains #{high_severity} high severity #{findings_pluralized}: #{lane_context[:APPSWEEP_URL]}") if high_severity > 0
end
Run with: fastlane appsweep_check
This command will:
Build and upload your app,
wait for the security scan to complete,
make the pipeline fail if high severity issues are found, and
provide a URL to view detailed findings
After fixing the security issues, run the pipeline again to verify the fixes.