Codemagic CI/CD and security

May 31, 2019

Security is one of the top priorities for almost all organizations. Any security breach can cause huge damage to the business, including loss of trust, reputation, or in the worst case, loss of the entire business. In this post, we will describe some of the security features of Codemagic CI/CD to give you a better understanding of how we ensure the security of your source code and sensitive information.

Codemagic CI/CD security measures

At Nevercode, we take security very seriously and handle all customer data with utmost care. Our infrastructure and software architecture have multiple layers of security mechanisms in place to ensure the security and integrity of your data.

Secure infrastructure

The underlying infrastructure for Codemagic builds is secured with SSH or HTTPS protocols for all the networking. It means that all the data you send to Codemagic or receive from Codemagic is fully encrypted. Your Flutter builds are run on virtual machines on Mac minis which are also physically secured in data centers. Each build runs in a separate environment where it boots a new virtual image. The build agents are not visible to public network due to firewalls. Only our internal virtual private network can be used to make connections from backend services to Macs.

Security of source code

Codemagic uses your source control system, such as GitHub, Bitbucket or Gitlab, to get access to the CI/CD features. Once you grant access to your source code management tool, we will keep the tokens encrypted in our database. These tokens can only be used to check out the source code on virtual machines. When your app is hosted on GitHub, Bitbucket or GitLab, we use OAuth tokens to perform various other tasks too: list branches, set webhooks, get latest commit information, update commit/PR statuses, etc. The source code checked out during the build is deleted from the virtual machine after the build and never stored on Codemagic. The employees of Nevercode have no access to your source code. If you ask for our assistance with investigating a possible issue with your build, we can take a look at the build logs which are retained after the build, but only if you share your build link with us.

Codemagic protects the integrity of your source code and doesn’t alter the code unless you have explicitly specified so in the build scripts. The only exceptions here are some platform-specific files that would have to be modified for successful building. For example, Codemagic modifies the project files for iOS to specify code signing settings during the build and injects a Gradle plugin to the Android component to gather build information and information about the artifacts to be generated.

Encryption of sensitive data

You can have Codemagic automatically deploy iOS and Android apps to App Store Connect and Google Play Store. However, in order to deploy apps, we need your login credentials, certificates with private keys, provisioning profiles, keystore file. This information is extremely sensitive and we understand the importance of keeping this data safe. All credentials, certificates and keys that you provide to Codemagic are encrypted with strong passwords and kept securely in a private GCloud bucket to which our backend has no read access. The sensitive files can be downloaded during the build only from the specific virtual machine where the build is running.

Codemagic also enables users to store sensitive information as secure environment variables which, unless you expose them in a custom script, are available only to a specific virtual machine during the build.

No storage of data after build

Your app’s builds take place in virtualized environments. At the end of each build, the virtual environment is erased and rebuilt using a snapshot that has no knowledge of your app’s source code. All the build data, including your source code, sensitive information, build artifacts and test reports, are cleaned once the build finishes. The only build artifacts that are kept are the ones that are shown in build logs and are available for download.

Safe payments

Codemagic doesn’t process, collect or store any data related to payments. We have no knowledge of your credit card information and are not directly involved in making the transactions. Instead, we use the Stripe payments platform for all payment actions which is integrated into Codemagic by use of designable iframes. Stripe is used and trusted by numerous companies all around the world, including Amazon, Google and Microsoft.

In compliance with EU’s General Data Protection Regulation, we are committed to keeping your sensitive data and private information safe. We protect your personal information and private data by encrypting all the network traffic between you and our servers and storing your data in an encrypted format, as also stated in our privacy policy. Codemagic uses the collected information only for services provision and improvement, billing, identification and authentication, contact and research, all the while making use of best practises in data management. Users retain all rights to their information and can request to have all their content deleted from Codemagic. For enterprise customers that wish to regulate their use of service in additional details, Codemagic can offer a service-level agreement (SLA).

Conclusion

As a CI/CD service provider to both individuals and businesses, we consider security one of our key concerns. Now that you know more about the security measures we have in place, we hope you can rest assured that your sensitive data, intellectual property and source code are safe with us. If you have additional questions about security on Codemagic, do not hesitate to reach out to us on Slack or at info@codemagic.io.

Codemagic CI for Flutter