►
A
A
So
on
my
screen
here,
I've
got
the
update
issue,
so
this
will
be
linked
in
the
video
description
on
youtube,
so
you
can
get
to
all
the
links
from
there.
A
So
the
main
focus
for
devops
for
mobile
apps
this
week
has
been
kind
of
two
different
things.
The
one
is
finishing
the
secure
files
mvc.
So
I
have
an
issue
here
that
I'll
walk
through
in
a
second
and
then
the
the
second
part
is
the
fastlane
integration,
so
so
I'll
start
off
with
the
mvc.
A
This
is
the
issue
here
that
I'm
tracking
kind
of
all
the
tasks
that
are
associated
with
getting
this
first
version
of
secure
files
released
to
gitlab.com
in
case
to
set
some
context.
I
guess
the
secure
files
feature
is
a
feature
that
we've
built
into
gitlab
that
allows
for
the
upload
of
binary
files
to
to
be
used
as
kind
of
ci
variables.
A
A
A
The
the
infrastructure
is
still
in
progress,
so
we're
getting
that
there,
hopefully
we'll
be
able
to
test
this
on
staging
pretty
soon,
but
we
did
go
through
an
appsec
review
of
the
api
and
had
some
good
feedback.
Everything
looks
good
though,
but
there's
some
a
couple:
follow-up
tasks
that
that
I
picked
up
from
that
and
let's
see
the
other
other
changes.
A
That
kind
of
went
in
this
week
are
a
change
to
clean
up
clean
up,
secure
files
when
when
projects
are
destroyed,
so
this
was
just
just
kind
of
a
cleanup
task
that
we
needed
to
do
and
then
the
let's
see,
oh
there's,
adding
some
limits
so
kind
of
a
limit
to
the
number
of
files
that
can
be
uploaded
to
a
project.
We're
doing
this
to
prevent
any
kind
of
abuse
that
might
happen
to
the
api.
A
So
right
now,
projects
are
just
limited
to
100
files
and
we'll
we'll
roll
that
out
and
then
see
see
kind
of
what
the
right
calibration
is
for
that
down
the
road
and
then
the
the
last
feature
here
that
I
wanted
to
chat
about
is
adding
a
checksum
to
the
uploaded
file
that
can
be
used
to
verify.
The
file
that
was
received
is
correct,
so
this
this
was
actually
some
feedback
that
came
out
of
the
appsec
review,
which
I
thought
was
a
really
a
really
nice
addition
to
the
feature.
A
So
basically,
what
this
will
do
is
when
you're
uploading
a
file
to
secure
files.
You
can
provide
a
256
check
sum
of
that
file
along
with
the
payload
and
then
when
we
go
to
process
that,
on
our
back
end,
we'll
check
that
to
make
sure
that
everything
verifies
correctly.
So
that
would
prevent
any
sort
of
interception
attacks
or
anything
like
that.
So
and
then,
if
that
value
isn't
provided,
then
we
just
don't
check
it.
So
it's
an
optional
feature,
but
a
nice
additional
security
check
there.
A
So
so
that
is
in
an
mr
review
right
now
and
we'll
hopefully
get
that
merged
in
early
next
week.
So
then
kind
of
moving
on
to
the
fast
lane
integration.
I
touched
on
this
a
little
bit
last
week
and
I've
got
a
kind
of
working
demo
that
I'll
show
here.
A
But
essentially
what
fastlane
is
is
a
it's
a
open
source
tool
chain
for
mobile
developer
mobile
developers
to
make
the
whole
process
of
building
mobile,
apps
kind
of
easier
and
more
repeatable
and-
and
it
is,
is
a
nice
tool
to
integrate
with
ci
systems,
and
so
one
of
the
components
of
that
is
a
tool
called
match.
And
what
what
match
does
is
it?
A
It
makes
the
code
signing
process
easier
by
making
the
management
of
provisioning
profiles
and
secure
certificates
easier,
and
this
is
the
there's
a
lot
of
complexity
around
this,
and
so
so
match
is
a
is
a
great
tool
to
to
simplify
that
match
uses
some
different
backends,
and
so
I
kind
of
talked
about
this
last
week
too.
A
But
you
can
use
git,
you
can
use
google
cloud,
you
can
use
aws
and
then
what
I'm
working
on
is
a
gitlab
secure
files
back-end
for
this,
and
so
when
you
write
your
match
file,
I've
got
an
example
here.
Basically,
you
set
your
storage
mode
and
your
gitlab
project,
and
then
the
type
is
either
like
development
or
app
store,
like
whichever
type
of
certificates
you're
building
locally.
A
And
then
you
can
run
match
and
it
will
either
generate
those
certificates
or
it
will
pull
down
the
ones
that
are
already
stored
in
your
back
end,
and
so
this
can
be
used
for
for
teams
trying
to
distribute
certificates
and
keep
those
consistent,
but
it
also
is.
It
also
also
is
used
in
ci.
A
So
when
you're
setting
up
your
ci,
build,
you'll
you'll
run
gitlab
or
fastlane
match
to
pull
down
those
certificates
from
gitlab,
so
this,
hopefully
this
will
make
more
sense
when
I,
when
I
show
you
how
this
works,
but
basically
what
I've
got
here
is.
I
have
a
project.
A
I've
been
building
locally
and
I've
configured
fastlane
to
talk
to
my
local
get
lab
instance,
and
I've
got
my
project
here
with
there's
no
secure
files
right
now,
and
then
I've
also
got
the
tab
open
here
into
my
apple
developer
portal,
which
shows
that
now
the
certificates
have
been
generated.
Yet
what
I'm
going
to
do
over
here
in
my
terminal
is
I'm
just
going
to
run
bundle?
A
Fastlane
match
and
what
this
command
will
do
is
it
will
look
at
the
project.
It
will
look
at
gitlab
and
it
will
look
at
the
apple
developer
portal
and
see
that
we
don't
have
any
certificates
generated
and
it
will
go
and
generate
the
whole
thing
for
us
and
upload
it.
So
this
will
take
just
a
little
bit
to
run
and
it
has
a
bunch
of
output
along
the
way.
But
it's
basically
saying
what
it's
going
to
do
here
and
kind
of
how
it's
configured.
A
And
there
we
go
and
it
does
have
like
I
have
logged
into
the
developer
portal
through
fastline,
so
it
has
my
like
login
saved.
If
I
hadn't
been
logged
in
it
would
prompt
me
for
my,
like
account
and
password
all
right
cool.
So
I
think
that
is
done.
So
it
says
all
keys
certificates
and
provision
profiles
are
installed.
A
A
This
is
going
to
show
these
five
files
and
what
these
files
are
is.
These
two
are
kind
of
just
meta
files
that
that
go
along
with
fastline,
so
there's
this
is
just
telling
me
what
version
of
match
is
running
and
then
match
uses
that
internally
and
then
they
include
a
readme
too.
A
So
these
these
are
the
files
that
I
would
use
in
my
build
process
and
I
can
use
that
locally
or
in
in
ci,
and
so
this
is
for
development,
and
so,
if
I
were
to
do
see,
if
I
were
to
change
my
type
here
to
app
store
and
then
run
this
again
now,
it's
going
to
go
and
do
the
the
distribution
certificates,
and
so
that
would
be
for
actually
pushing
to
the
app
store
all
right
and
that
completed
successfully.
A
And
then,
if
we
go
back
in
here,
we'll
see
another
provisioning
profile
for
the
app
store,
as
well
as
the
the
distribution
certificate
here,
and
then
we've
got
these
files.
That
will
also
show
up
in
here
there
we
go,
so
we've
got
the
distribution
certificate,
the
private
key
and
the
provisioning
profile.
A
Yes,
reid.
You
have
a
question.
B
Yeah
thanks,
so
I
missed
a
lot
of
these
videos,
so
I
might
be
missing
context
or
you
might
have.
B
Before
one
of
the
previous
videos
yeah,
how
are
these
secure
files
linked
to
different
environments
in
terms
of
in
terms
of
gate,
branches
or
the
environments
that
we
have
within
the
project?.
A
A
So
there's
there
isn't
any
type
of
association
yet
for
that
that,
like
those
type
of
relationships
really
like
what
the
way
the
secure
files
acts
right
now
is
just
kind
of
a
that's
like
a
small
repository
and
they
can
be
used
through
kind
of
whatever
ci
configuration.
You
want
to
run
to
pull
into
the
different
environments
so,
like
I
guess
the
example
would
be.
If
you
were.
A
If
you
wanted
to
use
these
with
fastlane,
for
example,
you
would
you
would
tell
fastlane
which,
which
type
of
certificates
to
use
for
the
build
that
you're
trying
to
run.
So,
if
I
were,
I
don't
have
a
good
example
of
this,
but
if
I
were
building
like
a
ci
script
to
use
these
secure
files,
my
one
of
my
steps
would
be
something
like
vaseline
match.
A
Sorry,
exec
wrestling
match
development
and
what
this
should
do
like
if
this
were
in
a
ci
job,
this
would
go
and
reach
out
to
get
lab
and
pull
down
the
the
secure
files
for
the
development
environment.
For
that
job.
Does
that
make
sense.
A
So
there
there
isn't
that
relationship
today,
so
that
that,
like
that,
would
be
configured
through
the
ci
scripts.
So
fastlane
knows
about
this
because
of
because
fastlane
understands
the
the
naming
convention
that
it
uses.
B
A
If
you
weren't
using
fastlane,
what
you
would
probably
do
is-
and
this
is
still
kind
of
a
work
in
progress-
you
would
you'd
probably
pull
down
like
all
your
secure
files
into
a
folder
in
your
ci
job
and
then
select.
You
know
like
configure
your
ci
job
to
use
the
ones
for
the
different
environment
that
you
would
have
you
got
it,
but
yeah
like.
I
could
see
future
iterations
of
that
having
some
sort
of
association
there
yeah.
B
Just
just
a
follow-up,
so
when
I'm
in
my
runner
context,
I'm
running
a
pipeline
for
a
project
that
has
got
a
certain
set
of
secure
files,
how
are
these
files
provided
to
the
runner
like?
How
does
the
runner
know
they
exist?
Yeah.
A
A
kind
of
temporary
solution
for
this
we'll
call
it
a
first
iteration,
but
what
this?
The
way
that
this
is
set
up
today
is
there's
this
little
ruby
script
that
you
can
set
up
in
your
ci
job.
Using
this
this
one
liner
here
and
what
this
does
is
it
basically
goes
out
to
get
lab
grabs
all
the
secure
files
and
then
pulls
them
into
your
your
runner
instance
yeah,
and
so
there's
no
there's
no
special
hooks
into
runner.
A
Today,
that's
one
of
the
follow-up
tasks
we
have
actually
yeah
and
where
is
that
at
yeah
runner
integration,
so
probably
a
more
proper
running
runner
integration
would
be
would
be
helpful,
but
this
is
kind
of
the
the
quick
quick
work
around
to
make
it
functional
today.
B
Are
more
secure
or
should
be
more
secure
than
than
the
others
so
yeah,
but
this
is
cool
man
this.
This
is
excellent
and
and
the.
A
Yeah
yeah
and
that
that
was
that
was
sort
of
the
idea.
Sort
of
the
generalized
approach
solves
the
problem
for
mobile,
but
then
could
be
used
for
many
other
the
context
and
and
really
the
idea
behind
the
sort
of
mvc
release
of
this
is
like:
let's,
let's
get
it
out
there
and
get
some
feedback
from
people
and
get
like
feedback
just
like
that,
like
you're
describing
like
how
do
we
associate
these
two
environments
or
or
like?
How
do
we
protect
these
in
different
ways?
B
No
I'd
love
to
see
the
ui
that
you
is
there,
so
how
do
I
upload
a
secure
file,
or
how
does
that
happen?
Is
that
just
an
api
right
now
or.
A
Yeah,
so
the
the
first
iteration
of
this
was
really
just
an
api
interface,
and
so
there
is
in
this
issue
here
there
is
a
section
on
the
docs,
so
I
added
this
the
api
docs
here.
So
there
is
a
full.
You
know
sort
of
write
up
on
how
to
interact
with
secure
files
today,
and
that's
mostly
done
through
the
api.
A
This
view,
right
here
is,
is
just
a
single
like
read-only
view
that
I
I
created
just
to
have
something
to
start
with
this
isn't
really
intended
for
for,
like
a
broad
release,
I
think
before
we
would
release
this
ui.
I
would
want
to
have
the
ability
to
at
least
upload
files
directly
here
and
then,
like
you
know,
maybe
delete,
maybe
not.
B
A
It's
not
hooked
into
the
navigation
right
now,
either.
Okay,
so
it's
it's,
like
you
know,
sort
of
feature
flagged
off
in
that
way,
because
it's
just
sort
of
hidden
but
but
yeah.
I
think
this
would
like
the
in
the
sketches
that
I
had
it
was.
It
was
maybe,
I
think,
under
ci
cd,
like
adding
a
new
tab
in
here
for
secure
files.
A
Yeah,
I
think
I
think
putting
it
in
here
would
would
would
really
kind
of
scope
the
context
a
little
bit
so
like.
Oh
these,
these
are
for
ci
cd
they're,
not
secure
files
for
package
registries
or
or
security
scanners,
or
other
things
like
that
right,
like
maybe
they
could
be
used
that
way
but
like
this
is
what
they're
intended
for
so
yeah.
A
So
what
what
what
I'm
intending
to
do
with
this
is
to
actually
like
right
now.
We
don't
have
a
validation
for
this,
but
I'm
going
to
add
it.
So
files
have
to
have
a
unique
name,
and
if
you
try
to
upload
a
file
with
the
same
name,
it
will
give
you
an
error.
So
if
you,
if
you
try
to
upload
readmemd
again,
it
would
reject
it.
So
we
already
have
a
file
in
this
project
with
that
name:
okay,
either
either
delete
that
file
or
change
the
name.
A
A
I'm
the
the
fastlane
integration
is
a
work
in
progress,
but
I'm
hoping
to
have
a
pull
request
into
the
fastline
project
coming
up
this
week
and
start
working
through
the
the
process
of
getting
that
change
merged
in
and
then
the
upload
checksums.
I'm
also
working
on
that
and
I've
got
an
mrn
progress
for
that.
So
that
is
what
we've
got
for
this
week.