2

So here is the situation. I have made an app that needs a server to work properly. For making new releases I spin up an test server with the same code, but with a different ip address. Currently I change the ip address in the app itself test the app and for the release I change it back to the production ip address (who is running the new version then). Of course this works, but it does not feel right to change the ip address everytime. I could do something like this How to execute a specific function only in DEBUG and AdHoc modes (making some code run during development and don't let it run during production), but is that a good method to go around this problem?

In short I would really like to hear how you would do it or how you are running it right now. So how can I use the test servers during the development and the production servers during production?

Note: I am using Amazon AWS to make this all work. I do not know if that makes different/easier around this.

Community
  • 1
  • 1

2 Answers2

0

This is just a matter of style.

If I were you, I'd have a global string that held the IP address of the production server and then just overwrite it during debug compilations with the sandbox IP address.

you could do that with the answer you pointed out's #ifdef block for i-phone, or use

better way to do Debug only assert code

for android.

Community
  • 1
  • 1
Semicolons and Duct Tape
  • 2,927
  • 4
  • 20
  • 35
  • Maybe a dumb question but is it save to use the "debug only code". It will only contain the ip address of the test server, but I was just wondering? –  Jul 27 '15 at 16:26
  • safe in what sense? It's no more susceptible to reverse engineering than the real ip address you are using in the code. if you are worried about people getting into your sandbox after they have reverse engineered the ip ... that's a security issue separate from the debug code issue, but I'm pretty sure that AWS's security folks/tools can help you shore up your dev VM on their system. If you are hosting your own dev environment you can just restrict MAC address access through your router. – Semicolons and Duct Tape Jul 27 '15 at 16:41
  • Ok, the reason is very simple. This is my first app with an app that connects to a server. The workflow is something I am not familiar with yet, but I do my best ;) . Of course I get your point about securing the EC2 instance with Amazon stuff, but still can it be insecure for (indeed) reverse engineering. Oh and what did you meant with the last sentence. FYI, MAC addresses are ONLY used locally and never go outside an LAN only IP addresses do. –  Jul 27 '15 at 17:05
  • You're right about the MAC addresses I was thinking about how I keep people out of my wireless network (I white list MAC addresses in my router). For security, I think your best bet is to setup a firewall that only allows traffic to and from your device's IP if you are really worried about it. As for reverse engineering your code i would assume people could if they were motivated: http://freeandroidforensics.blogspot.com/2014/09/reverse-engineering-android-app-file.html or for iphone http://reverseengineering.stackexchange.com/questions/4096/decompiling-iphone-app – Semicolons and Duct Tape Jul 27 '15 at 18:01
0

For mobile apps (Android and iOS), you can configure your project into two different flavors/environment: Production and Test. This way is common in developing software that has multiple environment (e.g: local, development, staging, production). Each environment has a separate configuration file.

In Android, you can create a flavor for each environment. Each flavor will share same code, but have different configuration (actually, you can also have a few different code). Read more about Android app flavors in official documentation or in this post.

iOS also has a same thing as Android flavors. You can read about it in here.

For Android, each flavor has separate *.apk. Your production flavor will not contain test configuration. I'm not sure about iOS (I'm not an iOS developer), but I guest it will act same as Android, because it is a common practice.

Edward Samuel
  • 3,846
  • 1
  • 22
  • 39