iOS CI/CD: Azure Pipeline or GitHub Action?
An hands-on comparison on how to setup a CD pipeline for an iOS app using the two products
A couple of days ago, a customer asked for help with continuous integration and continuous deployment (CI/CD) for an iOS App developed using React Native. The customer implemented her pipeline using Azure DevOps and I asked myself: what about GitHub Action?
In this article I will deep-dive on how to perform continuous delivery of an iOS application using ADO and GitHub.
I will not compare holistically Azure DevOps (ADO for friends) and GitHub. For an high-leve comparison, you can read this article by A Cloud Guru.
While reading the comparison, please remember that both products are evolving every day.
Experiment setup
I started my exercise looking for a simple iOS application and I found an app from AppBrewery: https://github.com/appbrewery/Dicee-iOS13
I forked the repository and I added a basic POD file:
platform :ios, '13.0'
target 'Dicee-iOS13' do
use_frameworks!
pod 'PKHUD', '~> 5.0' end
Then I followed two different tutorials to setup the pipeline:
- For Azure DevOps: https://docs.microsoft.com/en-us/azure/devops/pipelines/ecosystems/xcode?view=azure-devops
- For Github: https://engineering.talkdesk.com/test-and-deploy-an-ios-app-with-github-actions-44de9a7dcef6
… and nothing worked at the first attempt :)
The pipelines
The Azure Pipeline and the GitHub Action for distributing my dummy iOS app are doing the following steps:
- Installing my Apple Development Certificate and my Provision Profile
- Installing dependency using pod install
- Building and archiving the iOS application
- Saving the generated ipa as a pipeline artifact
- Uploading the IPA file to App Center for testing / distribution
Azure DevOps
GitHub Action
Code sample
I followed the above guide, and then I made several changes to the scripts. Below I will summarize the major challenges and benefits. My code is available for reference: https://github.com/fdelivamsft/Dicee-iOS13-Medium
Folder .github contains the github actions workflow and scripts. The workflow file is available here: .github/workflows/deploy.yml . The relevant scripts are in the folder workflows and secrets.
Folder .azuredevops contains the pipeline file here: .azuredevops/pipeline.yaml
What is missing in the repo? The secrets, the certificate, the provision profiles. You will need to generate your own following those two guides: ADO or GitHub (Deploy chapter). For this reason, the Pipeline and Workflow will not work by just copy-pasting.
Results
The great news is: both pipelines are working with the latest xcode version and configurations.
The app was uploaded successfuly to App Center:
Considerations
It took almost a week from reading the tutorials to a working CD pipeline. I will summarize the main challenges that I faced. My comments might not be exhaustive or completed, but they are related to my experience with this example.
Performance
The two products are comparable from a performance point of view. Running the pipelines multiple times, I noticed that the execution was always taking between 3 to 4 minutes. The maximum waiting time for the agent to become available was around a minute.
Maturity & UX
I agree with A Cloud Guru: Azure DevOps offers “Mature and feature-rich pipelines”. The interface is user friendly, and you can manage everything without writing any ad-hoc script.
GitHub Action is younger than Azure Pipelines, but they do not lack of any functionality. Both core and advanced features are available, but most of the time it requires some scripting to enable it. In my example, I could not leverage on a pre-defined script, so I prefered to build the bash script manually to build and export the IPA.
Build & Distribution Tasks
One of the major differences is about ownership and reliability of the build and distribution tasks. Azure Pipeline offers a massive variety of predefined tasks maintained by Microsoft and working as mentioned in the documentation. GitHub Action are open source and managed by the community. As for any open-source library catalog, it might take a while before finding the right and reliable Action for your use case.
Manage secrets
Both products are thought with security in mind. How secrets are stored is a bit different but similar. ADO used variable and libraries that can be shared across pipelines to connect to Azure Key Vault. GitHub provides the secret feature to manage sensitive information.
Recently GitHub is investing on new DevSecOps that I didn’t have time to explore in this demo. I recommend you to have a look here.
Debug
Both tools provide great capabilities to understand where the pipeline is failing and what went wrong. In addition, GitHub Pipeline editor can give a real-time syntax validation of the YML file.
Common issues
- The POD file requires an addon:
The POD file required some additions to let xcodebuild command succeed; I found the fix in the comment on Oct 31, 2015 by carrchr in this issue. - Tutorial code is OLD
The syntax of iOS command and files has changed. I performed several changes to fix the pipeline script (i.e. exportOptions.plist). My advice for you is to follow the tutorial first and then compare the pipeline files and scripts with mine. - Your local environment is not working as a build agent
xcodebuild (or the equivalent Xcode@5) in your local enviornment is able to generate a temporary provision profile for building and exporting an IPA, but xcode generated provision profile are not working in a build agent. So, you need to install and import the Development Certificate and the provision profile explicitly in the build agent
Must Do / Next Steps
This article was focused on exploring continuous deployment and I didn’t cover several core areas like static analysis / code quality, unit testing and security.
Below there is a list of references on those topics:
- Azure DevOps: static analysis, unit testing and security
- GitHub Actions: static analysis, unit testing and security
Product roadmap and long term
Both products have a long term roadmap of new features released every month: Azure DevOps and GitHub. However, GitHub, lacking several key ADO’s features until last year, is now in a fast expansion phase. For example, GitHub co-pilot was released just a couple of days ago. With this innovation pace, GitHub becomes very attractive.
Conclusion
Both products provide incredible capabilities in terms of CI/CD and performance. Azure DevOps is more mature and can be considered more straightforward to use thanks to several predefined and trusted pipeline tasks. GitHub Action requires a deeper technical understanding to write pipelines and write your bash scripts. Compared to ADO, GitHub Action are created by the community, and this open-source spirit is boosting the exponential growth of the GitHub Action available in the marketplace.
In summary, no matter if you choose Azure DevOps or GitHub Action you will accomplish your goal of automating the distribution of your mobile application, and you will enjoy the ride.
Each company have a different tech stack and needs, making it hard to give a general recommendation. Azure DevOps is more mature today, but GitHub could be the undisputed innovator lead for this industry in the long term, thanks also to their open source community. Given that GitHub could be the right solution for greenfield automation.
About the author
Since 2012, Francesco managed seven mobile projects as a Mobile Lead or CTO. He covered several industries, from banking to lifestyle. Francesco led teams from one to seventy developers on four continents. He used technologies such as JavaScript, PhoneGap, Objective-C, Java, Kotlin, Swift, ReactNative and Flutter in his project. His most successful project has almost 8 million active users a month.
Today, Francesco is working as Cloud Solution Architect for one of the primary cloud providers in the world, providing advice and supporting the customer journeys on application innovation.
Disclaimer
This article reflects my personal opinions, and it should not be attributed to the view of any of my past or present employers.