/

iOS CI/CD Integration

Integrate ByteHide Monitor into your iOS CI/CD pipeline so every build is protected automatically.

Overview

Monitor needs access to your ByteHide project token at build time. The build-time script validates the token and embeds the configuration into the app bundle, enabling Monitor to auto-initialize at runtime.

You must provide the token using at least one of these methods:

  • Environment variable BYTEHIDE_TOKEN (or BYTEHIDE_MONITOR_TOKEN) — recommended for CI/CD
  • JSON config file monitor-config.json with "apiToken": "bh_your_key" committed to the repo
  • Info.plist entry ByteHideMonitor > APIToken

In CI/CD pipelines, the environment variable approach is recommended so you don't commit secrets to source control.

GitHub Actions

YAML
name: Build iOS App

on:
  push:
    branches: [main]

jobs:
  build:
    runs-on: macos-latest

    steps:
      - uses: actions/checkout@v4

      - name: Install CocoaPods
        run: |
          gem install cocoapods
          pod install

      - name: Build IPA
        env:
          BYTEHIDE_TOKEN: ${{ secrets.BYTEHIDE_TOKEN }}
        run: |
          xcodebuild archive \
            -workspace YourApp.xcworkspace \
            -scheme YourApp \
            -configuration Release \
            -archivePath YourApp.xcarchive

          xcodebuild -exportArchive \
            -archivePath YourApp.xcarchive \
            -exportPath . \
            -exportOptionsPlist ExportOptions.plist

      - name: Upload IPA
        uses: actions/upload-artifact@v4
        with:
          name: app-protected
          path: YourApp.ipa

Store your token securely

Add BYTEHIDE_TOKEN as a repository secret in GitHub: Settings > Secrets and variables > Actions > New repository secret.

GitLab CI

YAML
build_ios:
  stage: build
  tags:
    - macos
  variables:
    BYTEHIDE_TOKEN: $BYTEHIDE_TOKEN
  script:
    - pod install
    - xcodebuild archive
        -workspace YourApp.xcworkspace
        -scheme YourApp
        -configuration Release
        -archivePath YourApp.xcarchive
    - xcodebuild -exportArchive
        -archivePath YourApp.xcarchive
        -exportPath .
        -exportOptionsPlist ExportOptions.plist
  artifacts:
    paths:
      - YourApp.ipa

Add BYTEHIDE_TOKEN as a CI/CD variable in Settings > CI/CD > Variables.

Azure DevOps

YAML
trigger:
  - main

pool:
  vmImage: 'macos-latest'

steps:
  - script: |
      gem install cocoapods
      pod install
    displayName: 'Install CocoaPods'

  - script: |
      xcodebuild archive \
        -workspace YourApp.xcworkspace \
        -scheme YourApp \
        -configuration Release \
        -archivePath YourApp.xcarchive
    env:
      BYTEHIDE_TOKEN: $(BYTEHIDE_TOKEN)
    displayName: 'Build with Monitor'

Key Points

  • The BYTEHIDE_TOKEN must be available as an environment variable during the Xcode build. Alternatively, you can include the token in a monitor-config.json file in your project root
  • The token is validated and embedded at build time; no runtime environment variable is needed on the device
  • Store the token as a secret in your CI/CD platform. Never commit it to source control
  • Use macos runners for iOS builds (required for Xcode)
  • You should see ByteHide Monitor: Assembly signed successfully in the build output when the token is configured correctly
Previous
Swift Package Manager
Next
Cloud Configuration