search

microsoftconnect / ms-intune-app-sdk-android

Intune App SDK for Android enables data protection features and mobile app management via Microsoft Intune
45 stars 18 forks source link

[Question] How to force verification problems (so the tool can be integrated into CI pipeline)? #225

Closed sn-michiyo closed 7 months ago

sn-michiyo commented 7 months ago

Intune Android App SDK [Gradle Build Plugin] Issue

Questions to Ask Before Submission

  1. Does your app compile and launch successfully without the Intune App SDK? Yes
  2. Have you checked the [Microsoft Intune App SDK for Android] repository for similar issues? Yes
  3. Are you using the latest version of the [SDK and Plugin]? version 10.0.0 of both

Summary

Our app integrates the Android Intune SDK. We recently had a customer report runtime problems which we were not able to reproduce, but believe were caused by us mistakenly using the wrong version of javassist. We would like to be able to minimize the chances of this sort of issue reoccurring. After seeing the verification tool, I added it like this:

    apply plugin: 'com.microsoft.intune.mam'
    intunemam {
        verify = true
        report = true
    }

and to test, used an incompatible javassist version: 

        classpath "org.javassist:javassist:3.26.0-GA"
        classpath files("common/mam/intune/com.microsoft.intune.mam.build-10.0.0.jar")

However, I don't see any indication of there being a problem when I build. The build succeeded, and I looked at IntuneMAMBuildReport.html and didn't see anything.

Where/how would problems be exposed to us, and is an incompatible javassist version something that will be detected?

Details

Logs

I have not attached logs since due to company requirements I'd need to review/redact them first, and they're pretty massive. At this point I'm not even clear if what I'm trying to test is a supported scenario. Could you clarify if this problem (wrong javassist version) should be detected, and if so let me know which logs and sections of the log are relevant? If it's expected that verification doesn't notify about this, what can it detect?

meghandaly commented 7 months ago

@sn-michiyo For all future requests, please ensure the title is updated.

Regarding: "Where/how would problems be exposed to us, and is an incompatible javassist version something that will be detected?" The expectation is that you will verify the version when reviewing the dependency documentation.

sn-michiyo commented 7 months ago

@meghandaly We would like to use the verify functionality. Since runtime problems caused by javassist incompatibility is not detected by verify, can you advise on something that it does detect?

We need to force it to detect an issue to understand how problems will be made visible to us and integrate that into the CI pipeline.