Accelerate Protected Mobile Apps with Baseline Profiles

Discover how to effectively enhance Android app performance by customizing your app with Baseline Profile in a mobile CI/CD environment using Appdome’s Data-Driven DevSecOps™ build system.

What is the Baseline Profile Optimization Feature?

Appdome’s integration with Baseline Profile enables Android developers to enhance application performance through Ahead-of-Time (AOT) compilation by optimizing specified code paths. The Baseline Profile consists of a .txt file that lists methods and their respective “hotness” levels, determined by various flags. Developers create this file using Android Studio, which then compiles it into a .prof file—an index of methods within the application’s DEX files. Additionally, a .profm file is used to make it compatible with different versions of the Android Runtime (ART).

When Appdome protections are applied, the original DEX files are modified, rendering the existing .prof file inaccurate as it no longer corresponds to the methods listed in the .txt file. Appdome addresses this by regenerating the .prof file according to the protected APK, ensuring that performance enhancements remain effective after security measures are implemented.

How Does Appdome Protect Mobile Apps with Baseline Profile Optimization?

Appdome provides the option to upload profile.txt files via the –baseline_profile switch. Once uploaded, Appdome regenerates the baseline.prof file to align with the protected app and replaces the original .prof file. This process ensures that the performance optimizations are preserved even after security protections are applied.

The feature can be implemented through Appdome’s API to facilitate seamless integration and customization within CI/CD pipelines. It ensures that Baseline Profile management is dynamic and aligned with each new build from Android Studio.

For detailed guidance on how to upload and integrate your Baseline Profile via Appdome’s API, please refer to the Appdome API documentation.

Prerequisites for Using App Customization with Baseline Profile:

To use Appdome’s mobile app security build system to Customize an App with a Baseline Profile, you’ll need the following:

• Appdome account (create a free Appdome account here)
• A license for ONEShield™ – Accelerate Protected App with Baseline Profiles
• Mobile App (.apk or .aab for Android)

Steps to Integrate Baseline Profile:

1. Designate the mobile app to be protected.
   1.1 Upload a mobile app via the Appdome Mobile Defense platform GUI or via Appdome’s DEV-API or CI/CD Plugins.
   1.2 Android Formats: .apk or .aab / iOS Formats: .ipa
   1.3 Accelerate Protected App with Baseline Profiles is compatible with Java, JS, C++, C#, Kotlin, Flutter, React Native, Unity, Xamarin, Cordova, and other Android apps.

2. Select the defense: Accelerate Protected App with Baseline Profiles.
   2.1. Create and name the Fusion Set (security template) that will contain the Accelerate Protected App with Baseline Profiles feature as shown below:

   

   Figure 1: Fusion Set that will contain the App Customization with Baseline Profile feature
   Note: Naming the Fusion Set to correspond to the protection(s) selected is for illustration purposes only (not required).
   

   2.1.1. Follow the steps in Sections 2.2-2.2.2 of this article to add the App Customization with Baseline Profile feature to your Fusion Set via the Appdome Console.

   2.1.2. When you select the App Customization with Baseline Profile feature, you’ll notice that the Fusion Set you created in step 2.1.1 now bears the icon of the protection category that contains the App Customization with Baseline Profile feature.
   

   Figure 2: Fusion Set that displays the newly added Accelerate Protected App with Baseline Profiles protection.
   Note: Annotating the Fusion Set to identify the protection(s) selected is optional only (not mandatory).
   2.1.3. Open the Fusion Set Detail Summary by clicking the “…” symbol on the far-right corner of the Fusion Set. Copy the Fusion Set ID from the Fusion Set Detail Summary (as shown below):

   Note: This is crucial, as you will need it to make the API call.
   

   2.1.4 Follow the instructions below to use the Fusion Set ID inside any standard mobile DevOps or CI/CD toolkit like Bitrise, Jenkins, Travis, Team City, Circle CI, or other systems:
   2.1.4.1 Refer to the Appdome API Reference Guide for API building instructions.
   2.1.4.2 Check Appdome’s GitHub Repository for sample APIs.

   2.2. Add the Accelerate Protected App with Baseline Profiles feature to your security template.
   2.2.1. Navigate to Build > Security tab > ONEShield™ section in the Appdome Console.

   2.2.2. Upload a Baseline Profile file.

   

   2.3. Initiate the build command either by clicking Build My App at the bottom of the Build Workflow or via your CI/CD as described in Section 2.1.4.

Setup your API call

1. Copy your App ID
   
2. Prepare to make a POST request to the appropriate Appdome API endpoint.
3. Refer to the image provided for the correct parameter setup:
   
4. Configure the API Parameters:
   • app_id: The unique identifier for your app obtained from the upload response.
   • fusion_set_id: The Fusion Set ID you copied earlier.
   • action: Set this to “fuse” to initiate the integration process.
5. Baseline_profile: Attach the profiles.zip file containing your Baseline Profile.
6. Send the API Request
7. Appdome’s system will process the Baseline Profile along with your specified Fusion Set and apply the necessary configurations to your app.
8. Verify the Integration

After the API call, you can verify the integration by checking the build status on the Appdome platform. Ensure that the Baseline Profile has been correctly applied as per your configuration.

After successfully integrating the Baseline Profile using the API, your Android app will benefit from optimized performance through enhanced specific code paths. This integration not only improves app performance but also maintains the efficacy of Appdome’s security measures.

This streamlined process simplifies the integration of performance optimization features without the need for manual adjustments in the Fusion Set, allowing for greater flexibility and efficiency in your CI/CD pipeline.

Related Articles:

• ONEShield™ No-Code Mobile RASP Explained
• Appdome API Recipe- Build an App/SDK
• Appdome API Recipe- Build an App/SDK for Testing

How Do I Learn More?

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.