Mobile CI/CD: Fastlane, Codemagic & Bitrise

CI/CD for Mobile Applications: Fastlane, Codemagic, Bitrise and GitHub Actions

Manual build and publication of a mobile application in 2025 is a source of errors and wasted time. Forgotten version bump, incorrect provisioning profile, test-flight build with debug logs in production — all are consequences of lack of automation.

Fastlane: Foundation of Automation

Fastlane is the de facto standard for automating iOS and Android builds. Fastfile describes lanes — sequences of actions. Typical iOS configuration:

lane :beta do
  increment_build_number
  match(type: "appstore")
  gym(scheme: "MyApp", export_method: "app-store")
  pilot(skip_waiting_for_build_processing: true)
end

match is the key to managing certificates and provisioning profiles. Stores them encrypted in a git repository, synchronizes between machines and CI. Alternative to manual management in Xcode, which breaks on every macOS update. Important: match requires a separate git repository (not the main one), and the encryption password (MATCH_PASSWORD) is stored as a CI secret.

For Android, Fastlane uses supply for publishing to Google Play and gradle action for building. Signing via keystore with environment variables — never commit keystore to the repository.

The main pain of Fastlane: Ruby environment. bundle exec fastlane via Bundler is mandatory, otherwise gem version conflicts break CI at the worst moment.

GitHub Actions for Mobile

GitHub Actions is suitable if the repository is already on GitHub. For iOS you need a macOS runner — runs-on: macos-14 (Apple Silicon). GitHub-hosted macOS runners exist, but they're slower and more expensive than Linux. Self-hosted Mac mini in the cloud (MacStadium, Hetzner) under Actions runner control — a more economical approach for high-frequency builds.

Typical iOS workflow:

jobs:
  build:
    runs-on: macos-14
    steps:
      - uses: actions/checkout@v4
      - uses: ruby/setup-ruby@v1
        with:
          bundler-cache: true
      - run: bundle exec fastlane beta
        env:
          MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
          APP_STORE_CONNECT_API_KEY_KEY: ${{ secrets.ASC_API_KEY }}

App Store Connect API Key instead of Apple ID + password is mandatory. Apple ID with 2FA doesn't work reliably on CI. API Key is created in App Store Connect → Users and Access → Keys.

Codemagic and Bitrise: Managed CI for Mobile

Codemagic specializes in Flutter and React Native but supports native iOS/Android. Killer feature — codemagic.yaml configuration and macOS M2 machines without additional setup. Code Signing is automated via UI: upload certificate and profile, Codemagic applies them. Convenient for teams without DevOps resources.

Bitrise is a more enterprise-oriented platform with a rich catalog of Steps (ready action blocks). There's a Step for Fastlane, XCTest, Gradle, Firebase App Distribution and dozens of other tools. Workflow Editor with visual interface lowers the barrier to entry.

Distribution: TestFlight, Firebase App Distribution, Diawi

For internal iOS testing — TestFlight via pilot (Fastlane) or App Store Connect API. For quick ad-hoc build distribution without TestFlight — Firebase App Distribution (iOS + Android) or Diawi.

Firebase App Distribution is convenient for Android: upload APK/AAB, specify tester emails, they receive a link. On iOS limited by ad-hoc profiles — device UDIDs need to be added manually, which is inconvenient for large tester groups.

Versioning and Tagging

Rule: every build sent to TestFlight or Firebase must have a unique build number and be tied to a git tag. agvtool or xcrun agvtool next-version -all in Fastlane via increment_build_number(xcodeproj:) with a number from CI build counter solves this automatically.

Timeline for setup: basic CI/CD pipeline with auto-build and delivery to TestFlight/Firebase — 3-5 days. Full automation with multiple environments (dev/staging/production), automatic testing, and git flow branching — 2-3 weeks.