The CodePush Server is a Node.js application that powers the CodePush Service. It allows users to deploy and manage over-the-air updates for their react-native applications in a self-hosted environment.
Please refer to react-native-code-push for instructions on how to onboard your application to CodePush.
The CodePush Server requires Azure Blob Storage to operate. For the local setup, there is an option to use emulated local storage with Azurite. Please follow Azurite official documentation to install and run it locally. Additionally, you need to specify EMULATED flag equals true in the environmental variables.
To run the CodePush Server locally, follow these steps:
- Clone the CodePush Service repository.
- Create a
.env
file and configure the mandatory variables as outlined in theENVIRONMENT.md
file. - Install dependencies by running
npm install
. - Build the server by running
npm run build
. - Start the server by running
npm run start:env
.
By default, local CodePush server runs on HTTP. To run CodePush Server on HTTPS:
- Create a
certs
directory and placecert.key
(private key) andcert.crt
(certificate) files there. - Set environment variable HTTPS to true.
Warning! When hosting CodePush on Azure App Service HTTPS is enabled by default.
For more detailed instructions and configuration options, please refer to the ENVIRONMENT.md file.
CodePush Server is designed to run as Azure App Service.
To deploy CodePush to Azure, an active Azure account and subscription are needed. For more information, follow Azure's official documentation. During the deployment process, the included bicep script will create bare minimum Azure services needed to run CodePush Server including:
- Service plan
- App Service
- Storage account
Additionally, for user authentication, a GitHub or Microsoft OAuth application is needed. More detailed instructions on how to set up one can be found in the section OAuth Apps.
NOTE Please be aware of project-suffix naming limitations for resources in Azure .
- Login to your Azure account:
az login
- Select subscription for deployment:
az account set --subscription <subscription-id>
- Create resource group for CodePush resources:
az group create --name <resource-group-name> --location <az-location eg. eastus>
- Deploy infrastructure with the next command:
az deployment group create --resource-group <resource-group-name> --template-file ./codepush-infrastructure.bicep --parameters project_suffix=<project-suffix> az_location=<az-location eg. eastus> github_client_id=<github-client-id> github_client_secret=<github-client-secret> microsoft_client_id=<microsoft-client-id> microsoft_client_secret=<microsoft-client-secret>
. OAuth parameters (both GitHub and Microsoft) are optional. It is possible to specify them after the deployment in environment settings of Azure WebApp. - Deploy CodePush to the Azure WebApp created during infrastructure deployment. Follow the Azure WebApp official documentation "Deployment and configuration" section for detailed instructions.
Warning! The created Azure Blob Storage has default access settings. This means that all users within the subscription can access the storage account tables. Adjusting the storage account access settings to ensure proper security is the responsibility of the owner.
In order for react-native-code-push to use your server, additional configuration value is needed.
in strings.xml
, add following line, replacing server-url
with your server.
<string moduleConfig="true" name="CodePushServerUrl">server-url</string>
in Info.plist
file, add following lines, replacing server-url
with your server.
<key>CodePushServerURL</key>
<string>server-url</string>
CodePush uses GitHub and Microsoft as identity providers, so for authentication purposes, you need to have an OAuth App registration for CodePush. Client id and client secret created during registration should be provided to the CodePush server in environment variables. Below are instructions on how to create OAuth App registrations.
- Go to https://github.com/settings/developers
- Click on
New OAuth App
Homepage URL
parameter will be the same as URL of your CodePush application on Azure -https://codepush-<project-suffix>.azurewebsites.net
(for local development it will be either http://localhost:3000 or https://localhost:8443)Authorization callback URL
will behttps://codepush-<project-suffix>.azurewebsites.net/auth/callback/github
(for local development it will be either http://localhost:3000/auth/callback/github or https://localhost:8443/auth/callback/github)
Both work and personal accounts use the same application for authentication. The only difference is property Supported account types
that is set when creating the app.
- Register an Azure Registered Application following official guideline
- For option
Supported account types
:- If you want to support both Personal and Work accounts, select
Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
- If you want to only support Work accounts, choose either
Accounts in this organizational directory only (<your directory> - Single tenant)
orAccounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant)
depending if you want to support Single or Multitenant authorization - If you want to only support Personal accounts, select
Personal Microsoft accounts only
- If you want to support both Personal and Work accounts, select
- Set up Redirect URI(s) depending on the choice you made for
Supported account types
. If you choose both Personal and Work accounts, you need to add both redirect URIs, otherwise just one of the ones:- Personal account:
https://codepush-<project-suffix>.azurewebsites.net/auth/callback/microsoft
(for local development it will be either http://localhost:3000/auth/callback/microsoft or https://localhost:8443/auth/callback/microsoft) - Work account:
https://codepush-<project-suffix>.azurewebsites.net/auth/callback/azure-ad
(for local development it will be http://localhost:3000/auth/callback/azure-ad or https://localhost:8443/auth/callback/azure-ad)
- Personal account:
- Generate secret following this official guideline
- Only letters are allowed.
- Maximum 15 characters.