restcomm-android-sdk icon indicating copy to clipboard operation
restcomm-android-sdk copied to clipboard

Published 20 hours ago verified publisher icon RestComm

Final touches on SDK for Release Candidate 1

Open atsakiridis opened this issue 8 years ago • 0 comments

Review all aspects of the SDK and make sure it is GA quality. Some things to check:

  • SDK is super secure + safe to use and generally that SDK & sample Apps convey best practices in terms of security and make it very hard for users to make mistakes:
    • Review any sensitive data storage and make sure it's sound. We need to make sure that no data are stored in the App we ship (as they are available to any downloaders + potential hackers) and if they are it's 'impossible' to figure out. See if we need to improve storage for secondary credentials like ice servers. Consider using Keystore. Interesting resources here and here
    • Check CI facilities and the way we convey secure data from configuration -> App and make sure there are no holes there
    • See if we can get some assistance from server side for organization + storage of sensitive data.
    • Make sure that sensitive info isn't logged
    • Make sure that both media + signaling plain are encrypted by default. For webrtc we 're good as it's per design, need to check for signaling too. Still allow for cleartext to aid in troubleshooting
  • CI/CD facilities are complete and 100% functional from our CI
  • UI/Integration/Unit testing are complete with 100% passing tests, also automated testing in real devices (using external service like Amazon farm) would be great.
  • Interoperability testing between Android + Web SDKs. Make sure that all combinations of calls and messages are good
  • Documentation is up to date and with some improvements so that it is easier to read (also all documentation should reside in this repo, not Restcomm-Connect):
    • Reference Documentation
    • Quick start guide: we need some work here to make it more readable and also reflect the fact that now everything is distributed via Maven dependencies. So for example we can avoid telling developers to download the bundle and directly clone, or even less.
    • User guide for Olympus
  • Olympus App and Hello World sample app both functional. We can't afford maintaining UI tests for those at this point, so we need to manually test on each release
  • Libraries in RC should all be release type and as lightweight as possible
  • All dependencies are stored in Sonatype or Artifactory. The Apps should have no local dependencies.
  • Logs should be clear and readable

Also do a round of very thorough testing:

  • Do some more testing on Push Notifications functionality + integrations with Android Contacts + Calls as they aren't tested enough as far as I know
  • Test UI/UX aspects to fix any left overs that might have slipped our attention.
  • Manually test interoperability in various types of calls within Android Olympus:
    • Video -> Video
    • Video -> Audio
    • Audio -> Video
    • Audio -> Audio
  • Manually test interoperability between Android, iOS and Web Olympus

atsakiridis avatar Feb 16 '17 09:02 atsakiridis