The latest 2 releases of Needle were focused on providing features essential for its integration within a CI pipeline:
needle-cli.py) will now allow to completely script Needle.
These 2 features made it possible to create the PoC below, where needle has been integrated with Jenkins.
Connect a Jailbroken iDevice to the machine running Jenkins (either via USB or WiFi) and start the needle agent (see the Quick Start Guide for details)
Create a new Jenkins project:
First, run needle in non-interactive mode, specifying the output folder, the target app, and all the modules you want to have executed (see Non-Interactive mode on the Wiki for a full list of options):
As a quick PoC, the “
issues.db” database could be checked for the presence of vulnerabilities: if so, the build could be marked as a fail. Note that a more complex logic could be used to determine if the build should be failed.