Solved: Mobile app instrumentation with obfuscation

DamianG · ‎11 Mar 2024

Hi everyone,

In going to perform the instrumentation of our Mobile App, but, before of that, I would like to have some information about the following topics:

a) If an app is obfuscated (with DexGuard) but not instrumented with Dynatrace, is it possible to add Dynatrace instrumentation in the future? I mean, with a new release of the App (including obfuscation)?

b) Is it possible to have, at the same time, two different versions of the app, one instrumented and the other one not? This would be the scenario:

App Mobile obfuscated and not instrumented, published in the marketplace.
App Mobile not obfuscated but instrumented, not published in the marketplace. This will be only available internally, but linked to the same PROD environment.

Many thanks in advance.

paul_kapeller · ‎11 Mar 2024

hi!
Not sure if I fully understand what you want to achieve.

In general, mobile monitoring with Dynatrace (and also other tools) requires you to add the agent in build-time. So ship the app together with the agent. It's on you to decide if and how you obfuscate your app code. Our monitoring works either way.

Documentation: https://docs.dynatrace.com/docs/platform-modules/digital-experience/mobile-applications

Deobfuscation is used to make crash stack traces readable to users of Dynatrace. This is an offered feature as many apps are published with obfuscated code. Here, we rely on mapping files you need to upload to your Dynatrace environment. Documentation: https://docs.dynatrace.com/docs/platform-modules/digital-experience/mobile-applications/analyze-and-...

Thomas_Wirth1 · ‎11 Mar 2024

Hey DamianG,

@DamianG wrote:
a) If an app is obfuscated (with DexGuard) but not instrumented with Dynatrace, is it possible to add Dynatrace instrumentation in the future? I mean, with a new release of the App (including obfuscation)?

Yes. Rules for obfuscation and optimizations are published as part of the AAR file and will be automatically included in the R8/ProGuard/DexGuard obfuscation step.

@DamianG wrote:
b) Is it possible to have, at the same time, two different versions of the app, one instrumented and the other one not? This would be the scenario:
App Mobile obfuscated and not instrumented, published in the marketplace.
App Mobile not obfuscated but instrumented, not published in the marketplace. This will be only available internally, but linked to the same PROD environment.

Yes, it is possible to have different versions of the application. The Android Gradle plugin allows you to specify different variants for the same application (see documentation), like debug and release. This feature is supported by Dynatrace and it is also possible to deactivate monitoring for specific variants (as described in scenario 1). You find more information about the setup steps on this documentation page.

DamianG · ‎11 Mar 2024

Thank you!

Regarding my a) question and your reply:do I have to de-obfuscate the Mobile App to add the Dynatrace instrumentation or is it possible with the app obfuscated? Based on the documentation, and from my understanting, I have follow the next steps: deobfustace --> instrument --> obfuscate.

Am I right?

Regards,

Damián

Thomas_Wirth1 · ‎11 Mar 2024

The Dynatrace Android Gradle plugin modifies the Android build and adds the instrumentation step after the compilation step and before the obfuscation step. Similar to obfuscation, the app will be automatically instrumented everytime you trigger the build.

DamianG · ‎11 Mar 2024

Thank you for the information!