Capstone 3 — ShopKit

Tagline: A minimalist in-app subscription marketplace with a paid Pro tier, secure Keychain-backed user accounts, a production-grade networking layer, and a GitHub Actions CI/CD pipeline that ships builds to TestFlight on every merge.

Tech stack: StoreKit 2 · Custom URLSession networking layer · Keychain · async/await · GitHub Actions · Fastlane

Time budget: ~2 weeks

What this capstone proves:

  • You can ship real money through Apple — StoreKit 2 subscriptions with a free trial, restore-purchases flow, server-side validation alternative (via App Store Server API)
  • You can build a production networking layer — typed errors, retry with exponential backoff, request/response logging, cert pinning, all from scratch
  • You can store credentials in Keychain the right way (accessibility flags, biometric gating)
  • You can wire a GitHub Actions pipeline that runs tests on PRs and ships to TestFlight on merge to main
  • You can survive Apple Review for in-app purchase — the highest-rejection-rate category

The 30-second pitch

“ShopKit is a subscription-based notes-meets-marketplace app where users can browse a catalog of articles and unlock the premium archive via a StoreKit 2 subscription with a 7-day free trial. I built the networking layer from scratch around URLSession + async/await with typed errors, request/response logging, retry/backoff, and TLS pinning. Auth tokens live in the Keychain gated by Face ID. CI/CD runs on GitHub Actions — every merge to main builds, tests, and pushes to TestFlight via Fastlane. The interesting engineering was the subscription state machine that handles the seven possible subscription states StoreKit 2 surfaces, including billing-retry grace periods and refunds, all in one @Observable SubscriptionStatus.”

Why this capstone

Subscription mechanics are the single hardest part of consumer iOS to get right and the most lucrative skill to be able to talk about. Combined with a real CI/CD pipeline and a well-designed networking layer, ShopKit covers three of the most common interview-deep-dive topics:

  • “Walk me through your StoreKit integration.”
  • “Show me your networking layer.”
  • “How do you handle CI/CD?”

Files

  1. requirements.md — feature list, user stories, acceptance criteria
  2. architecture.md — module layout, subscription state machine, ADRs
  3. implementation-guide.md — step-by-step build walkthrough
  4. hardening-checklist.md — production + security review
  5. interview-talking-points.md — pitch and Q&A

What “done” looks like

  • App live on App Store (not just TestFlight — this capstone is about going through Review)
  • A working purchase flow tested with sandbox accounts: subscribe, restore, cancel, refund
  • Networking layer documented and unit-tested
  • Keychain integration with biometric-gated read for the auth token
  • GitHub Actions pipeline visible (green badge in README)

Next: Requirements