Code Studio defines the following default jobs:
For a full list of the Node.js-optimized Auto DevOps jobs, see Node.js-optimized Auto DevOps jobs.
The Build Code job installs dependencies through the npm install
command. A package.json
file must be present at the root of the project.
It is not necessary for the top-level directory of the project to be the root directory of the application that you want to build. For example, a repository might have a front-end directory that contains a standalone Node.js application. To specify the root directory, add the directory path to the extra.acquia.root_directory
section in the package.json
file of the root directory:
"extra": {
"acquia": {
"root_directory": "front-end/"
}
}
The default root directory is <project_root>/
.
The output directory contains the results of a build. The contents of this directory are the assets that Cloud Platform uses for static site hosting.
To specify the output directory, add the directory path to the extra.acquia.output_directory
section in the package.json
file of the root directory. For example:
"extra": {
"acquia": {
"output_directory": "assets/"
}
}
The default output directory is <project_root>/.next/
.
By default, Code Studio excludes the following file patterns from the build artifact:
.hg
.git
.gitmodules
.svn
.cache
.eslintrc
.now
.vercel
.npmignore
.dockerignore
.gitignore
.*.swp
.DS_Store
.wafpicke-*
.lock-wscript
.env.local
.env.*.local
.venv
npm-debug.log
config.gypi
node_modules
__pycache__
venv
CVS
You can extend this job to run other necessary build commands. For more information, see Adding a before_script or after_script to a Code Studio job.
The Manage Secrets job is responsible for SSH key management.
The NPM Audit job audits package dependencies for security vulnerabilities. For more information, see the npmjs documentation.
To disable the job, add the NODE_JOBS_AUDIT
environment variable in Code Studio and set it to false
. For more information, see Adding environment variables.
The NPM Check job assesses outdated, incorrect, and unused dependencies. For more information, see the documentation for the npm-check package.
To disable the job, add the NPM_JOBS_CHECK
environment variable in Code Studio and set it to false
. For more information, see Adding environment variables.
The NPM ESLint job performs a static analysis of the code by using ESLint. If the root directory of the project already contains a .eslintrc
file, Code Studio uses this file to determine the ESLint rules. Otherwise, Code Studio uses the default ESLint settings that adhere to the Standard.js rules.
To disable the job, add the NODE_JOBS_ESLINT
environment variable in Code Studio and set it to false
. For more information, see Adding environment variables.
The NPM Test job runs the predefined test commands. By default, this job is disabled. A predefined command must be specified in the test
property of the scripts
object of a package. For more information, see the npmjs documentation.
To enable the job, add the NODE_TASKS_TEST
environment variable in Code Studio and set it to true
. For more information, see Adding environment variables.
One or more SAST jobs perform a static scan of your code for security vulnerabilities.The number of jobs depends on the types of files committed to your repository. SAST results are saved as job artifacts. To access the SAST results within your Code Studio project, navigate to Build > Artifacts in the navigation bar.
For more information, see Static Application Security Testing (SAST).
The Secrets Detection job scans your code to ensure that you did not commit secrets, such as login credentials, to your repository. To access the results within your Code Studio project, navigate to Build > Artifacts in the navigation bar. For more information, see Secret Detection.
Create artifact from branch and Create artifact from tag jobs push the build artifact to Cloud Platform. You can deploy build artifacts to a Cloud Platform environment. For more information, see Deploying build artifacts in your Node.js environment.
Code Studio generates build artifacts using the following naming conventions:
<branch>-codestudio-build
or <tag>-codestudio-build
To automate the deployment of tags to your production environment during the Deploy stage, set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT
environment variable to true
in your Code Studio project. For more information, see Adding environment variables.
After you set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT
environment variable to true
, Code Studio performs the following steps every time you create a tag in Code Studio:
<tag>-codestudio-build
To automatically deploy tags to an environment other than production, set the ACQUIA_CLOUD_DESTINATION_ENVIRONMENT_ID
environment variable to the environment ID of your target environment.
For more information about configuring continuous delivery in Code Studio, see How to implement real Continuous Delivery for Drupal on Acquia Developer Portal.
Build | Test | Deploy |
---|---|---|
Build Code | NPM Audit | Create artifact from branch |
Manage Secrets | NPM Check | Create artifact from tag |
NPM ESLint |
| |
NPM Test |
| |
nodejs-scan-sast | ||
phpcs-security-audit-sast | ||
secret_detection | ||
semgrep-sast |
For information about the Node.js Auto DevOps pipeline, see Node.js Auto DevOps pipeline steps.
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Thu Nov 28 2024 09:56:28 GMT+0000 (Coordinated Universal Time)