Build Code job¶

The Build Code job installs Composer dependencies. You can extend this job to construct front-end theme dependencies. For more information, see Adding a before_script or after_script to a Code Studio job.

Validate Code Structure job¶

The Validate Code Structure job validates that your repository is following the best practices in terms of which files are committed or ignored.

This job is permitted to fail. However, failure to follow the best practices can result in unexpected outcomes during the rest of the pipeline. Notably, it can result in problems with your deployment artifact.

Manage Secrets job¶

The Manage Secrets job is responsible for SSH key management.

Test Drupal job¶

The Test Drupal job runs three types of tests. For each type, the tests run only if the defined conditions are met.

For an example, see drupal-recommended-project.

Static Application Security Testing (SAST) job(s)¶

The SAST jobs statically scan your code for security vulnerabilities. This may be one or more jobs depending on the types of files committed to your repository. For example:

• If PHP files are detected, jobs are scanned with phpcs-security-audit.
• If Ruby files are detected, jobs are scanned with brakeman.

For more examples, see Supported languages and frameworks

Secrets Detection job¶

The Secrets Detection job scans your code to confirm that you have not accidentally committed any secrets, such as login credentials, to your repository.

For more information, see Secret Detection.

If you enable the Test Drupal job, Code Studio sets up the Drupal site before it performs the tests. For more information about enabling the Drupal site setup during the pipeline, and choosing a setup strategy, see Selecting the Drupal setup strategy in Code Studio.

Deploy Branch to Acquia and Deploy Tag to Acquia jobs¶

The Deploy Branch to Acquia and Deploy Tag to Acquia jobs construct a build artifact that includes committed, contributed, and vendor directories. For example, it includes vendor and docroot/modules/contrib even if these directories are not committed to the source repository.

This job uses acli push:artifact to create the artifact.

Enabling deploy tags in Code Studio¶

To automate the tag creation process during deployment, set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT CI/CD job to true in your Code Studio project.

After you set this job to true, Code Studio automatically performs the following steps every time you create a tag in Code Studio:

1. Generates a deployment artifact
2. Tags the artifact
3. Pushes the tag to Cloud Platform
4. Deploys the tag to production

To configure this variable for all tags:

1. Modify the settings of your CI/CD variable ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT.
2. Do one of the following:
   • Clear the Protect variable checkbox.
   • Select the Protect variable checkbox and configure Code Studio to protect your tags automatically at https://code.acquia.com/help/user/project/protected_tags.md.

To automatically deploy tags to an environment other than production, set the ACQUIA_CLOUD_DESTINATION_ENVIRONMENT_ID CI/CD variable to be the environment ID of your target environment.

For more information about configuring continuous delivery in Code Studio, see How to implement real Continuous Delivery for Drupal on the Acquia Developer Portal.

Composer Update job¶

The Composer Update job runs composer update against your repository, and submits any changes in a merge request.

Deprecated Code Update job¶

The Deprecated Code Update job scans your custom code, such as custom modules and themes, for deprecated code. Using Drupal Rector, the job automatically replaces the deprecated code with updated, supported replacements. This is designed to preserve the same functionality, while removing any dependencies on deprecated functions, methods, classes, and so on.