Node.js Auto DevOps jobs

Code Studio defines the following default jobs: 

• Build stage
  • Build Code job
  • Manage Secrets job
• Test stage
  • NPM Audit job
  • NPM Check job
  • NPM ESLint job
  • NPM Test job
  • SAST (Static Application Security Testing) job(s)
  • Secrets Detection
• Deploy stage
  • Create artifact from branch and Create artifact from tag jobs
  • Enabling automatic deployment of tags in Code Studio

For a full list of the Node.js-optimized Auto DevOps jobs, see Node.js-optimized Auto DevOps jobs.

Build stage¶

Build Code job¶

The Build Code job installs dependencies through the npm install command. A package.json file must be present at the root of the project.

It is not necessary for the top-level directory of the project to be the root directory of the application that you want to build. For example, a repository might have a front-end directory that contains a standalone Node.js application. To specify the root directory, add the directory path to the extra.acquia.root_directory section in the package.json file of the root directory:

"extra": {       
 "acquia": {
   "root_directory": "front-end/"
 }
}

The output directory contains the results of a build. The contents of this directory are the assets that Cloud Platform uses for static site hosting.

To specify the output directory, add the directory path to the extra.acquia.output_directory section in the package.json file of the root directory. For example:

"extra": {       
 "acquia": {
   "output_directory": "assets/"
 }
}

By default, Code Studio excludes the following file patterns from the build artifact:

• .hg
• .git
• .gitmodules
• .svn
• .cache
• .eslintrc
• .now
• .vercel
• .npmignore
• .dockerignore
• .gitignore
• .*.swp
• .DS_Store
• .wafpicke-*
• .lock-wscript
• .env.local
• .env.*.local
• .venv
• npm-debug.log
• config.gypi
• node_modules
• __pycache__
• venv
• CVS

You can extend this job to run other necessary build commands. For more information, see Adding a before_script or after_script to a Code Studio job.

Manage Secrets job¶

The Manage Secrets job is responsible for SSH key management.

Test stage¶

NPM Audit job¶

The NPM Audit job audits package dependencies for security vulnerabilities. For more information, see the npmjs documentation.

To disable the job, add the NODE_JOBS_AUDIT environment variable in Code Studio and set it to false. For more information, see Adding environment variables.

NPM Check job¶

The NPM Check job assesses outdated, incorrect, and unused dependencies. For more information, see the documentation for the npm-check package.

To disable the job, add the NPM_JOBS_CHECK environment variable in Code Studio and set it to false. For more information, see Adding environment variables.

NPM ESLint job¶

The NPM ESLint job performs a static analysis of the code by using ESLint. If the root directory of the project already contains a .eslintrc file, Code Studio uses this file to determine the ESLint rules. Otherwise, Code Studio uses the default ESLint settings that adhere to the Standard.js rules.

To disable the job, add the NODE_JOBS_ESLINT environment variable in Code Studio and set it to false. For more information, see Adding environment variables.

NPM Test job¶

The NPM Test job runs the predefined test commands. By default, this job is disabled. A predefined command must be specified in the test property of the scripts object of a package. For more information, see the npmjs documentation.

To enable the job, add the NODE_TASKS_TEST environment variable in Code Studio and set it to true. For more information, see Adding environment variables.

Static Application Security Testing (SAST) jobs¶

One or more SAST jobs perform a static scan of your code for security vulnerabilities.The number of jobs depends on the types of files committed to your repository. SAST results are saved as job artifacts. To access the SAST results within your Code Studio project, navigate to Build > Artifacts in the navigation bar.

For more information, see Static Application Security Testing (SAST).

Secrets Detection job¶

The Secrets Detection job scans your code to ensure that you did not commit secrets, such as login credentials, to your repository. To access the results within your Code Studio project, navigate to Build > Artifacts in the navigation bar. For more information, see Secret Detection.

Deploy stage¶

Create artifact from branch and Create artifact from tag jobs¶

Create artifact from branch and Create artifact from tag jobs push the build artifact to Cloud Platform. You can deploy build artifacts to a Cloud Platform environment. For more information, see Deploying build artifacts in your Node.js environment.

Enabling automatic deployment of tags in Code Studio¶

To automate the deployment of tags to your production environment during the Deploy stage, set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT environment variable to true in your Code Studio project. For more information, see Adding environment variables.

After you set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT environment variable to true, Code Studio performs the following steps every time you create a tag in Code Studio:

1. Generates a build artifact
2. Tags the artifact using the naming convention <tag>-codestudio-build
3. Pushes the tag to Cloud Platform
4. Deploys the tag to production

To automatically deploy tags to an environment other than production, set the ACQUIA_CLOUD_DESTINATION_ENVIRONMENT_ID environment variable to the environment ID of your target environment.

For more information about configuring continuous delivery in Code Studio, see How to implement real Continuous Delivery for Drupal on Acquia Developer Portal.

Node.js-optimized Auto DevOps jobs¶

For information about the Node.js Auto DevOps pipeline, see Node.js Auto DevOps pipeline steps.