Information for: DEVELOPERS   PARTNERS   SUPPORT

AutoDevOps jobs

Code Studio defines the following default jobs:

For a full list of the Drupal-optimized AutoDevOps jobs, see Drupal-optimized AutoDevOps jobs.

Build Drupal stage

Build Code job

The Build Code job installs Composer dependencies. You can extend this job to construct front-end theme dependencies. For more information, see Adding a before_script or after_script to a Code Studio job.

Validate Code Structure job

The Validate Code Structure job validates that your repository is following the best practices in terms of which files are committed or ignored.

This job is permitted to fail. However, failure to follow the best practices can result in unexpected outcomes during the rest of the pipeline. Notably, it can result in problems with your deployment artifact.

Manage Secrets job

The Manage Secrets job is responsible for SSH key management.

Test Drupal stage

BLT Test Drupal job

The BLT Test Drupal job runs only if acquia/blt is installed through Composer and a blt/blt.yml file is committed to your repository.

This job runs blt validate and blt test.

Test Drupal job

The Test Drupal job runs three types of tests. For each type, the tests run only if the defined conditions are met.

Test Name Purpose Conditions To enable:
PHP Code Sniffer Validates that your custom code follows the established Drupal coding standards.
  • Your application has squizlabs/php_codesniffer in the root composer.json require or require-dev array.
  • Your root directory contains phpcs.xml or phpcs.xml.dist.
  1. Run composer require --dev squizlabs/php_codesniffer
  2. Copy https://github.com/acquia/drupal-recommended-project/blob/master/phpcs.xml.dist to your repository root.
PHP Stan Validates that your custom code does not rely on deprecated functions or services.
  • Your application has phpstan/phpstan-deprecation-rules in the root composer.json require or require-dev array.
  • Your root directory contains phpstan.neon.dist.
  1. Run composer require --dev phpstan/phpstan-deprecation-rules
  2. Copy https://github.com/acquia/drupal-recommended-project/blob/master/phpstan.neon.dist to your repository root.
PHPUnit Validates that your custom unit tests pass.
  • Your application has phpunit/phpunit in the root composer.json require or require-dev array.
  • Your root directory contains phpunit.xml or phpunit.xml.dist.
  1. Run composer require --dev phpunit/phpunit
  2. Copy https://github.com/acquia/drupal-recommended-project/blob/master/phpunit.xml.dist to your repository root.

For an example, see https://github.com/acquia/drupal-recommended-project.

Static Application Security Testing (SAST) job(s)

The SAST jobs statically scan your code for security vulnerabilities. This may be one or more jobs depending on the types of files committed to your repository. For example:

  • If PHP files are detected, jobs are scanned with phpcs-security-audit.
  • If Ruby files are detected, jobs are scanned with brakeman.

For more examples, see Supported languages and frameworks

Secrets Detection job

The Secrets Detection job scans your code to confirm that you have not accidentally committed any secrets, such as login credentials, to your repository.

For more information, see Secret Detection.

Deploy Drupal stage

Deploy Branch to Acquia & Deploy Tag to Acquia jobs

The Deploy Branch to Acquia and Deploy Tag to Acquia jobs construct a build artifact that includes committed, contributed, and vendor directories. For example, it includes vendor and docroot/modules/contrib even if these directories are not committed to the source repository.

This job uses acli push:artifact to create the artifact, unless BLT is present.

If BLT is present, this job uses blt deploy to create the artifact.

Enabling deploy tags in Code Studio

To automate the tag creation process during deployment, set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT CI/CD job to true in your Code Studio project.

After you set this job to true, Code Studio automatically performs the following steps every time you create a tag in Code Studio:

  1. Generates a deployment artifact
  2. Tags the artifact
  3. Pushes the tag to Cloud Platform
  4. Deploys the tag to production

To configure this variable for all tags:

  1. Modify the settings of your CI/CD variable ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT.
  2. Do one of the following:

To automatically deploy tags to an environment other than production, set the ACQUIA_CLOUD_DESTINATION_ENVIRONMENT_ID CI/CD variable to be the environment ID of your target environment.

For more information about configuring continuous delivery in Code Studio, see How to implement real Continuous Delivery for Drupal on the Acquia Developer Portal.

Automatic Updates stage

Composer Update job

The Composer Update job runs composer update against your repository, and submits any changes in a merge request.

Deprecated Code Update job

The Deprecated Code Update job scans your custom code, such as custom modules and themes, for deprecated code. Using Drupal Rector, the job automatically replaces the deprecated code with updated, supported replacements. This is designed to preserve the same functionality, while removing any dependencies on deprecated functions, methods, classes, and so on.

Drupal-optimized AutoDevOps jobs

Build Drupal Test Drupal Automatic Updates Deploy Drupal
Build code Test Drupal Composer update Create artifact from branch
Validate code sast Drush update Create artifact from tag

bandit-sast Deprecated code update Create Acquia CDE

brakeman-sast

Delete Acquia CDE

eslint-sast



flawfinder-sast


  kubsec-sast



gosec-sast



mobsf-android-sast



mobsf-ios-sast



nodejs-scan-sast



phpcs-security-audit



pmd-apex-sast



security-code-scan



semgrep-sast



sobelow-sast



spotbugs-sast



secret_detection



code_quality