AutoDevOps jobs¶

Code Studio defines the following default jobs:

Build Drupal stage
Test Drupal stage
Deploy Drupal stage
- (merge requests only) Create Acquia CDE job
- (merge requests only) Delete Acquia CDE job
- (branches only) Deploy Branch to Acquia job
- (tags only) Deploy Tag to Acquia job
Automatic Updates stage
- Composer Update job
- Deprecated Code Update job

For a full list of the Drupal-optimized AutoDevOps jobs, see Drupal-optimized AutoDevOps jobs.

Build Drupal stage¶

Build Code job¶

The Build Code job installs Composer dependencies. You can extend this job to construct front-end theme dependencies. For more information, see Adding a before_script or after_script to a Code Studio job.

Validate Code Structure job¶

The Validate Code Structure job validates that your repository is following the best practices in terms of which files are committed or ignored.

This job is permitted to fail. However, failure to follow the best practices can result in unexpected outcomes during the rest of the pipeline. Notably, it can result in problems with your deployment artifact.

Manage Secrets job¶

The Manage Secrets job is responsible for SSH key management.

Test Drupal stage¶

BLT Test Drupal job¶

The BLT Test Drupal job runs only if acquia/blt is installed through Composer and a blt/blt.yml file is committed to your repository.

This job runs blt validate and blt test.

Test Drupal job¶

The Test Drupal job runs three types of tests. For each type, the tests run only if the defined conditions are met.

Test Name	Purpose	Conditions	To enable:
PHP Code Sniffer	Validates that your custom code follows the established Drupal coding standards.	Your application has `squizlabs/php_codesniffer` in the root composer.json `require` or `require-dev` array. Your root directory contains `phpcs.xml` or `phpcs.xml.dist`.	Run `composer require --dev squizlabs/php_codesniffer` Copy phpcs.xml.dist to your repository root.
PHP Stan	Validates that your custom code does not rely on deprecated functions or services.	Your application has `phpstan/phpstan-deprecation-rules` and `drupal/core-dev` in the root composer.json `require` or `require-dev` array. Your root directory contains `phpstan.neon.dist`.	Run `composer require --dev phpstan/phpstan-deprecation-rules drupal/core-dev` Copy phpstan.neon.dist to your repository root.
PHPUnit	Validates that your custom unit tests pass.	Your application has `phpunit/phpunit` and `drupal/core-dev` in the root composer.json `require` or `require-dev` array. Your root directory contains `phpunit.xml.dist`.	Run `composer require --dev phpunit/phpunit drupal/core-dev`. Copy phpunit.xml.dist to your repository root.

For an example, see drupal-recommended-project.

Static Application Security Testing (SAST) job(s)¶

The SAST jobs statically scan your code for security vulnerabilities. This may be one or more jobs depending on the types of files committed to your repository. For example:

If PHP files are detected, jobs are scanned with phpcs-security-audit.
If Ruby files are detected, jobs are scanned with brakeman.

For more examples, see Supported languages and frameworks

Secrets Detection job¶

The Secrets Detection job scans your code to confirm that you have not accidentally committed any secrets, such as login credentials, to your repository.

For more information, see Secret Detection.

Deploy Drupal stage¶

Deploy Branch to Acquia & Deploy Tag to Acquia jobs¶

The Deploy Branch to Acquia and Deploy Tag to Acquia jobs construct a build artifact that includes committed, contributed, and vendor directories. For example, it includes vendor and docroot/modules/contrib even if these directories are not committed to the source repository.

This job uses acli push:artifact to create the artifact, unless BLT is present.

If BLT is present, this job uses blt deploy to create the artifact.

Enabling deploy tags in Code Studio

To automate the tag creation process during deployment, set the ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT CI/CD job to true in your Code Studio project.

After you set this job to true, Code Studio automatically performs the following steps every time you create a tag in Code Studio:

Generates a deployment artifact
Tags the artifact
Pushes the tag to Cloud Platform
Deploys the tag to production

To configure this variable for all tags:

Modify the settings of your CI/CD variable ACQUIA_JOBS_DEPLOY_TAG_ARTIFACT.
Do one of the following:
- Clear the Protect variable checkbox.
- Select the Protect variable checkbox and configure Code Studio to protect your tags automatically at https://code.acquia.com/help/user/project/protected_tags.md.

To automatically deploy tags to an environment other than production, set the ACQUIA_CLOUD_DESTINATION_ENVIRONMENT_ID CI/CD variable to be the environment ID of your target environment.

For more information about configuring continuous delivery in Code Studio, see How to implement real Continuous Delivery for Drupal on the Acquia Developer Portal.

Automatic Updates stage¶

Composer Update job¶

The Composer Update job runs composer update against your repository, and submits any changes in a merge request.

Deprecated Code Update job¶

The Deprecated Code Update job scans your custom code, such as custom modules and themes, for deprecated code. Using Drupal Rector, the job automatically replaces the deprecated code with updated, supported replacements. This is designed to preserve the same functionality, while removing any dependencies on deprecated functions, methods, classes, and so on.

Drupal-optimized AutoDevOps jobs¶

Build Drupal	Test Drupal	Automatic Updates	Deploy Drupal
Build code	Test Drupal	Composer update	Create artifact from branch
Validate code	sast	Drush update	Create artifact from tag
	bandit-sast	Deprecated code update	Create Acquia CDE
	brakeman-sast		Delete Acquia CDE
	eslint-sast
	flawfinder-sast
	kubsec-sast
	gosec-sast
	mobsf-android-sast
	mobsf-ios-sast
	nodejs-scan-sast
	phpcs-security-audit
	pmd-apex-sast
	security-code-scan
	semgrep-sast
	sobelow-sast
	spotbugs-sast
	secret_detection
	code_quality