Quality Gate Profiles: Automated Governance

A Quality Gate is the ultimate guardian of your codebase. It is a set of Boolean "Pass/Fail" conditions that every scan must satisfy. By integrating these gates with your SCM, you can automate your "Go/No-Go" decisions for every Pull Request.

Understanding Gate Parameters

Quality Gates are split into two categories: Overall Code (long-term health) and New Code (immediate protection against regressions).

Overall Code Thresholds

These metrics monitor the entire state of your repository. Use these to track long-term technical debt reduction.

Parameter	Rule	Recommended Value	Description
Critical Hotspots	Less than	1	High-risk files requiring immediate refactoring.
Critical Code Issues	Less than	1	High-severity bugs or security vulnerabilities.
Percentage Duplication	Less than	5%	The limit for cloned or redundant code blocks.
Overall Rating	Greater than	4.0	The combined health score across all dimensions.
Percentage Coverage	Greater than	80%	Total unit test coverage for the repository.

New Code Thresholds (Delta)

The Delta Scan is the most powerful tool for PR workflows. It ensures that even if you have legacy debt, you never introduce new issues.

Parameter	Rule	Recommended Value	Description
Percentage Coverage	Greater than	90%	Ensures all new code is rigorously tested.

Blocking Pull Request Merges

BrowserStack Code Quality can act as a Status Check for your SCM (GitHub, GitLab, Bitbucket, Azure DevOps). If a scan fails the gate, the "Pass" signal is not sent, alerting the team that the code is not ready for merge.

IMPORTANT

Mandatory SCM Configuration
To physically block a developer from clicking the "Merge" button, you must enable "Branch Protection Rules" (or "Merge Checks") within your SCM settings (e.g., GitHub Settings > Branches > Add Rule).

While BrowserStack will report a FAIL status automatically, the "Block" functionality is enforced by your SCM. Without this SCM setting, the PR will show a red warning, but merging will still be technically possible.

Gate Status Examples

PASS Scenario

All thresholds satisfied
SCM receives green checkmark
Merge button enabled
Deployment pipeline proceeds

FAIL Scenario

One or more violations detected
SCM receives failure status
Merge blocked (if branch protection enabled)
Developer must remediate before proceeding

Setup & Assignment

Step 1: Create Quality Gate Profile

Navigate: Go to Admin → Quality Gate Profiles
Create: Click New Profile and enter the rules from the tables above
Name: Use descriptive names (e.g., "Production_PR_Gate", "Development_Gate")
Save: Activate the profile immediately

Step 2: Repository Assignment

Navigate: Go to your target repository
Access Settings: Click Repository Context Menu (⋯)
Configure: Select Quality Gate Settings
Assign: Choose your desired profile from the dropdown
Apply: Confirm the assignment

Integrating Quality Gates into CI/CD

The Quality Gate check allows you to enforce a hard "Pass/Fail" threshold on your build process. If the code quality results do not meet your defined profile, the build will exit with an error, preventing compromised code from advancing.

👉 Complete CI/CD setup examples: CI/CD Integration Guide

Option 1: The `-qg` Flag (Recommended)

The simplest way to enforce a gate is to pass the -qg (or --quality-gate-status) flag directly to the CLI scanner analyse command.

How it works: The scanner will perform the analysis, wait for the results to be published to the server, and then check the gate status. If the gate fails, the scanner exits with a non-zero code, automatically failing your Jenkins, GitHub Action, or GitLab pipeline.

bash

./browserstack-codequality-scanner/bin/embold-scanner analyse \
  -u $EMBOLD_URL \
  -t $EMBOLD_TOKEN \
  -r $EMBOLD_REPO_UID \
  -c repository-configuration.json \
  -qg

👉 Get your credentials: Access Tokens | Repository UID

Option 2: The Quality Gate API (Alternative)

If your workflow requires separating the analysis from the gate check (e.g., you want to run other tests while the scan is processing), you can query the REST API independently:

bash

curl -X GET \
  "https://demo.embold.io/api/v1/repositories/{REPO_UID}/qualitygateprofiles/status" \
  -H "Authorization: Bearer $EMBOLD_TOKEN" | jq '.status'

Status Interpretation

✅ PASSED: The build meets all quality thresholds. Pipeline continues to deployment.
❌ FAILED: The build has breached a threshold. Your script should be configured to fail the build stage immediately.

Quality Gate Setup & Management

️ Projects & Repositories - Create projects and find Repository UID

CI/CD Integration

CI/CD Integration Guide - Complete pipeline setup with Quality Gates
CLI Scanner - Command-line analysis with -qg flag
GitHub Actions - Native plugin with Quality Gate support
GitLab CI - GitLab CI/CD with automated gate checking

Authentication & Access

Access Tokens - Generate tokens for API authentication
User Roles & Permissions - RBAC for Quality Gate management

Development Workflows

Gated Commits - Prevent poor code quality in Git workflows
Commit Workflows - Quality checks in development process
Analysis & Scanning - Code analysis workflows and gate integration
DevOps Workflows - Complete development lifecycle with quality governance

Branch Protection & SCM Setup

️ GitHub Branch Protection - External GitHub guide
GitLab Merge Request Rules - External GitLab guide

Was this page helpful?

Quality Gate Profiles: Automated Governance ​

Understanding Gate Parameters ​

Overall Code Thresholds ​

New Code Thresholds (Delta) ​

Blocking Pull Request Merges ​

Gate Status Examples ​

Setup & Assignment ​

Step 1: Create Quality Gate Profile ​

Step 2: Repository Assignment ​

Integrating Quality Gates into CI/CD ​

Option 1: The -qg Flag (Recommended) ​

Option 2: The Quality Gate API (Alternative) ​

Status Interpretation ​

Related Documentation ​

Quality Gate Setup & Management ​

CI/CD Integration ​

Authentication & Access ​

Development Workflows ​

Branch Protection & SCM Setup ​