# Quality gates

## Overview <a href="#overview" id="overview"></a>

Quality gates enforce a quality policy in your organization by answering one question: is my project ready for release?

To answer this question, you define a set of conditions against which projects are measured. For example:

* No new blocker issues
* Code coverage on new code greater than 80%

See the **Defining quality gates** section below for more information on defining conditions.

Ideally, all projects will use the same quality gate, but that’s not always practical. For instance, you may find that:

* The technological implementation differs from one application to another (you might not require the same code coverage on new code for web applications as you would for Java applications).
* You want to ensure stronger requirements on some of your applications (internal frameworks for example).

For these reasons, you can define as many quality gates as you need. You can access the **Quality Gates** page from the top menu. From there, you can define and manage all of your quality gates.

## Quality gate permissions <a href="#quality-gate-permissions" id="quality-gate-permissions"></a>

By default, only users with the global **Administer quality gates** permission can edit quality gates. This is set at **Administration** > **Security** > **Global Permissions**.

SonarQube also allows users with the global **Administer quality gates** permission to give an expert or group of experts permission to manage a specific quality gate. These experts only have permission for that quality gate, *not all quality gates*. Grant permissions to specific quality gates on the Quality gate’s page (**Quality Gates** > <**Your quality Gate name**>) under the **Permissions** heading by selecting **Grant permissions to more users**.

## Use the best quality gate configuration <a href="#use-the-best-quality-gate-configuration" id="use-the-best-quality-gate-configuration"></a>

The "Sonar way" quality gate is provided by Sonar, activated by default, and considered as built-in and read-only. This Quality gate represents the best way to implement the [clean-as-you-code](https://docs.sonarsource.com/sonarqube-server/9.8/user-guide/clean-as-you-code "mention") concept by focusing on new code. With each SonarQube release, we automatically adjust this default quality gate according to SonarQube’s capabilities.

With the quality gate, you can enforce ratings (reliability, security, security review, and maintainability) based on metrics for overall code and new code. These metrics are part of the default quality gate. Note that while test code quality impacts your quality gate, it’s only measured based on the maintainability and reliability metrics. Duplication and security issues are not measured on test code.

You should adjust your quality gates so that they provide clear feedback to developers looking at their project page.

Don’t forget that quality gate conditions must use differential values. For example, there’s no point in checking an absolute value such as: `Number of Lines of Code is greater than 1000`.

### Recommended quality gate <a href="#recommended-quality-gate" id="recommended-quality-gate"></a>

We recommend the built-in `Sonar way` quality gate for most projects. It focuses on keeping new code clean, rather than spending a lot of effort remediating old code. Out of the box, it’s already set as the default profile.

## Quality gate status <a href="#quality-gate-status" id="quality-gate-status"></a>

The current status is displayed prominently at the top of the Project page:

![What your quality gate looks like in SonarQube.](https://739659627-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwuQmJTVPOsx7zNT5Aqwl%2Fuploads%2Fgit-blob-c57c27b9e64e5b0fb27bb53ddaaea5af9d477728%2Fdca7ef9bd45f507bb07bb15cfd2b70779b49712a.png?alt=media)

What your quality gate looks like in SonarQube.

## Getting notified when a quality gate fails <a href="#getting-notified-when-a-quality-gate-fails" id="getting-notified-when-a-quality-gate-fails"></a>

Thanks to the notification mechanism, users can be notified when a quality gate fails. To do so, subscribe to the **New quality gate status** notification either for all projects or a set of projects you’re interested in.

## Security <a href="#security" id="security"></a>

Quality gates can be accessed by any user (even anonymous users). All users can view every aspect of a quality gate.

To make changes (create, edit, or delete) to quality gates and quality profiles, users must be granted the *Administer Quality Profiles and Gates* permission.

A project administrator can choose which quality gates their project is associated with. See [project-settings](https://docs.sonarsource.com/sonarqube-server/9.8/project-administration/project-settings "mention") for more details.

## Defining quality gates <a href="#defining-quality-gates" id="defining-quality-gates"></a>

Each quality gate condition is a combination of:

* a measure.
* a comparison operator.
* an error value.

For instance, a condition might be

* measure: Blocker issue
* comparison operator: >
* error value: 0

Which can be stated as: No blocker issues.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sonarsource.com/sonarqube-server/9.8/user-guide/quality-gates.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.