Quality Gate
🧠 Quality Gate কি?
👉 Quality Gate = Automated Code Approval System
সহজভাবে:
✅ Code production-ready কিনা তা automatically decide করে
মানে:
Code Scan → Rules Check → Decision
↓
PASS / FAIL
🏢 Real Office Analogy
ধরো company policy:
❌ Bug থাকলে code merge হবে না
❌ Security issue থাকলে deploy হবে না
❌ Test coverage কম হলে reject
Developer manually check করবে?
না।
👉 Quality Gate automatically enforce করবে।
🎯 কেন Quality Gate ব্যবহার করি?
Software company এর biggest problem:
Developer → Fast code
Company → Stable production
এই conflict solve করে Quality Gate।
✅ Problem Without Quality Gate
Team example:
Dev A → clean code
Dev B → messy code
Dev C → no tests
Production becomes:
💣 unstable
💣 buggy
💣 insecure
✅ With Quality Gate
IF quality ok → merge allowed
ELSE → blocked
👉 Team standard automatically maintain হয়।
⚙️ Quality Gate কী কী check করে?
Production companies সাধারণত নিচের metrics ব্যবহার করে:
1️⃣ Bugs
Critical Bug = 0
Major Bug <= 2
Example:
if user == None:
SonarQube detect করবে।
2️⃣ Security Vulnerabilities 🔐
Example:
password = "admin123"
Hardcoded secret ❌
Quality Gate FAIL।
3️⃣ Code Coverage 🧪
Example rule:
Coverage >= 80%
Meaning:
👉 Code test ছাড়া production এ যাবে না।
4️⃣ Code Smells
Maintainability check।
Example:
function length = 500 lines
Refactor required।
5️⃣ Duplicated Code
Example:
Duplicate code < 3%
6️⃣ Maintainability Rating
Grade system:
A = Excellent
B = Good
C = Risky
Companies usually require:
Rating = A
🔥 Quality Gate Decision Flow
Developer Push Code
↓
CI Pipeline
↓
SonarQube Scan
↓
Quality Gate Evaluation
↓
PASS ✅ → Merge allowed
FAIL ❌ → Merge blocked
🧩 Default Quality Gate Example
SonarQube default:
No new bugs
No new vulnerabilities
Coverage on new code > 80%
No new code smells
এটাকে বলে:
👉 Clean As You Code
🏗️ How To Use Quality Gate (Step-by-Step)
✅ Step 1 — Go to Quality Gates
SonarQube Dashboard →
Administration
→ Quality Gates
✅ Step 2 — Create New Gate
Example:
Create → Company Production Gate
✅ Step 3 — Add Conditions
Production example:
New Bugs = 0
New Vulnerabilities = 0
Coverage >= 80%
Duplicated Lines < 3%
Maintainability Rating = A
✅ Step 4 — Assign Project
Project Settings
→ Quality Gate
→ Select Gate
Now active ✅
🧪 Example
Developer pushes code.
Scan result:
Coverage: 65%
Bug: 1 Critical
Quality Gate result:
❌ FAILED
GitHub/JIRA message:
Merge blocked by Quality Gate
Developer must fix first.
🚀 CI/CD Integration
Example GitHub Actions pipeline:
Run Tests
Run Sonar Scan
Check Quality Gate
Deploy
If gate fails:
Deployment cancelled
👉 This protects production.
⭐ Senior Engineer Insight
Quality Gate old code clean করার জন্য না।
It focuses on:
NEW CODE QUALITY
কারণ:
পুরা legacy system clean করা impossible।
So rule:
👉 Don't make code worse
🏢 How Big Companies Use Quality Gates
Enterprise workflow:
Developer → Push
PR → Sonar Analysis
Quality Gate Check
Merge
Deploy
Senior reviewers only review logic, not formatting/bugs.
⚠️ Common Beginner Mistakes
❌ 1. Too Strict Gate Initially
Team stuck হয়ে যায়।
Start moderate → tighten later.
❌ 2. Ignoring Security Rules
Big production risk.
❌ 3. Manual override
Never bypass Quality Gate.