Quality Gate
🕓 3 minutes
Overview​
Quality Gate is a critical security system in CodeNOW that implements the four-eyes principle to control which deployments proceed to protected environments. It serves as a failsafe mechanism to prevent unauthorized or accidental deployments.
What You'll Learn​
In this guide, you'll learn how to:
- Understand the four-eyes principle in Quality Gates
- Configure Quality Gates for protected environments
- Set up rules for deployment approvals
- Implement secure deployment workflows
Understanding Quality Gates​
Quality Gates are security checkpoints in your deployment pipeline that help prevent unauthorized or accidental deployments in sensitive environments by requiring administrator approval. This implements the four-eyes principle, where at least two people must review and approve changes before they take effect.
How Quality Gates Work​
Quality Gates provide a systematic approach to deployment approvals:
- When a deployment reaches a protected environment, it automatically triggers a Quality Gate
- The deployment pauses until an administrator reviews and approves the request
- Administrators can either approve or deny the deployment based on organizational policies
- Upon approval, the deployment continues; if denied, the process stops
Quality Gate Rules​
Quality Gates can be configured with specific rules to control the approval process. Currently, CodeNOW supports the following rule:
| Rule | Description | Configuration |
|---|---|---|
| Administrator Approval | Requires approval from an administrator before deployment can proceed | Enabled by default |
Note: Additional rules will be added in future releases to provide more granular control over the approval process.
Setting up Quality Gates​
Follow these steps to configure Quality Gates for your component:
Only administrators can approve or deny deployment requests through Quality Gates.
Managing Approval Requests​
All Quality Gate approval requests are managed through the Task List interface. This centralized approach ensures efficient processing of deployment approvals.
Security and Best Practices​
Key Security Features​
The Quality Gate system provides these key security features:
- Four-Eyes Principle: Ensures at least two people review changes before deployment
- Environment Protection: Prevents unauthorized access to sensitive environments
- Audit Trail: Maintains records of all approval decisions
Implementation Guidelines​
- Always configure Quality Gates for production and staging environments
- Establish clear approval policies and communicate them to the team
- Regularly review and update Quality Gate configurations
- Train administrators on proper approval procedures
Quality Gates are an integral part of CodeNOW's security framework. All approval actions for Quality Gates are managed through the Task List interface.