Skip to main content

Quality gate configuration

The quality gate is the rule that decides whether a CI run blocks a merge. It lives on the agent, is edited in the UI (Agent → CI / CD → Quality Gate), and is reused by every CI provider.

Fields

FieldRequiredDefaultDescription
Minimum overall scoreyes0.85The run fails when the scorecard's overall score is strictly below this value (0 to 1).
Blocking dimensionsno[]List of dimension keys (security, privacy, ...). Each must individually pass for the gate to pass.
Max failed criterianounsetCaps the total number of failed criteria across the scorecard. Leave empty to disable.
Warning bandnounsetSoft floor below the overall minimum. When the score lands in [warning_band, overall_min), the gate passes (exit 0) but the run is flagged as a warning.

Decision flow

The backend evaluates the gate after the run has a scorecard:

  1. Overall score must meet the configured minimum.
  2. Every blocking dimension must pass.
  3. Failed criteria must stay below the configured cap, when a cap exists.
  4. The warning band can mark a run as warning without failing the CI job.

The run response exposes the decision under results.gate, including passed, is_warning, scores, and failure messages when the gate fails.

Editing the gate without touching the CI

Because the gate lives on the agent (not in the repo), you can tighten or loosen the rule without redeploying anything:

  1. Open the agent in Mankinds.
  2. CI / CD → Quality Gate.
  3. Adjust the values.
  4. Save.

The next CI run picks up the new gate automatically. Each change is recorded on the agent config version history.

API

You can also update the gate via the API:

PATCH /api/v1/agents/{agent_id}/gate
X-API-Key: mk_xxx
Content-Type: application/json

{
"gate": {
"overall_score_min": 0.85,
"dimensions_must_pass": ["security", "privacy"],
"max_failed_criteria": 2,
"warning_band_min": 0.70
}
}

The payload is merged into agent.config["gate"]; the rest of the config is left untouched.

Frequently asked questions

What dimensions can I require?

Require only dimensions that are evaluated by the agent's selected criteria. If a required dimension has no score for that agent, the gate cannot pass reliably.

Can I have different gates for different branches?

The gate is per agent. Use separate agents when different environments or branches need different rules.

Can I override the gate in a one-off CI run?

No. The CI snippet carries the agent UUID and the API key; the gate remains the source of truth on the agent.

See also