Quality gates per pipeline stage (commit / build / merge / deploy / release) with pass/fail criteria, automation, manual approvals, review process, sprint exit criteria, waiver process. Distinct from DoR/DoD.
You define gates — the enforceable checkpoints in the pipeline that decide whether work progresses. Gates are machinery; DoR/DoD is shared language. Both needed, neither sufficient alone.
| Dimension |
|---|
| Required |
|---|
| Default |
|---|
| Team / product | Yes | — |
| Delivery pipeline (CI, CD, release tooling) | Yes | — |
| Risk profile (regulatory, user-impact) | No | Asked |
| Existing gates | No | None |
| Speed-vs-safety preference | No | Balanced |
**Team / product**: [name]
**Pipeline**: [GitHub Actions / GitLab CI / Jenkins / Buildkite / ArgoCD / Spinnaker / ...]
**Delivery model**: [trunk-based / release branch / GitOps / canary / blue-green]
**Risk profile**: [low / medium / high — user-impact, regulatory, revenue]
**Existing gates**: [attach or "none"]
**Preference**: [faster / safer / balanced]
Ask render mode per diagram-rendering mixin and output path (default: /documentation/[case]/quality-gate-definition/).
Pipeline stages where gates apply:
[Developer]
↓ commit
[Pre-commit hooks] ← Gate A: local
↓
[Push]
↓
[PR opened / updated]
↓
[CI on PR] ← Gate B: build + test + static analysis + security
↓
[Code review] ← Gate C: human review
↓
[Merge to main]
↓
[Build + artifact] ← Gate D: reproducible build + SBOM + signing
↓
[Deploy to staging] ← Gate E: smoke + integration + security dynamic
↓
[Deploy to canary] ← Gate F: health metrics + SLO burn
↓
[Deploy to full prod] ← Gate G: manual approval for high-risk releases
↓
[Post-release] ← Gate H: verify + monitor
Not every stage needs a gate; not every gate needs every stage. Match to risk profile.
For each adopted gate:
**Gate**: [name]
**Purpose**: [single sentence]
**Trigger**: [when it runs]
**Pass criteria**: [objective]
**Fail behavior**: [block / warn / notify]
**Automation**: [fully automated / hybrid / manual]
**Reviewer role** (if manual): [named]
**Timeouts + SLAs**: [max wait / retry policy]
**Waiver**: [who + scope + expiry]
**Evidence captured**: [for audit]
Example:
**Gate**: CI on PR (Gate B)
**Purpose**: Catch regressions + style + basic security before review
**Trigger**: PR opened or updated
**Pass criteria**:
- Lint: zero errors
- Unit: 100% pass, no flakes allowed in main
- Integration: 100% pass
- Coverage: new code ≥ 80% (domain), 60% (infra)
- SAST: no new high-severity findings
- SCA: no new critical CVE on runtime deps
- Branch up-to-date with main
**Fail behavior**: block merge
**Automation**: fully automated
**Waiver**: eng lead for flake; security lead for SAST/SCA; 24h expiry; ticket filed
**Evidence**: CI run id pinned to PR
| Gate | Usual criteria |
|---|---|
| Pre-commit | formatter + quick lint (fast + local) |
| CI on PR | build + unit + integration + lint + SAST + SCA + coverage |
| Code review | ≥ 1 approver (≥ 2 for critical paths); review checklist; no unresolved comments |
| Security review | threat model updated (if change significant); sensitive data flow reviewed; for regulated flows, additional sign-off |
| Design review | ADR linked or updated; architecture lead review for system-level changes |
| Build + artifact | deterministic build; artifact signed; SBOM generated; version/semver correct |
| Deploy to staging | smoke suite green; contract tests pass against consumers; secret rotation check |
| Deploy to canary | SLO burn within limit (e.g., < 1% error rate delta); latency no regression |
| Deploy to full prod | manual approval for high-risk; auto-progress for low-risk |
| Post-release | health dashboard green at +30m, +2h, +24h; no new alerts |
At sprint end / cadence, additional gates:
done state per story DoD or honestly moved| Risk | Gate tightening |
|---|---|
| Low (internal tooling, small user base) | Fewer gates; CI + basic review; trust-based deploys |
| Medium (user-facing SaaS) | Full CI + review + canary + prod manual approval for riskier changes |
| High (payments, auth, medical, regulated) | All gates + explicit approvals per change category + audit evidence captured automatically |
Adopt proportional to risk — over-gating kills flow.
Overriding a failed gate:
Never a "skip gate" button available to any engineer without trace.
Dashboards surface what needs tuning.
| Anti-pattern | Fix |
|---|---|
| "Approve whatever looks green" reviewing | Review checklist + reviewer accountability |
| Gate with no owner | Assign an owner; orphaned gates rot |
| Waiver with no expiry | Always bound |
| One giant gate doing everything | Split by purpose |
| Gates outside the pipeline (manual spreadsheet) | Move into CI/CD |
| Hardcoded approvers (one person) | Use group / role; rotate |
| "This broke, everyone's blocked, let's skip" | Root-cause the flake, not the gate |
flowchart LR
Dev -->|commit| PC[Pre-commit]
PC -->|push| CI[CI on PR]
CI --> CR[Code review]
CR --> M[Merge]
M --> BA[Build + artifact]
BA --> STG[Staging deploy]
STG --> CAN[Canary]
CAN --> PROD[Full prod]
PROD --> POST[Post-release verify]
stateDiagram-v2
[*] --> Running
Running --> Pass: criteria met
Running --> Fail: criteria missed
Fail --> Fix: engineer addresses
Fix --> Running
Fail --> WaiverRequest
WaiverRequest --> WaiverApproved: approver signs
WaiverRequest --> WaiverDenied: blocked
WaiverApproved --> Pass
WaiverApproved --> Expired: time passes
Expired --> Running: re-check required
Per diagram-rendering mixin.
# Quality Gate Definition: [Team / Product]
**Date**: [date]
**Team**: [...]
**Pipeline**: [...]
**Risk profile**: [...]
**Version**: v1.0
## Scope
[Team, pipeline, delivery model, risk profile]
## Gate Map
[Per-stage diagram]
## Per-Gate Specs
[Gate-by-gate]
## Code Review Process
[Checklist + approver rules + timeliness]
## Sprint Exit Criteria
[What "sprint over" looks like]
## Risk-Profile-Aware Gating
[Which gates per risk]
## Waiver Process
[Request → approve → log → expire → revisit]
## Metrics + Visibility
[Dashboards]
## Anti-Patterns to Avoid
## Diagrams
[Pipeline + waiver flow]
## Hand-offs
[definition-of-ready-done, cicd-pipeline-design, test-strategy-plan, incident-management (future)]
Present for user approval. Save only after confirmation.
| Situation | Behavior |
|---|---|
| No pipeline | Interview mode (§7) |
| Subjective criteria | Replace with objective measures |
| Unbounded waivers | Require expiry + approver |
| Gate bundled | Split by purpose |
| DoR/DoD overlap | Clarify boundary + reference |
| mmdc failure | See diagram-rendering mixin |
| CI/CD full design | Redirect to cicd-pipeline-design |
[] Gate per adopted stage with purpose
[] Pass criteria objective
[] Automation vs manual stated
[] Reviewer role named for manual
[] Waiver protocol with expiry
[] Sprint exit criteria if applicable
[] Risk-profile-aware gating
[] Metrics + dashboards
[] Anti-patterns addressed
[] Diagrams valid
[] No fabricated policies
[] Report follows output contract