CI/CD Code Quality Gate Failed - SonarQube Thresholds

Introduction Code quality gates in CI/CD pipelines enforce standards before code can be merged or deployed. When quality gates fail, it indicates code quality issues that must be addressed before the pipeline can proceed.

Symptoms - Pipeline fails: "Quality Gate status: FAILED" - SonarQube shows red gate with specific conditions failed - "Coverage on New Code is less than 80%" - "Security Rating is worse than A" - Pipeline blocks merge despite tests passing

Common Causes - Test coverage dropped below threshold - New code has code smells or bugs - Security hotspots not reviewed - Duplicated code percentage exceeded - Technical debt ratio too high

Step-by-Step Fix 1. **Check SonarQube dashboard for specific failures**: Navigate to the project in SonarQube and review the Quality Gate conditions.

1. 1.Run SonarQube analysis locally:
2. 2.```bash
3. 3.sonar-scanner -Dsonar.host.url=https://sonar.example.com \
4. 4.-Dsonar.token=<token>
5. 5.`
6. 6.Fix the specific issues:
7. 7.- For coverage: Add tests for uncovered code paths
8. 8.- For bugs: Fix the identified bugs in SonarQube report
9. 9.- For code smells: Refactor the flagged code
10. 10.- For security: Review and fix security hotspots
11. 11.Adjust quality gate thresholds (if needed):
12. 12.In SonarQube: Administration > Quality Gates > Edit conditions

Prevention - Run SonarQube analysis locally before pushing - Set up SonarQube PR decoration for early feedback - Start with lenient thresholds and tighten over time - Exclude test and generated code from quality gate - Use SonarQube Quality Gate webhook to fail CI early