Add a quality gate to CI/CD
Enforce code-quality and security standards automatically in CI
A CI/CD quality gate runs your standards — security, supply chain, tests, complexity — as an automated pass/fail step on every build, so quality is enforced consistently instead of depending on who's reviewing.
The problem
Standards that live in a wiki are aspirational. The only standards that hold are the ones a machine enforces on every change, because human discipline erodes under deadline pressure exactly when it matters most.
A quality gate makes the standard executable: it runs in the pipeline, evaluates the change against thresholds, and returns a single verdict that the pipeline obeys.
How GateTest does it
Run GateTest's full 110-module suite as a CI step. Error-severity findings fail the build; warnings surface without blocking.
Because GateTest emits SARIF, the same run also feeds GitHub code scanning, so findings appear inline on the diff as well as in the build log.
# .github/workflows/gatetest.yml
name: GateTest
on:
pull_request:
jobs:
gate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: crclabs-hq/gatetest-action@v1
with:
suite: full
# error-severity findings fail the job and block the merge
fail-on: errorSteps
- 1Drop the GateTest Action into your pipeline (GitHub Actions, or the CLI in any other CI).
- 2Choose a suite: quick (fast feedback) or full (the complete gate).
- 3Set fail-on: error so only high-confidence problems block.
- 4Optionally upload the SARIF output to GitHub code scanning for inline annotations.
Frequently asked questions
Does GateTest work outside GitHub Actions?
Yes. GateTest is a Node CLI, so it runs in any CI system — GitLab CI, CircleCI, Jenkins, Buildkite — and exits non-zero on error-severity findings to fail the build. The GitHub Action is just a packaged wrapper.
Will a quality gate slow my pipeline down?
The quick suite is designed for fast PR feedback; the full suite runs the complete 110-module gate. You choose per-workflow, so you can gate PRs quickly and run the deep suite on merges to main.
Put this gate on your repo
Free preview of findings. Pay per scan — no subscription. AI auto-fix PR on the Scan + Fix tier.