-
Notifications
You must be signed in to change notification settings - Fork 0
Quality Gates
Mihály Dobos-Kovács edited this page Oct 13, 2020
·
3 revisions
We define the following quality gates for the developed system, which applies to all components of the system.
During implementation, a code component can be considered ready and passing the quality gate (subsequently can be merged to the master branch), if (based on the "Sonar way"):
- The maintainability rating of the component determined by the the static analysis tools (see) is not worse than A (when the technical debt ration is less than 5.0%)
- The reliability rating of the component determined by the the static analysis tools (see) is not worse than A (when there are no bugs detected)
- The security rating of the component determined by the the static analysis tools (see) is not worse than A (when there are no vulnerabilities detected)
- All the security hotspots regarding of the component found by the the static analysis tools have been reviewed
During the testing phase, the software component is ready to be released (and tagged accordingly) if:
- Passes the quality gate of the implementation phase
- Passes the functional tests defined by the Testing Plan
- There are no significant vulnerabilities detected during the security testing defined by the Testing Plan (determined by the development team)
During the testing phase, the software is ready to be released (and submitted as a homework) if:
- All of its components pass the quality gate of the testing phase
- The software passes the Final Security Review performed by the development team.
© Grotesque Gecko, 2020
- Functional Requirements and Use Cases
- Security Requirements and Objectives
- Threat Assessment
- Quality Gates
- Chosen Technologies
- Required Security Functionalities
- Structural Model of the System
- Behavioral Model of the System