Quality Gate Status Permissions and Admins

Hi all,

We recently had a project’s quality gate downgrade (from platinum to bronze). Is there any way to see what user chaged it? Also, is there a way where we can put controls on the quality gate so that users must request and get approval before changing the status? Or will we have to do something outside of SonarQube, like revoking all users’ global access to change the quality gate and have them submit a ticket in something like ServiceNow to down/upgrade it again?

Thanks in advance.

Hey there.

What do you mean by “downgrade” – do you mean “change”? Or did the Quality Gate change from Green to Red?

@Colin Yes, it was changed from Platinum to Bronze

Hey there.

SonarQube doesn’t track who changed a project’s Quality Gate (even in the Audit Logs of Enterprise Edition). You may be able to hunt through the access logs to see invocations of POST api/qualitygates/select and try to tie it back to that specific user/project.

Project-level administrators and users with the global Administer Quality Gate permission have the right to change the Quality Gate assigned to a project. Those permissions would have to be restricted to avoid a user changing the QUality Gate.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.