bluemsi/2nd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
95cd8bb891bf94ea5dd50e4a490ee17d5707ecf2
2nd/10_Wiki/Topics/Architecture/Gates.md
T
koriweb d8a80f6272 chore(wiki): dangling 링크 canonical 정규화 (768파일/1200건) 
이름만 다른(표기 변형) [[위키링크]]를 대상 문서의 canonical 제목으로 치환해
끊겼던 1,200개 링크를 연결. 제목/파일명 정규화 일치만 적용하고 별칭 매칭은
과병합 위험으로 제외(애매성 가드). 원본은 _link_reconcile_backup/ 에 백업.
도구: Datacollect/scripts/link_reconcile_apply.mjs

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-08 12:24:15 +09:00

4.7 KiB
Raw Blame History

id, title, category, status, canonical_id, aliases, duplicate_of, source_trust_level, confidence_score, verification_status, tags, raw_sources, last_reinforced, github_commit, tech_stack
id title category status canonical_id aliases duplicate_of source_trust_level confidence_score verification_status tags raw_sources last_reinforced github_commit tech_stack
wiki-2026-0508-gates Gates 10_Wiki/Topics verified self
Quality Gates
CI Gates
Release Gates
none A 0.9 applied
architecture
ci-cd
quality
governance
2026-05-10 pending
language framework
yaml github-actions

Gates

매 한 줄

"매 quality gate 의 build/release 의 progress 의 block 의 conditional checkpoint 의 정의". 매 SonarQube popularization 의 origin (~2008), 매 modern CI/CD 의 essential part — 매 PR merge / deploy 의 prerequisite 의 automated assertion 의 set.

매 핵심

매 Gate 종류

  • Build Gate: compile + unit test pass.
  • Quality Gate: coverage ≥ 80%, no critical SonarQube issues.
  • Security Gate: SAST (Semgrep, CodeQL), SCA (Dependabot, Snyk), secret scan.
  • Performance Gate: bundle size, Lighthouse, p99 latency budget.
  • Manual Approval Gate: prod deploy 의 human reviewer.

매 Gate 위치

  • PR Gate: pre-merge — fast (<5 min).
  • Main Branch Gate: post-merge — heavier (E2E, integration).
  • Release Gate: pre-deploy — canary metrics, smoke tests.
  • Production Gate: post-deploy — error rate watcher, auto-rollback.

매 응용

  1. SonarQube Quality Gate (coverage / duplication / issues).
  2. GitHub branch protection rules.
  3. ArgoCD sync waves with health gates.

💻 패턴

GitHub Actions Quality Gate

name: PR Gate
on: pull_request
jobs:
  gate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: 20 }
      - run: npm ci
      - run: npm test -- --coverage
      - name: Coverage gate
        run: |
          COV=$(jq '.total.lines.pct' coverage/coverage-summary.json)
          if (( $(echo "$COV < 80" | bc -l) )); then
            echo "Coverage $COV% < 80%"; exit 1
          fi
      - uses: github/codeql-action/analyze@v3

SonarQube Quality Gate

- uses: SonarSource/sonarqube-scan-action@v3
  env:
    SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- uses: SonarSource/sonarqube-quality-gate-action@v1
  timeout-minutes: 5
  env:
    SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

Bundle Size Gate

- uses: andresz1/size-limit-action@v1
  with:
    github_token: ${{ secrets.GITHUB_TOKEN }}
    skip_step: install

Manual Approval Gate (GitHub Environments)

deploy-prod:
  environment:
    name: production
    url: https://app.example.com
  runs-on: ubuntu-latest
  needs: [test, security]
  steps:
    - run: ./deploy.sh prod

Configured in repo Settings → Environments → required reviewers.

ArgoCD Sync Wave Gate

metadata:
  annotations:
    argocd.argoproj.io/sync-wave: "1"
    argocd.argoproj.io/hook: PreSync
    argocd.argoproj.io/hook-delete-policy: BeforeHookCreation

Canary Gate (Argo Rollouts)

strategy:
  canary:
    steps:
      - setWeight: 10
      - pause: { duration: 5m }
      - analysis:
          templates: [{ templateName: success-rate }]
      - setWeight: 50
      - pause: { duration: 10m }

매 결정 기준

상황 Approach
Fast PR feedback unit + lint + type only (<3 min)
Compliance-heavy SAST + SCA + license + signed commits
High-traffic prod canary + auto-rollback gate
Monorepo path-filtered gates (only run affected)

기본값: PR gate (lint+test+typecheck) → main gate (E2E+coverage) → prod gate (manual approval+canary).

🔗 Graph

🤖 LLM 활용

언제: gate 의 thresholds 의 review, gate config 의 generation, failure log 의 root cause 의 analysis. 언제 X: gate policy 의 organizational decision (compliance, risk tolerance) — human ownership 필요.

안티패턴

  • Gate inflation: 매 PR 의 30+ checks → developer frustration, gaming via skip flags.
  • Flaky gates: intermittent failures 의 normalize → real failures 의 ignore.
  • Bypass culture: admin 의 "merge anyway" 의 routine usage.
  • No rollback gate: deploy 후 metrics 의 watch 없이 → bad release 의 prolong.
  • Unmeasured threshold: "good enough" coverage % 의 arbitrary 의 set.

🧪 검증 / 중복

  • Verified (Google SRE Book, GitHub branch protection docs, SonarQube Quality Gates).
  • 신뢰도 A.

🕓 Changelog

날짜 변경
2026-05-08 Phase 1
2026-05-10 Manual cleanup — quality gates / CI gates 의 full content
Reference in New Issue View Git Blame Copy Permalink