---
title: Set up PR Gate Rules
description: Learn how to set up PR Gate rules in Datadog.
breadcrumbs: Docs > PR Gates > Set up PR Gate Rules
---

# Set up PR Gate Rules

{% callout %}
# Important note for users on the following Datadog sites: app.ddog-gov.com

{% alert level="danger" %}
This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ().
{% /alert %}

{% /callout %}

## Overview{% #overview %}

To use Datadog PR Gates, you can define one or more rules on the [**PR Gate Rules**](https://app.datadoghq.com/ci/pr-gates) page.

{% image
   source="https://docs.dd-static.net/images/pr_gates/rules_list_3.10a15e16873614aedaa0bdc45b1ba2af.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/pr_gates/rules_list_3.10a15e16873614aedaa0bdc45b1ba2af.png?auto=format&fit=max&w=850&dpr=2 2x"
   alt="PR Gates page in Datadog" /%}

PR Gates ensure that only the code changes that meet your security and quality standards is merged.

## Create a rule{% #create-a-rule %}

To create a PR Gates rule in Datadog:

1. Navigate to [**Software Delivery** > **PR Gates** > **PR Gate Rules**](https://app.datadoghq.com/ci/pr-gates) and click **New Rule**.

1. Under **Select your source**, select a rule type:

   - Static Code Analysis (SAST)
   - Software Composition Analysis (SCA)
   - Code Coverage
   - Infrastructure as Code Scanning (IaC)
   - Secret Scanning
   - New Flaky Tests

1. Under **Define condition**, set the conditions that will cause the rule to fail. Each rule type has its own condition options, and you can use the existing default condition settings when you select a rule type.

1. Under **Define scope**, set which repositories the rule should evaluate:

   - **All repositories**: The rule evaluates all repositories configured for the rule type.
   - **Selected repositories**: The rule evaluates only the repositories you specify. Use `IN` to include only specified repositories, or `NOT IN` to evaluate all configured repositories *except* the ones you specify.

The following example illustrates a Static Code Analysis (SAST) rule that fails when a pull request introduces at least one Static Code Analysis code vulnerability violation with at least `Critical` severity. The rule evaluates all repositories configured for Static Code Analysis:

   {% image
      source="https://docs.dd-static.net/images/pr_gates/setup/static_analysis_4.3b4db3fc1899d1297eaba3aaa6a40c82.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/pr_gates/setup/static_analysis_4.3b4db3fc1899d1297eaba3aaa6a40c82.png?auto=format&fit=max&w=850&dpr=2 2x"
      alt="A Static Code Analysis rule that runs on all repos and fails when a PR has at least one Static Code Analysis code vulnerability with at least `Critical` severity" /%}

1. Under **Preview checks**, select your source code management provider to preview the status check to be added to pull requests. To set the check so it blocks PRs when it fails, follow your provider's instructions for making a status check *required*:

   - [GitHub](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)
   - [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/repos/git/pr-status-policy?view=azure-devops)

Non-blocking rules can be helpful when you roll out a new rule and want to verify its behavior before making it blocking.

1. Click **Create Rule**.

1. It is recommended that you test your PR Gate rule by creating a new branch and PR that purposely introduces code changes that would violate the rule's condition. Please note that PR Gates will not:

   - Retroactively block existing PRs unless new commits are pushed to them after the PR Gate rule has been created
   - Block new PRs that don't introduce violations as part of their modified lines

### Manage PR checks{% #manage-pr-checks %}

PR Gates automatically create PR checks in [GitHub](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks) or [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/repos/git/pull-request-status?view=azure-devops) pull requests for each rule type evaluated. The check contains additional information about the rule evaluation, such as the failure reason and the matching events in Datadog.

{% alert level="info" %}
**Note**: Re-running a check in the pull request UI does not re-run the corresponding PR Gates rule.
{% /alert %}

To ensure PR Gates are able to create PR checks, you must install the integration for your SCM provider. If you do not have the integration installed, follow the [GitHub](https://docs.datadoghq.com/integrations/github.md) or [Azure DevOps Source Code](https://docs.datadoghq.com/integrations/azure-devops-source-code.md) integration documentation to set one up.

To make these checks blocking, they must be set as required in the branch policies of your source code management provider:

- [GitHub](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)
- [Azure DevOps](https://learn.microsoft.com/en-us/azure/devops/repos/git/pr-status-policy?view=azure-devops)

## Manage rules{% #manage-rules %}

You can edit or delete a PR Gates rule by hovering over it on the [**PR Gates Rules**](https://app.datadoghq.com/ci/pr-gates) list and clicking the **Edit** or **Delete** icon.

{% image
   source="https://docs.dd-static.net/images/pr_gates/setup/delete_3.01dcaaf1a0c878a3424e09011f45962d.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/pr_gates/setup/delete_3.01dcaaf1a0c878a3424e09011f45962d.png?auto=format&fit=max&w=850&dpr=2 2x"
   alt="Edit, clone, or delete a PR Gates rule" /%}

## Permissions{% #permissions %}

Only users with the `quality_gate_rules_write` permission can create and edit PR Gate rules. Users with the `quality_gate_rules_read` permission can view PR Gate rules.

For more information, see the [RBAC Permissions documentation](https://docs.datadoghq.com/account_management/rbac/permissions.md).

## Further reading{% #further-reading %}

- [Learn about PR Gates](https://docs.datadoghq.com/pr_gates.md)