Overview

What it Does

Blocking rules are powerful guardrails that allow you to define specific conditions under which pull requests should be blocked from being merged. This helps ensure that your codebase adheres to your organization’s security and quality standards by preventing potentially risky or non-compliant code changes from being merged.

Who it’s For

Blocking rules are primarily designed for:
  • Development teams
  • Project managers
  • Security professionals
This feature is particularly useful for organizations with strict compliance requirements or those working on mission-critical applications where code quality and security are paramount.

Key Features and Benefits

How it Works with GitHub

Prerequisite You must have installed and configured the Corgea GitHub App with appropriate repository permissions.
1

Pull Request Submission

Developer submits a pull request with code changes
2

Automated Analysis

System analyzes code changes against active blocking rules
3

Rule Validation

If violations are found, pull request is automatically blocked
4

Developer Notification

Developer receives detailed notification about rule violations
5

Resolution

Developer must fix violations and mark them as Fixed, or mark them as False Positive or Accepted Risk before merge is allowed

How it Works with Azure DevOps

Prerequisite Make sure the Azure DevOps integration with Corgea is configured and you have the necessary permissions.
1

Pull Request Submission

A developer submits a pull request with code changes in Azure DevOps.
2

Automated Analysis

The system evaluates the code changes against the active blocking rules set in Corgea.
3

Rule Validation

If violations are found, the pull request is automatically blocked.
Developer cannot merge the PR until it is resolved.
4

Developer Notification

The developer receives a link to view detailed information about the failed issues on the Corgea Scan page.
5

Resolution

The developer must resolve the violations by fixing them or marking them as False Positive or Accepted Risk before the merge can proceed.

Usage Guide

Creating a New Blocking Rule

1

Initiate Creation

Click the “Add Blocking Rule” button
2

Basic Information

Enter rule name and description
3

Configure Settings

Select urgency levels (Critical, High, Medium, or Low) and/or target CWEs - at least one of these must be defined for the rule to be valid
4

Set Scope

Choose applicable projects (optional)
5

Save

Review and click “Create”

Managing Existing Rules

  1. Locate rule in table
  2. Click “Edit” button
  3. Modify settings as needed
  4. Click “Update” to save

Viewing Rules on scans

You can view blocking rules that apply to your scans in two places:
  1. On the scan details page, you’ll see a “Blocking Rules” section showing all rules that were evaluated:
  1. For individual issues, you can see which blocking rules were triggered in the issue details:
This makes it easy to understand which rules are affecting your scans and specific issues, helping you identify why certain changes may be blocked.

Examples

Best Practices

Implementation Tips

  • Start with essential rules and gradually expand
  • Regular review and updates
  • Clear documentation and team training
  • Encourage feedback and collaboration
  • Strategic use of urgency levels

Troubleshooting

If a pull request is unexpectedly blocked, verify the active rules and their configurations first.