CI/CD Integration
CI/CD Integration
Integrate netbobr into your CI/CD pipeline to automatically validate firewall rules on every change. The CLI provides machine-readable output formats and meaningful exit codes designed for pipeline gating.
Exit Codes
The CLI returns exit codes based on the maximum severity found across all analyzed flows:
| Exit Code | Severity | Meaning |
|---|---|---|
| 0 | Low / None | All flows are low risk or clean |
| 1 | Medium | At least one medium-severity finding |
| 2 | High | At least one high-severity finding |
| 3 | Critical | At least one critical-severity finding |
Use --fail-on <severity> to set a custom threshold. For example, --fail-on high treats medium findings as passing (exit 0) and only fails on high or critical.
Output Formats for CI
| Format | Flag | Use Case |
|---|---|---|
| JSON | --output json | Machine parsing, custom integrations |
| SARIF | --output sarif | GitHub Code Scanning, VS Code |
| CSV | --output csv | Spreadsheet import, data analysis |
| Table | --output table | Human-readable logs |
--output pdf | Compliance reports, change tickets |
Platform Guides
Workflow examples with SARIF upload to Code Scanning and PDF artifact generation.
Pipeline YAML with severity gating and build artifact publishing.
Job configuration with SAST report integration and exit code handling.
Declarative pipeline stages with Warnings NG SARIF import and custom exit code handling.