NFTables GitLab CI Component¶

A GitLab CI component for validating nftables firewall rules syntax using the nft command.

Features¶

Syntax Validation: Check nftables ruleset files for syntax errors
Multiple Files: Validates all .nft files in your repository
Customizable: Configure job name, stage, and more
Reliable: Uses Debian-based container image

Usage¶

Basic Usage¶

include:
  - component: $CI_SERVER_FQDN/niclas-zone/ci/nftables/main@latest

stages:
  - lint

With Custom Configuration¶

include:
  - component: $CI_SERVER_FQDN/niclas-zone/ci/nftables/main@latest
    inputs:
      NFT_EXTRA_ARGS: "-c"
      NFT_FILES: "firewall/*.nft"

stages:
  - lint

Inputs¶

Input	Description	Default
`job_name`	Name of the CI job	`"nftables"`
`stage`	Pipeline stage	`"lint"`
`image`	Docker image for nft	`"registry.gitlab.com/niclasheinz/debian/debian:13.1"`
`NFT_EXTRA_ARGS`	Extra arguments for nft	`""`
`NFT_FILES`	Files pattern to check	`"*/.nft"`
`allow_failure`	Allow job to fail without failing pipeline	`false`
`exit_with_code`	Exit with non-zero code when validation fails pipeline	`true`

License¶

This project is licensed under the MIT License.