Kubernetes Cluster

Kubernetes with embedded DB

CI Sense architecture

Kubernetes with external DB (recommended for prod)

CI Sense architecture

Helm charts

The full deployment consists of two helm charts: cifuzz-server and cifuzz-worker.

CI Server

The CI Server consists of an API server with REST and gRPC endpoints, a Web App and a few additional services that handle authentication and report generation.

The default chart values also include a pre-configured bitnami/postgresql database. This configuration is not meant for production and we recommend using a managed PostgreSQL database instead.

CI Worker

The CI Worker runs workloads (i.e. fuzzer execution) via kubernetes jobs by polling the CI Server for available jobs and reporting the results. The cifuzz-worker can be deployed standalone which is useful for a multi-cluster setup. However, a connection to CI Server is required for the CI Worker to function properly.

Configuration

The helm chart comes pre-configured with defaults for a quick installation. Still, some values must be configured for a useful deployment. To overwrite default values and configure missing settings create a custom-values.yaml and add filled in snippets from the sections below.

The following command shows all configuration options that can be overwritten in values yaml files:

helm show values oci://f5d6e55758e0d08d.azurecr.io/helm/cifuzz-server \
    --version <version>

This output includes comments describing many of the configurable options. For more detailed information on some of these options please refer to the Helm Chart Configuration Reference page.

Deployment

With the finished configuration perform a dry run of the deployment with the following command.

helm upgrade cifuzz-server oci://f5d6e55758e0d08d.azurecr.io/helm/cifuzz-server \
    --install \
    --namespace <namespace> \
    --create-namespace \
    --version <version> \
    --values custom-values.yaml \
    --dry-run

If everything looks good execute the same command without the --dry-run option.

Update CI Sense

Run the following command to update to a specific version of CI Sense:

helm upgrade cifuzz-server oci://f5d6e55758e0d08d.azurecr.io/helm/cifuzz-server \
    --install \
    --namespace <namespace> \
    --version <version> \
    --values custom-values.yaml

Kubernetes with embedded DB​

Kubernetes with external DB (recommended for prod)​

Helm charts​

CI Server​

CI Worker​

Configuration​

Deployment​

Update CI Sense​