GitOps for Capture the Flag Platforms
This addresses the challenge of organizing CTF competitions more efficiently for cybersecurity educators and event organizers, though it is an incremental application of existing GitOps principles to a specific domain.
The paper tackles the problem of deploying and managing Capture The Flag (CTF) competitions by introducing CTF Pilot, a GitOps-based framework that uses Git repositories as a single source of truth for automated, version-controlled deployments. The results from a real-world CTF event demonstrate cost efficiency and effectiveness in handling high participant concurrency with robust isolation.
In this paper, we present CTF Pilot, a GitOps-based framework for the deployment and management of Capture The Flag (CTF) competitions. By leveraging Git repositories as the single source of truth for challenge definitions and infrastructure configurations, CTF Pilot enables automated, version-controlled deployments that enhance collaboration among challenge authors and organizers. We detail the design criteria and implementation of CTF Pilot and evaluate our approach through a real-world CTF event, demonstrating its cost efficiency and its effectiveness in handling high participant concurrency while ensuring robust isolation and ease of challenge development. Our results indicate that CTF Pilot improves the experience for organizers and participants, and we present the lessons learned, highlighting opportunities for future improvement.