Overview
CODER (Cyber Ops Deployment & Environment Runner) is a DevSecOps platform that allows cyber operators to deploy on-demand cyber mission test environments through a single, modern interface. It wraps GitLab CI/CD, Terraform, Proxmox, and Azure into a cohesive experience so operators can request, monitor, and destroy full ranges without waiting on infrastructure teams.
The system reduced environment creation from multi-day manual work to a repeatable workflow that takes about five minutes, while preserving all the guardrails, logging, and security controls required for classified networks.
Key Capabilities
- Ephemeral cyber ranges on demand, provisioned and destroyed via GitLab pipelines backed by Terraform and Proxmox.
- Multi-cloud support: Proxmox clusters for targets and Azure AVD for operator workstations.
- User-aware deployments with owner, username, and uptime metadata so teams can search and audit deployments across enclaves.
- Robust destroy workflows with state locking, retries, and safety rails to prevent orphaned infrastructure.
- Built from MVP to production in two sprints and deployed into a Top Secret network for real cyber mission testing.
Technical Implementation
The UI is built with Next.js, TypeScript, Tailwind CSS, and Framer Motion to provide a responsive, operator-friendly experience. CODER talks to GitLab CI/CD components that orchestrate Terraform modules, Ansible roles, and Packer images to create and configure Proxmox VMs, Azure AVD workstations, networking, and domain controllers.
Proxmox clusters host target systems, while Azure handles operator access. The platform standardizes environment definitions, centralizes state and logging, and provides clear status for ranges (queued, ready, destroying, error). This turns what used to be a manual three-day provisioning process into an automated, repeatable pipeline that takes minutes and can be safely run inside classified networks.