diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..e022b61
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,28 @@
+# Qserv operator CI workflow
+---
+name: "CI"
+on:
+  push:
+  pull_request:
+    branches:
+      - master
+jobs:
+  main:
+    name: Run nginx-controller demo
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Stop apparmor
+        run: |
+          sudo /etc/init.d/apparmor stop
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '^1.19.2'
+      - name: Create k8s/kind cluster
+        run: |
+          go install github.com/k8s-school/ktbx@v1.1.1-rc17
+          ktbx create -c
+      - name: Install postgresl with helm
+        run: |
+          ./ci.sh
diff --git a/ci.sh b/ci.sh
new file mode 100755
index 0000000..3472759
--- /dev/null
+++ b/ci.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+DIR=$(cd "$(dirname "$0")"; pwd -P)
+
+$DIR/pgsql.sh
diff --git a/pgsql.sh b/pgsql.sh
new file mode 100755
index 0000000..67c48ed
--- /dev/null
+++ b/pgsql.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+# See https://itnext.io/benchmark-results-of-kubernetes-network-plugins-cni-over-10gbit-s-network-36475925a560
+
+set -euxo pipefail
+
+DIR=$(cd "$(dirname "$0")"; pwd -P)
+
+
+ID=0
+NS="helm-$ID"
+
+NODE1_IP=$(kubectl get nodes --selector="! node-role.kubernetes.io/master" \
+    -o=jsonpath='{.items[0].status.addresses[0].address}')
+
+# Run on kubeadm cluster
+# see "kubernetes in action" p391
+kubectl delete ns -l "helm=$NS"
+kubectl create namespace "$NS"
+kubectl label ns "$NS" "helm=$NS"
+
+# Exercice: Install one postgresql pod with helm and add label "tier:database" to master pod
+# Disable data persistence
+helm delete pgsql --namespace "$NS" || echo "WARN pgsql release not found"
+
+helm repo add bitnami https://charts.bitnami.com/bitnami || echo "Failed to add bitnami repo"
+helm repo update
+
+helm install --version 11.9.1 --namespace "$NS" pgsql bitnami/postgresql --set primary.podLabels.tier="database",persistence.enabled="false"
+
+kubectl run -n "$NS" nginx --image=nginx -l "tier=webserver"
+kubectl wait --timeout=60s -n "$NS" --for=condition=Ready pods nginx
+kubectl exec -n "$NS" -it nginx -- \
+    sh -c "apt-get update && apt-get install -y dnsutils inetutils-ping netcat net-tools procps tcpdump"
+
+kubectl wait --timeout=120s -n "$NS" --for=condition=Ready pods -l app.kubernetes.io/instance=pgsql,tier=database
+
+kubectl exec -n "$NS" nginx -- netcat -q 2 -zv pgsql-postgresql 5432
+
+# Interactive mode
+export POSTGRES_PASSWORD=$(kubectl get secret --namespace helm-0 pgsql-postgresql -o jsonpath="{.data.postgres-password}" | \
+    base64 -d)
+kubectl run pgsql-postgresql-client --rm --tty -i --restart='Never' --namespace helm-0 \
+    --image docker.io/bitnami/postgresql:14.5.0-debian-11-r14 --env="PGPASSWORD=$POSTGRES_PASSWORD" \
+    --command -- psql --host pgsql-postgresql -U postgres -d postgres -p 5432 -c '\copyright'