From b7b93e3028d06bfd4e586d3a615e729e1cab6c84 Mon Sep 17 00:00:00 2001
From: Gabe Alford <redhatrises@gmail.com>
Date: Wed, 20 Mar 2024 09:12:56 -0600
Subject: [PATCH] feat: add k8s deployment yaml

---
 README.md               | 12 ++++++++++++
 detections.example.yaml | 22 ++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 detections.example.yaml

diff --git a/README.md b/README.md
index f12b953..d805595 100644
--- a/README.md
+++ b/README.md
@@ -89,3 +89,15 @@ $ sudo docker run --rm quay.io/crowdstrike/detection-container
 Output will be sent to the console (via ``stdout``) regarding what detections are being generated. An example of running in non-interactive mode, plus output, is shown below:
 
 ![non-interactive mode](docs/images/non-interactive.png)
+
+## Kubernetes Interactive Mode
+
+For running the detection container in interactive mode on Kubernetes clusters, please see the [vulnapp project](https://github.com/CrowdStrike/vulnapp)
+
+## Kubernetes Non-interactive Mode
+
+For running the detection container in non-interactive mode which will randomly create detections, run the following command:
+```
+$ kubectl create -f https://raw.githubusercontent.com/CrowdStrike/detection-container/main/detections.example.com
+
+```
diff --git a/detections.example.yaml b/detections.example.yaml
new file mode 100644
index 0000000..d58de65
--- /dev/null
+++ b/detections.example.yaml
@@ -0,0 +1,22 @@
+# kubectl apply -f detectioncontainer.yaml
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: detections.example.com
+spec:
+  selector:
+   matchLabels:
+      run: detections
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        run: detections
+    spec:
+      containers:
+          - name: detection-container
+            image: quay.io/crowdstrike/detection-container
+            imagePullPolicy: Always
+            command:
+              - "/entrypoint.sh"