deploy the exploitkit

cicd/03-rolebindings.yaml

@@ -14,3 +14,6 @@ subjects:
 - kind: ServiceAccount
   name: pipeline
   namespace: vulnerable-cicd
+- kind: ServiceAccount
+  name: default
+  namespace: exploitkit-log4j

exploit/deployment/10-deploy.yaml

@@ -0,0 +1,32 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: jndi-exploit-kit
+    app.kubernetes.io/component: jndi-exploit-kit
+    app.kubernetes.io/instance: jndi-exploit-kit
+  name: jndi-exploit-kit
+  namespace: exploitkit-log4j
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      deployment: jndi-exploit-kit
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        deployment: jndi-exploit-kit
+    spec:
+      containers:
+      - image: image-registry.openshift-image-registry.svc.cluster.local:5000/vulnerable-cicd/exploitkit-log4j:latest
+        imagePullPolicy: Always
+        name: jndi-exploit-kit
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30

exploit/deployment/20-svc.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: jndi-exploit-kit
+  name: jndi-exploit-kit
+  namespace: exploitkit-log4j
+spec:
+  ports:
+  - name: http
+    port: 8080
+    protocol: TCP
+    targetPort: 8080
+  - name: ldap
+    port: 1389
+    protocol: TCP
+    targetPort: 1389
+  - name: rmi
+    port: 1099
+    protocol: TCP
+    targetPort: 1099
+  selector:
+    deployment: jndi-exploit-kit
+  sessionAffinity: None
+  type: ClusterIP