diff --git a/components/konflux-support-ops/base/deployment.yaml b/components/konflux-support-ops/base/deployment.yaml
new file mode 100644
index 0000000..df5c45c
--- /dev/null
+++ b/components/konflux-support-ops/base/deployment.yaml
@@ -0,0 +1,54 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: support-ops
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: support-ops
+  template:
+    metadata:
+      labels:
+        app: support-ops
+    spec:
+      containers:
+      - name: support-ops
+        image: quay.io/redhat-user-workloads/konflux-user-support-tenant/chat-bot/user-support@sha256:3370bf46392ae10f80cf471bc49b192bef8f31a0752129268f391a3718c0b786
+        imagePullPolicy: Always
+        env:
+        - name: PYTHONPATH
+          value: "/app"
+        - name: SLACK_BOT_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: konflux-support-ops-secrets
+              key: SLACK_BOT_TOKEN
+        - name: SLACK_APP_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: konflux-support-ops-secrets
+              key: SLACK_APP_TOKEN
+        - name: JIRA_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: konflux-support-ops-secrets
+              key: JIRA_API_KEY
+        - name: ENABLE_TOKEN_VALIDATION
+          value: "true"
+        resources:
+          limits:
+            cpu: 500m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 256Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+              - "ALL"
+          seccompProfile:
+            type: RuntimeDefault
+          readOnlyRootFilesystem: true
+          runAsNonRoot: true
diff --git a/components/konflux-support-ops/base/kustomization.yaml b/components/konflux-support-ops/base/kustomization.yaml
index b4dcca8..9b19414 100644
--- a/components/konflux-support-ops/base/kustomization.yaml
+++ b/components/konflux-support-ops/base/kustomization.yaml
@@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-# - deployment.yaml
-# - service.yaml
+- deployment.yaml
 
 namespace: konflux-support-ops
diff --git a/components/konflux-support-ops/internal-production/external-secrets/konflux-support-ops-secrets.yaml b/components/konflux-support-ops/internal-production/external-secrets/konflux-support-ops-secrets.yaml
new file mode 100644
index 0000000..7d1210e
--- /dev/null
+++ b/components/konflux-support-ops/internal-production/external-secrets/konflux-support-ops-secrets.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: konflux-support-ops-secrets
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  dataFrom:
+    - extract:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: production/support-ops/konflux-support-ops-secrets
+  refreshInterval: 15m
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: appsre-stonesoup-vault
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Delete
+    name: konflux-support-ops-secrets
diff --git a/components/konflux-support-ops/internal-production/external-secrets/kustomization.yaml b/components/konflux-support-ops/internal-production/external-secrets/kustomization.yaml
new file mode 100644
index 0000000..e9ba6e7
--- /dev/null
+++ b/components/konflux-support-ops/internal-production/external-secrets/kustomization.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - konflux-support-ops-secrets.yaml
diff --git a/components/konflux-support-ops/internal-staging/external-secrets/konflux-support-ops-secrets.yaml b/components/konflux-support-ops/internal-staging/external-secrets/konflux-support-ops-secrets.yaml
new file mode 100644
index 0000000..8bb2ff9
--- /dev/null
+++ b/components/konflux-support-ops/internal-staging/external-secrets/konflux-support-ops-secrets.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: konflux-support-ops-secrets
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  dataFrom:
+    - extract:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: staging/support-ops/konflux-support-ops-secrets
+  refreshInterval: 15m
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: appsre-stonesoup-vault
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Delete
+    name: konflux-support-ops-secrets
diff --git a/components/konflux-support-ops/internal-staging/external-secrets/kustomization.yaml b/components/konflux-support-ops/internal-staging/external-secrets/kustomization.yaml
new file mode 100644
index 0000000..e9ba6e7
--- /dev/null
+++ b/components/konflux-support-ops/internal-staging/external-secrets/kustomization.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - konflux-support-ops-secrets.yaml