DevSecOps Workshop in Azure > Class1 - Learn DevSecOps in Azure with Terraform and GitHub > Module 3 - DevSecOps Workflow Source |

Lab 2 - Enjoy DevSecOps¶

It is time to test our full DevSecOps implementation. As a SecOps, we will now make a change in the source of truth (GitHub) and TF Cloud will take care of the rest (rolling-upgrade a new NAP pod)

In your GitHub tf_cloud branch, make a new change. Let’s say we want to enable Bot Protection
In nginx-nap/etc/nginx/nap-files/policies/custom-references/automation-attacks/bot-defense.json enable the feature by changing from false to true
Commit and push
That’s it :) Look at your TF Cloud runs and you should see a new run in progress and in your AKS a new pod up and running.

Note

Congrats, as you may notice, with few efforts, we deployed a CI thanks to Terraform Cloud, but we could have used Microsoft DevOps, Github Actions, Jenkins, Gitlab CI …