diff --git a/.github/workflows/build-n-push-main.yml b/.github/workflows/build-n-push-main.yml
index c60f7cf..f50a4b1 100644
--- a/.github/workflows/build-n-push-main.yml
+++ b/.github/workflows/build-n-push-main.yml
@@ -132,26 +132,16 @@ jobs:
       - name: Get Docker image with sha256
         run: echo "image_sha256=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:${{ env.branch_name }})" >> "$GITHUB_ENV"
 
-      #
-      # Login to Azure.
-      #
-      - name: Login to Azure
-        uses: azure/login@8c334a195cbb38e46038007b304988d888bf676a #v2.0.0
-        with:
-          client-id: ${{ secrets.AZURE_CLIENT_ID }}
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-
       #
       # Update Container App.
       #
       - name: Update Container App
-        uses: azure/CLI@fa0f960f00db49b95fdb54328a767aee31e80105
-        with:
-          inlineScript: |
-            az config set extension.use_dynamic_install=yes_without_prompt
-            az containerapp update \
-              -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} \
-              -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} \
-              --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} \
-              -i ${{ env.image_sha256 }}
+        shell: bash
+        working-directory: src/main/terraform
+        env:
+          ARM_CLIENT_ID: "${{ secrets.AZURE_CLIENT_ID }}"
+          ARM_SUBSCRIPTION_ID: "${{ secrets.AZURE_SUBSCRIPTION_ID }}"
+          ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}"
+        run: |
+          terraform init -backend-config="env/dev-cd/backend.tfvars" -reconfigure
+          terraform apply -var-file="env/dev-cd/terraform.tfvars" -var="mil_auth_image=${{ env.image_sha256 }}" -auto-approve -lock-timeout=300s