Workflow
With the intention of delivering a fully secure application in a secure environment, the GitOps strategy is used to deploy, as well as monitoring and protection of traffic with checkpoint's appSec-nginx.
Continuous deployment
In the pipeline, once the image has been uploaded, we proceed to update the deployment manifests so that ArgoCD uses them to deploy the application on our platform. With this we see that when updating these manifests ArgoCD uses them as the only source of truth from the last commit made in the repository and then proceeds to use them in the platform.
Traffic management
When the application is deployed on the platform, an ingress controller is placed, which for this project appsec-nginx has been selected. This ingress controller adds a layer of security to the traffic entering the application as it has its own agent which performs alerts, and has early detection of anomalous activities acting as WAF, also has a built-in ML system which helps you to have a learning of all kinds of threats that arise while the application uses the controller.