diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 0e53426..685dcec 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,19 +1,22 @@
 name: 'Deploy'
 
 on:
-  pull_request:
+  push:
     branches: ['workshop/*']
-
 jobs:
-  set_name:
-    name: 'Get name from branch name and set env'
+  set-name:
+    name: 'Get name from branch name and set output'
+    outputs:
+      my_name: ${{ steps.set-name.outputs.my_name }}
     runs-on: ubuntu-latest
     steps:
-      - run: echo "MY_NAME=${BRANCH##*/}" >> "$GITHUB_ENV"
+      - name: 'Set name'
+        id: set-name
+        run: echo "my_name=${BRANCH##*/}" >> "$GITHUB_OUTPUT"
         env:
           BRANCH: ${{ github.ref_name }}
 
-  run_tests:
+  run-tests:
     name: 'Run frontend tests'
     runs-on: ubuntu-latest
     defaults:
@@ -44,15 +47,25 @@ jobs:
   build:
     name: 'Build Docker image and push to registry'
     # Task A.2:
-    # needs: [set_name]
+    # needs: [set-name]
     # Answer A.2:
-    needs: [set_name, run_tests]
+    needs: [set-name, run-tests]
     #
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
 
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: 'ghcr.io'
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -60,8 +73,8 @@ jobs:
         uses: docker/build-push-action@v5
         with:
           push: 'true'
-          tags: 'ghcr.io/${{ github.repository }}/${{ env.MY_NAME }}:latest'
-          file: 'frontend/Dockerfile'
+          tags: 'ghcr.io/${{ github.repository }}/${{ needs.set-name.outputs.my_name }}:latest'
+          context: 'frontend'
 
   deploy:
     name: 'Deploy using Terraform'
@@ -69,11 +82,11 @@ jobs:
     needs: [build]
     env:
       TF_VAR_revision_suffix: ${{ github.sha }}
-      TF_VAR_my_name: ${{ env.MY_NAME }}
-      ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
-      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
-      ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
-      ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
+      TF_VAR_my_name: ${{ needs.set-name.outputs.my_name }}
+    permissions:
+      contents: read
+      id-token: write
+    environment: prod
     defaults:
       run:
         working-directory: 'terraform'
@@ -84,6 +97,13 @@ jobs:
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v3
 
+      - name: Authenticate with Azure
+        uses: azure/login@v2
+        with:
+          client-id: ${{ vars.ARM_CLIENT_ID }}
+          tenant-id: ${{ vars.ARM_TENANT_ID }}
+          subscription-id: ${{ vars.ARM_SUBSCRIPTION_ID }}
+
       - name: Init Terraform
         run: terraform init
 
diff --git a/README.md b/README.md
index 30cb3e4..73a6718 100644
--- a/README.md
+++ b/README.md
@@ -229,3 +229,16 @@ resource "azurerm_container_app" "devops" {
 ```
 
 </details>
+
+# Setup (ikke en del av workshop'en)
+
+1. Få tak i en Azure subscription.
+
+2. Lag en ny Storage Account i Azure for å lagre Terraform state.
+Bruk skriptet `bootstrap.sh` for å sette opp en ny Storage Account, som vil lages i resource group `tfstate`.
+
+3. Lag en App Registration i Entra, og pek den mot riktig GitHub repository/environment.
+Du kan bruke `prod` som environment, det er det som brukes i `.github/workflows/deploy.yml`.
+
+4. Hent ut client ID fra App Registration og legg den i GitHub repository variables under `ARM_CLIENT_ID`.
+Hent også ut subscription ID og tentant ID og legg de i GitHub repository variables under `ARM_SUBSCRIPTION_ID` og `ARM_TENANT_ID`.
diff --git a/bootstrap.sh b/bootstrap.sh
index 0b8e5be..b112444 100755
--- a/bootstrap.sh
+++ b/bootstrap.sh
@@ -9,12 +9,6 @@ create() {
     local location="$4"
     local subscription_id="$5"
 
-    # Create service principal
-    az ad sp create-for-rbac \
-        --name "terraform" \
-        --role "Contributor" \
-        --scopes "/subscriptions/$subscription_id"
-
     # Create resource group
     az group create \
         --name "$resource_group_name" \
@@ -78,11 +72,6 @@ delete() {
     az group delete \
         --name "$resource_group_name" \
         --yes
-
-    # Delete service principal
-    local sp_name
-    sp_name=$(az ad sp list --display-name terraform --query '[0].appId' -o tsv)
-    az ad sp delete --id "$sp_name"
 }
 
 main() {
diff --git a/terraform/providers.tf b/terraform/providers.tf
index b4d34cf..21503ba 100644
--- a/terraform/providers.tf
+++ b/terraform/providers.tf
@@ -7,10 +7,10 @@ terraform {
   }
 
   backend "azurerm" {
-    resource_group_name  = "tfstate"
-    storage_account_name = "tfstate24321"
-    container_name       = "tfstate"
-    key                  = "terraform.tfstate"
+    resource_group_name   = "tfstate"
+    storage_account_name  = "tfstate27968"
+    container_name        = "tfstate"
+    key                   = "terraform.tfstate"
   }
 }