To enforce that only container images that have passed regression tests are deployed to your GKE clusters with Binary Authorization enabled, what steps should you take next?

(Note: The original question's context implies a container-first approach with Cloud Build pipelines handling image creation, testing, and publishing to Artifact Registry.)

Exam-Like

Create an attestor and a policy. After a container image has successfully passed the regression tests, use Cloud Build to run Kritis Signer to create an attestation for the container image.

50.0%

Deploy Voucher Server and Voucher Client components. After a container image has successfully passed the regression tests, run Voucher Client as a step in the Cloud Build pipeline.

0.0%

Set the Pod Security Standard level to Restricted for the relevant namespaces. Use Cloud Build to digitally sign the container images that have passed the regression tests.

12.5%

Create an attestor and a policy. Create an attestation for the container images that have passed the regression tests as a step in the Cloud Build pipeline.

37.5%

Google Professional Cloud Developer

Get started today

Comments