To ensure only tested container images are deployed to Cloud Run from Artifact Registry using Cloud Build while minimizing operational overhead, what is the recommended approach?

Exam-Like

Deploy a new revision to a Cloud Run service. Assign a tag that allows access to the revision at a specific URL without serving traffic. Test that revision again. Migrate the traffic to the Cloud Run service after you confirm that the new revision is performing as expected.

5.9%

Enable Binary Authorization on your Cloud Run service. Create an attestation if the container image has passed all tests. Configure Binary Authorization to allow only images with appropriate attestation to be deployed to the Cloud Run service.

70.6%

Create a GKE cluster. Verify that all tests have passed, and then deploy the image to the GKE cluster.

5.9%

Configure build provenance on your Cloud Build pipeline. Verify that all the tests have passed, and then deploy the image to a Cloud Run service.

17.6%

Google Professional Cloud Developer

Get started today

Comments

To ensure only tested container images are deployed to Cloud Run from Artifact Registry using Cloud Build while minimizing operational overhead, what is the recommended approach?