To enforce that only container images that have passed regression tests are deployed to your GKE clusters with Binary Authorization enabled, what steps should you take next?

(Assume you have a Cloud Build pipeline that builds container images, runs regression tests, and publishes them to Artifact Registry.)

Exam-Like

Deploy Voucher Server and Voucher Client components. After a container image has passed the regression tests, run Voucher Client as a step in the Cloud Build pipeline.

6.3%

Create an attestor and a policy. Run a vulnerability scan to create an attestation for the container image as a step in the Cloud Build pipeline.

25.0%

Create an attestor and a policy. Create an attestation for the container images that have passed the regression tests as a step in the Cloud Build pipeline.

56.3%

Set the Pod Security Standard level to Restricted for the relevant namespaces. Digitally sign the container images that have passed the regression tests as a step in the Cloud Build pipeline.

12.5%

Google Professional Cloud Developer

Get started today

Comments