Explanation:
The correct approach involves configuring the Cloud Build trigger to run on pushes to the main branch (Option C) and setting up GitHub branch protection to require approvals for pushes to main (Option D). Option C ensures production builds are triggered only for the main branch, while Option D automates the approval process for code changes at the repository level, aligning with the change control requirement. This combination maximizes automation by leveraging GitHub's native features for approvals and Cloud Build for builds. Options A, B, and E are incorrect: A focuses on pull requests (not main branch builds), B uses file filtering (unrelated to branch or approval requirements), and E adds a redundant manual approval step in Cloud Build.
Ultimate access to all questions.
No comments yet.
You are setting up a CI/CD pipeline in Cloud Build to build a container image for an application stored in GitHub. Your organization mandates that production image builds only execute against the main branch and that all pushes to the main branch require approval from the change control team. You aim to maximize automation for the image build process. What should you do? (Select two.)
A
Create a trigger on the Cloud Build job. Set the repository event setting to ‘Pull request’.
B
Add the OWNERS file to the Included files filter on the trigger.
C
Create a trigger on the Cloud Build job. Set the repository event setting to ‘Push to a branch’.
D
Configure a branch protection rule for the main branch on the repository.
E
Enable the Approval option on the trigger.