You are setting up a CI/CD pipeline in Cloud Build to build a container image for an application stored in GitHub. Your organization mandates that production image builds only execute against the main branch and that all pushes to the main branch require approval from the change control team. You aim to maximize automation for the image build process. What should you do? (Select two.)