Answer: Use Cloud Build to render and deploy the network policies and the DaemonSet. Set up Config Sync to sync the configurations for the three environments.

The goal is to enforce consistency across development, staging, and production GKE environments for network policies and a logging DaemonSet using GitHub as the source of truth. Google-recommended practices emphasize GitOps for configuration management. Option C is correct because: 1. **Cloud Build** automates rendering and deploying manifests from GitHub, ensuring deployments are triggered by repository changes. 2. **Config Sync** (part of Anthos Config Management) continuously synchronizes configurations from the Git repository to all GKE clusters. This enforces consistency, automatically corrects drift, and aligns with GitOps principles. It handles both network policies (as Kubernetes resources) and DaemonSets. Other options fall short: - **Option A** relies on Cloud Deploy for deployment and Cloud Monitoring for alerts, but lacks automated drift correction. Monitoring only detects issues without remediation. - **Option B** uses Policy Controller for network policies but introduces Cloud Functions for drift correction, which is complex and not scalable. It also splits deployment tools unnecessarily. - **Option D** uses Policy Controller to enforce configurations but doesn't sync deployments from Git, leading to potential inconsistencies. Policy Controller is for policy enforcement, not continuous deployment. Thus, Config Sync provides declarative, Git-driven synchronization, making it the Google-recommended solution for consistency and drift prevention.

Author: LeetQuiz Editorial Team