Answer-first summary for fast verification
Answer: Make the container tag match the source code commit hash.
The question requires ensuring production deployments are linked to source code commits and fully auditable. Option C is optimal because it uses the Git commit hash as the container tag, creating an immutable, automated link between the deployed container and the exact source code version. This aligns with Google Cloud best practices, as cited in the community discussion (e.g., references to Google's container best practices guide), and avoids manual errors. Option A is suboptimal because Git commits already include timestamps, and manual tagging adds redundancy and human error risk. Option B relies on manual comments, which are prone to oversight. Option D is incorrect as 'latest' is mutable and does not uniquely identify a commit, undermining auditability. The community consensus strongly supports C, with high upvotes and detailed reasoning emphasizing automation and traceability.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is developing a web-based application and you need to ensure that production deployments are linked to source code commits and are fully auditable. What should you do?
A
Make sure a developer is tagging the code commit with the date and time of commit.
B
Make sure a developer is adding a comment to the commit that links to the deployment.
C
Make the container tag match the source code commit hash.
D
Make sure the developer is tagging the commits with latest.