Google Cloud Professional Cloud DevOps Engineer — Question 95

You are creating a CI/CD pipeline in Cloud Build to build an application container image. The application code is stored in GitHub. Your company requires that production image builds are only run against the main branch and that the change control team approves all pushes to the main branch. You want the image build to be as automated as possible. What should you do? (Choose two.)

Answer options

• A. Create a trigger on the Cloud Build job. Set the repository event setting to ‘Pull request’.
• B. Add the OWNERS file to the Included files filter on the trigger.
• C. Create a trigger on the Cloud Build job. Set the repository event setting to ‘Push to a branch’
• D. Configure a branch protection rule for the main branch on the repository.
• E. Enable the Approval option on the trigger.

Correct answer: C, D

Explanation

The correct steps are to create a trigger for ‘Push to a branch’ (C) to ensure that builds occur only on approved changes to the main branch, and to configure a branch protection rule (D) to enforce the approval requirement for all pushes. The other options either do not align with the requirements for automation and approvals or pertain to different events that do not support the production image build process directly.