Explore core concepts of CI/CD using Cloud Build and Deployment Manager. Assess your grasp of GCP automation workflows, build triggers, and best deployment practices to improve your cloud development skills.
Which action would best enable automated builds to initiate each time a new commit is pushed to a specific development branch?
Explanation: Creating a build trigger linked to the specific branch ensures builds start automatically with every new commit, automating the CI workflow. Manually approving builds after each push requires human intervention and is not automated. Scheduling builds weekly using a cron job introduces delays and does not respond to individual commits. Cloning the repository on the build server is a single action and does not tie the build process to repository changes.
In Cloud Build, what is the primary role of the cloudbuild.yaml file in a typical CI/CD pipeline?
Explanation: The cloudbuild.yaml file details the order and instructions for build steps, such as building images or running tests. It does not serve as a directory of team members, nor is it a secure location for storing secrets or sensitive data. Version control settings are managed elsewhere and are not the primary focus of the build definition file.
When using Deployment Manager, which statement best describes how resources are managed for infrastructure deployments?
Explanation: Deployment Manager uses configuration files to declare desired resources, ensuring consistent and repeatable deployments. Manual deployment scripts do not provide the same level of automation or maintainability. Assigning resources interactively breaks automation and reproducibility. Hardcoding resources in application code is not a scalable or recommended approach.
What is a recommended method for managing sensitive credentials, such as database passwords, during automated build and deployment processes?
Explanation: Securing credentials using a dedicated secret management service helps protect sensitive data and ensures only authorized processes can access them. Embedding passwords in source code or build files exposes them to unnecessary risk. Keeping credentials in shared documents is insecure and prone to accidental leaks. Plain text storage within configuration files is not safe and should be strictly avoided.
After a failed deployment caused by a faulty configuration in infrastructure code, what is the best-practice response to quickly restore service?
Explanation: Rolling back to a known stable configuration allows quick and reliable restoration of services. Re-deploying the faulty code likely repeats the failure. Manual dashboard edits introduce inconsistency and are not scalable. Waiting for automatic recovery is ineffective when the root cause is a configuration defect.