Google Cloud for DevSecOps
Continuous integration and delivery (CI/CD) is the process by which your software components are built from code, integrated with dependencies, tested, released, and deployed to end-users. Self managed CI/CD pipelines put infrastructure strain on platform teams, which leads to queue times for developers. Google Cloud provides fully managed services which scale up and down to meet demand, including:
- Google Cloud Build - flexible platform for developer automation, including capabilities to build and test container and non-container artifacts
- Google Cloud Deploy - purpose-built continuous delivery with approval gates for GCP runtimes, including GKE.
- Binary Authorization - attestation based policy with runtime admission control.
These capabilities work together to improve software supply chain security through build provenance, deployment approval gates, and attestation-based policies for admission control.