1. Overview
    1. Builds container images with common languages and tools
    2. Can use publicly available image to execute tasks
    3. Runs build steps in a Docker container
    4. Provides and maintains pre-built images
    5. Pre-built images are located in Container Registry
    6. The source code for builders is in cloud builders GitHub repository
    7. Cloud Build developer community provides open-source builders
    8. Pre-built images not available for open-source builders
    9. Download the source code from the cloud builders community GitHub repository and then build the image
  2. Build Step
    1. Executes build as a series of build steps, where each build step is run in a Docker container
    2. Executing build steps is analogous to executing commands in a script
    3. Steps executed serially on the same machine
    4. Steps field is defined in build config file
    5. Build steps are provided by Cloud Build, Cloud Build community, or custom build steps
    6. Can execute build tool packaged into a container
    7. waitFor option controls sequential steps
    8. Each build step is run with its container attached to a local Docker network named cloudbuild
    9. Docker network allows build steps to communicate with each other and share data
    10. Dockerfile can be used to build the image by executing Docker builds in Cloud Build using the gcloud tool or build triggers
    11. A build config file can be used in addition to Dockerfile to provide more customisation to the build
    12. Standard Docker Hub images can be used in Cloud Build, such as Ubuntu and Gradle
  3. Build Config File
    1. Contains custom specifications for performing tasks
    2. Contains instructions to build, package, and push Docker images
    3. Defines parts of the task to execute
    4. Builds can fetch dependencies, run unit tests, static analyses, and integration tests, and create artifacts with build tools such as docker
  4. Starting Builds
    1. Manually start builds in Cloud Build using the gcloud command-line tool
    2. Use the Cloud Build API, or Cloud Build's build triggers feature to create an automated continuous integration/continuous delivery (CI/CD) workflow that starts new builds in response to code changes
    3. Integrate build triggers with code repositories, including Cloud Source Repositories, GitHub, and Bitbucket
  5. View Builds
    1. gcloud tool
    2. Cloud Build API
    3. Build History page in the Cloud Build section in Cloud Console
  6. Compliance
    1. Customer-Managed Encryption Keys (CMEK) compliance by encrypting the build-time persistent disk (PD) with an ephemeral key
    2. Key is uniquely generated for each build
    3. Key is wiped from memory as soon as build begins
    4. Key is not stored anywhere and is not accessible to Google engineers or support staff