Status: OUT
Container supply chain integrity spans the full build-to-deploy lifecycle: Cloud Build creates attestations, Binary Authorization blocks unauthorized images and continuously validates running containers, while Cloud Run resolves tags to digests and caches images at deploy time — ensuring revisions always serve the exact verified artifact.