Google Cloud Build/Run trigger upon Pull Request on merge with specific branch

Question

I'm trying to use a Google Cloud Build Trigger to trigger a Cloud Build and then deploy to Cloud Run upon a Pull Request to Github repo Branch. My console looks as follows:

My questions:

1. Is it possible to only trigger once the PR is approved or merged? Right now it triggers upon creation of the PR. I'd prefer to only build and deploy once my inevitable mistakes in the PR are corrected.
2. It seems to build the feature branch I'm attempting to merge, not the main. Am I misunderstanding what Base branch means? Is that not the branch that it should build once I merge to it?

Inline YAML from the trigger:

steps:
  - name: gcr.io/cloud-builders/docker
    args:
      - build
      - '--no-cache'
      - '-t'
      - '$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA'
      - .
      - '-f'
      - Dockerfile
    id: Build
  - name: gcr.io/cloud-builders/docker
    args:
      - push
      - '$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA'
    id: Push
  - name: 'gcr.io/google.com/cloudsdktool/cloud-sdk:slim'
    args:
      - run
      - services
      - update
      - $_SERVICE_NAME
      - '--platform=managed'
      - '--image=$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA'
      - >-
        --labels=managed-by=gcp-cloud-build-deploy-cloud-run,commit-sha=$COMMIT_SHA,gcb-build-id=$BUILD_ID,gcb-trigger-id=$_TRIGGER_ID,$_LABELS
      - '--region=$_DEPLOY_REGION'
      - '--quiet'
    id: Deploy
    entrypoint: gcloud
images:
  - '$_GCR_HOSTNAME/$PROJECT_ID/$REPO_NAME/$_SERVICE_NAME:$COMMIT_SHA'
options:
  substitutionOption: ALLOW_LOOSE
substitutions:
  _DEPLOY_REGION: europe-west1
  _LABELS: gcb-trigger-id=c764048b-0347-4f67-8a6f-93a91f4b05af
  _TRIGGER_ID: c764048b-0347-4f67-8a6f-93a91f4b05af
  _GCR_HOSTNAME: eu.gcr.io
  _PLATFORM: managed
  _SERVICE_NAME: myservice
tags:
  - gcp-cloud-build-deploy-cloud-run
  - gcp-cloud-build-deploy-cloud-run-managed
  - myservice

Answer 1

• Make a trigger that triggers on the "Push to a branch" event
• Set the branch to ^main$

That's pretty much it. Then whenever you merge a pull request it will trigger the build.

Answer 2

To answer your questions:

1. Is it possible to only trigger once the PR is approved or merged? Right now it triggers upon creation of the PR. I'd prefer to only build and deploy once my inevitable mistakes in the PR are corrected.

It is possible by using manual approvals. The user must have a Cloud Build Approver role in order to update a trigger to require or not require approval, meaning the user can approve or reject builds. You can check this documentation on gate builds on approval.

Another option is defining an organizational policy to control which external services can invoke build triggers. You can specify any number of allowed or denied values for your organization or project. You can check this documentation on gate builds on organizational policy.

Comment control must also be set to required so that builds will only be executed after an owner or collaborator comments /gcbrun so that builds won't be automatically executed by triggers. You can check the full steps here on creating a GitHub trigger.

2. It seems to build the feature branch I'm attempting to merge, not the main. Am I misunderstanding what Base branch means? Is that not the branch that it should build once I merge to it?

When you create a trigger, you will be asked to select a base branch (either main or any other branch that will be read after providing your GitHub repo). In my case, it listed two.

When you make changes in your repo and open a pull request, it will merge the changes from your head branch to your base branch (in this case your main).

You can check the full documentation on working with branches.