Regression since 0.42.1 - The job runners are forced to be located in the shared runner namespace
Hello,
Since the !343 (merged) merge request the gitlab-runner Helm imposes that the shared runner runs in the same namespace as the job runners.
This new code from gitlab-runner/templates/deployment.yaml:
namespace: {{ default .Release.Namespace .Values.runners.namespace | quote }}
forces that the gitlab-runner should run in the same namespace as the jobs.
In our case, the shared runner is located in the same namespace as our release, although the job runners are launched in separate namespaces because: separation of duties and separation of resources.
This change causes our helm upgrade to crash because it moves the gitlab-runner from gitlab namespace to the runners namespaces but it doesn't move all its dependencies (especially the service account (issue already reported here))
A Good way to solve this problem would be to set a namespace helm value for the gitlab-runner deployment. Such as:
gitlab-runner:
namespace: gitlab
# This doesn't exist right now
certsSecretName: gitlab-runner-certs
checkInterval: 3
#etc...
And then in the template, the namespace would set the .Release.Namespace as a default if the .Values.namespace doesn't exist:
namespace: {{ default .Release.Namespace .Values.namespace | quote }}