Support Custom Labels on Auto-Generated Secrets and ConfigMaps for GitLab Kubernetes Runner Helm Chart:

Description:

When using the GitLab Kubernetes Runner Helm chart, two resource types are created without support for user-defined labels:

1. Runner ConfigMap — A single ConfigMap is generated containing the runner configuration (concurrency, limits, etc.). There is currently no mechanism in the Helm chart to apply custom labels to this ConfigMap.

2. Job Secrets — For each CI/CD job, Kubernetes secrets (e.g., kubernetes.io/dockercfg type) are auto-generated with dynamically constructed names based on the job. Because the names are dynamic and no labels are applied at creation time, there is no reliable way to select or manage these secrets using label selectors after the fact.

Requested behavior:

Expose a Helm values option (e.g., runners.secret.labels and runners.configMap.labels) that allows users to define custom labels to be applied to both the runner ConfigMap and all job-spawned secrets. Alternatively, adding a common label that can be applied to the different pod generated elements.

Impact:

Without this capability, organizations with compliance or namespace governance requirements — such as those requiring label-based RBAC, cost allocation, or network policy enforcement — are forced to fork and maintain a custom version of the Helm chart, creating significant operational overhead.