Update RBAC, allow use of IAM role for S3 cache and Dynamically add volumes to runner (!106) · Merge requests · GitLab.org / charts / GitLab Runner

Hello.

This is an attempt to bring our changes to the runner helm chart back into the main code repo, the issues these solve are:

When using S3 cache with and Iam role rather than a kube secret the container will fail, this way it checks for the existence of the kube secret values before creating the code block.
RBAC of * * doesn't really secure against anything, we have been testing this for the last few months against ~100s of stages gitlab-org/gitlab-runner#3004 this issue talks around the subject.
Ability to add volumes to the runner, through the values.yaml, with docs. thanks to: gitlab-org/gitlab-runner#2578 (comment 75726907), this was really useful to us initially as we were attempting to avoid privileged mode of dind, although we gave up in the end this is still a useful piece of functionality.

Edited Apr 08, 2019 by Giles Hinchcliff

Update RBAC, allow use of IAM role for S3 cache and Dynamically add volumes to runner