Reset runner registration token
Description
I recorded a terminal session for a presentation and during the gitlab-runner register
process, the registration token is requested. It is displayed in clear text. Stealing a gitlab-runner registration token could lead to project's runner environment variables and source code disclosure by registering a runner.
Proposal
One way to mitigate this would be to add a Reset runner registration token link to the settings/ci_cd
page similar to the links in user's profile/personal_access_tokens
RSS token
and Incoming email token
reset links. This way, if the tokens for a project gets exposed somehow, user could revoke the token and block undesired runner from being added.