GitLab managed apps runner : privileged should not default to true
The runner that is installed via GitLab managed apps defaults to privileged
.
(I presume this is necessary because many scripts use docker-in-docker, include Auto DevOps)
We might need several aspects here:
-
Use Kaniko to build Docker images for Auto Devops, as Kaniko does not need privileged. (NB: Other Auto Devops stages may still need Docker) -
Remove Dind in security products &971 (closed) -
Default installed runner to not privileged
-
Allow user to configure runner app
Links
- Discussion about how
privileged
allows access : https://gitlab.com/gitlab-org/gitlab-ce/issues/49056#note_122217505
Edited by Thong Kuah