Document prefered secure method to enable Docker Build/Docker in Docker in shared CI environment
https://docs.gitlab.com/ce/ci/docker/using_docker_build.html documents a number of ways to run Docker Build from GitLab CI but fails to document secure shared GitLab Runner setup for Docker Build.
-
https://gitlab.com/gitlab-org/gitlab-ce/issues/17769#note_12514055 & https://gitlab.com/gitlab-org/gitlab-ce/issues/17769#note_14073257 starts to discuss option but doesn't document if there is any container escapment risk or not
- Is case 2 of https://applatix.com/case-docker-docker-kubernetes-part-2/ the same idea but using kubernetes?
- GitLab.com appears to run each build in a new VM
- https://github.com/schmunk42/docker-gitlab-runner?
- What other options exist?
- Is #5835 (moved) related?