Add kubernetes runners allowPrivilegeEscalation security context configuration
Description
Provide the capability to configure the allowPrivilegeEscalation
security context for the runner instances started on a kubernetes cluster that has OPA enabled:
ERROR: Job failed (system failure): prepare environment: admission webhook "validation.gatekeeper.sh" denied the request: [denied by psp-allow-privilege-escalation-container] Privilege escalation container is not allowed: build
[denied by psp-allow-privilege-escalation-container] Privilege escalation container is not allowed: helper. Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information
Proposal
Add new configuration option allow-privilege-escalation
for runners.kubernetes
that allow the user to specify the expected security context for the runner contianers.
Links to related issues and merge requests / references
Edited by Horatiu Eugen Vlad