Add allowed images rectriction to Kubernetes executor

Description

For Runner Docker there is the possibility to restrict the allowed images like:

allowed_images = [ "gitlab-registry.example.com/example/gitlabci-docker-builder:*" ]
allowed_services = [ "docker:*dind" ] 

The main problem is that it is not like that with the rest of the runners. For instance, the Kubernetes executor does not allow this configuration. Using any image while docker build could allow the container to access the host node and this should be limited with an specific allowed image, refusing any other.

Proposal

Add the same configuration for allowed images that was used in Docker to the Kubernetes executor configuration.

Links / references

https://docs.gitlab.com/runner/configuration/advanced-configuration.html#restrict-allowed_images-to-private-registry https://docs.gitlab.com/runner/executors/kubernetes.html

Overview

Anyone could be able to restrict allowed images as with Docker.