Add PrivilegedServices option for allowing/disallowing docker services to be privileged (!2652) · Merge requests · GitLab.org / gitlab-runner

Stéphane Talbot requested to merge stalb/gitlab-runner:feature/privileged-services into main Dec 28, 2020

This is a POC for #27368 (closed) - feature 1

What does this MR do?

A new optional parameter boolean has been added for gitlab-runners: privileged_services. If it is set to true (default value is false), then services will run as privileged containers.

If it isn't set, then services and jobs will run as normal or privileged containers depending on the value of the property privileged, as usual.

Why was this MR needed?

It's just a proof of concept, but for some users it could mitigate the risks of running privileged gitlab runners.

What's the best way to test this MR?

I don't know, but you can see the POC in action here: https://gitlab.com/stalb/gitlab-runner-test1

What are the relevant issue numbers?

#27368 (closed)

Edited Dec 22, 2021 by Stéphane Talbot

Add PrivilegedServices option for allowing/disallowing docker services to be privileged

What does this MR do?

Why was this MR needed?

What's the best way to test this MR?

What are the relevant issue numbers?

Merge request reports