Cannot select ssh endpoint for cloning

Using gitlab runner 10.0.2 I see:

Running with gitlab-runner 10.0.2 (a9a76a50)
  on jupiter.desktop (2e897e95)
Using Docker executor with image fedora:26 ...
Using docker image sha256:1f082f05a7fc20f99a4ccffc0484f45e6227984940f2c57d8617187b44fd5c46 for predefined container...
Pulling docker image fedora:26 ...
Using docker image fedora:26 ID=sha256:b0b140824a486ccc0f7968f3c6ceb6982b4b77e82ef8b4faaf2806049fc266df for build container...
Running on runner-2e897e95-project-5-concurrent-0 via jupiter.desktop...
Cloning repository...
Cloning into '/builds/foo/foo'...
remote: Git access over HTTP is not allowed
fatal: unable to access 'https://gitlab.linki.tools/foo/foo.git/': The requested URL returned error: 403
ERROR: Job failed: exit code 1

I have tried enabling it by adding a before_script as detailed in the documentation that looks like:

before_script:
  # Install ssh-agent if not already installed, it is required by Docker.
  # (change apt-get to yum if you use a CentOS-based image)
  - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
  # Run ssh-agent (inside the build environment)
  - eval $(ssh-agent -s)
  # Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
  - ssh-add <(echo "$SSH_PRIVATE_KEY")
  # For Docker builds disable host key checking. Be aware that by adding that
  # you are suspectible to man-in-the-middle attacks.
  # WARNING: Use this only with the Docker executor, if you use it with shell
  # you will overwrite your user's SSH config.
  - mkdir -p ~/.ssh
  - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'

but this doesn't work because the cloning still seems to happen before the before_script is called.