Allow configuration of protected runner at registration time
Description
Unless I am missing something in the documentation, I do not see a way to configure a runner to be a protected runner at time of registering the runner using the gitlab-runner register command or in the config.toml file. This causes difficulties in putting the CI runners under continuous deployment.
We are looking to have two sets of runners across all of our projects, one set of non-protected runners and one set of protected runners. The protected runners would have access to secrets (through aws IAM roles) that allow them to deploy infrastructure where the unprotected would purely be a sandbox for building/testing applications (no deployments/secrets on unprotected branches).
We have successfully configured the CI runners and put them under continuous deployment but unless there is a way to define a runner as protected at the time it is registered we are left in a position where we need to either manually go in and check the checkbox after each deployment or hopefully use the api to do it. Either way is less than ideal!
Proposal
Add configuration values into the gitlab-runner register command as well as in config.toml.