Extend specific runners to be able to pick jobs from forks

We have gitlab-ce where we have a bunch of runners assigned to a specific project. We also have shared runners that can be used to run a general poll of jobs as long as tags are assigned. However, this is not an ideal solution, as we should have runner assigned to project, where we can instruct that runner to pick jobs from forks, technically running it in an unsafe environment.

Proposal

Extend runner configuration with:

• run jobs from forks

How it would work

The runner when asking for builds would query all projects that are assigned to current one, as part of upstream-fork relation.

Why this is needed?

Increased security of runners, by limiting them to specific projects, not allowing them to be shared ones.

@bikebilly @markpundsack does it make sense?