Limit some runners to specific groups

Description

We deploy applications to kubernetes, and each runner has its own credentials to have limited access to different resources

We would need to limit specific runners to specific groups, in order to prevent one group to access the deploy credentials inside some other runner that should not be accessed by them

As for now, the manager of the group only has to activate the different runner for their project and then they have access to a different deploy credentials

If we do this on a group level, we could this way allow every group to access only their allowed runners, making CI/CD easily and without security problems between groups

Proposal

Be able to assign runners to groups and limit their scope only for that specified groups

Links / references