Docs feedback: Include the required permission information for K8S executor on interactive web terminal setup

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Description

In the section for the [session_server] section we didn't include any permission requirement for kubernetes executor. This seems not a problem when using Helm chart to deploy GitLab runner into the cluster. But if the runner is external to the cluster and executor configured by [using cert/ca] files(https://docs.gitlab.com/runner/executors/kubernetes.html#connecting-to-the-kubernetes-api) it will be quite possible that the executor could spin up pods and run job properly but not able to connect to pod for interactive shell.

Steps to reproduce

• Create a minikube cluster in the same network as the GitLab server.
• Register a k8s executor by using the files mentioned in $HOME/.kube/config.
• Configure session_server per the [session_server] section.
• Run CI job and click debug to connect to runner shell

Expected result

Able to enter runner shell and run command

Actual result

Error of connection failure

Notes

If use bear_token for the service account created by following the integration document to configure the executor, the interactive web terminal runs well.

/cc @steveazz