Add PrivilegedServices option for allowing/disallowing docker services to be privileged
This is a POC for #27368 (closed) - feature 1
What does this MR do?
A new optional parameter boolean has been added for gitlab-runners: privileged_services
.
If it is set to true (default value is false), then services will run as privileged containers.
If it isn't set, then services and jobs will run as normal or privileged containers
depending on the value of the property privileged
, as usual.
Why was this MR needed?
It's just a proof of concept, but for some users it could mitigate the risks of running privileged gitlab runners.
What's the best way to test this MR?
I don't know, but you can see the POC in action here: https://gitlab.com/stalb/gitlab-runner-test1
What are the relevant issue numbers?
Edited by Stéphane Talbot