Skip to content

register-runner: split the runner into two runners

Kevin Daudt requested to merge split-runner into master

In order to be able to run docker images inside docker, we mount the docker socket inside the build container. This offer a security risk, as any CI job is able interact with the docker engine the host.

To mitigate this, one runner is used to build docker images. This runner should be limited to trusted projects.

The other runner can be shared, as it does not get the docker socket.

Merge request reports