Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> GitLab Runners do not offer secure isolation between projects that they do builds for. You are TRUSTING all GitLab users who can push code to project A, B or C to run shell scripts on the machine hosting runner X.

Not sure this sounds like the best idea.



Well, there is an issue for that[0]. Also, as of today[1], all shared Runners on GitLab.com are each on their own VM inside Docker containers, so that message does not apply for sure.

[0] https://gitlab.com/gitlab-org/gitlab-ce/issues/14732 [1] https://about.gitlab.com/2016/04/05/shared-runners/


Exactly what I thought, so that message should probably be updated?


This can easily be avoided by provisioning your own runner. In that case, it'll be isolated for the projects of your choosing.

It's important that we note this, as we do provide free runners for anyone to use on GitLab.com.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: