Supplemental Groups with Gitlab Runner on OpenShift
Recently I configured gitlab-runner to operate on an openshift cluster. One quirk of this setup is the containers running as random uids, having the side-effect of the build container being unable to clone the project or fetch dependencies. To overcome this issue, we needed to run the build container with a supplemental group which had write access to the $CI_BUILDS_DIR path. Security Context Constraint The cluster administrators set up a securityContextConstraint which allowed the build service account to use supplemental group 80001....