We would like to be able to create a new GitLab runner that would only be available for the Data-Engineering team's pojects: https://gitlab.wikimedia.org/data-engineering
I understand that at the moment it would take someone with Owner level access to the group to be able to access the runner settings and therefore register a new runner.
https://gitlab.wikimedia.org/groups/data-engineering/-/group_members
Would you be happy to grant me (as an SRE within the team) ownership of that group, so that I could perform this operation as a self-service task?
It might be helpful if the runner could use the docker executor, but if that isn't feasible then we would also be happy to use a runner with the shell executor.
The first project for which we would like to use this runner is data-engineering/airflow-dags.
This runner was first discussed here: T286958#7450771
Some of the tasks that this runner should be capable of achieving are:
- accessing our current Airflow instances, which are in the Analytics VLAN.
- accessing HDFS, which requires the use of Kerberos
- uploading artefacts (Jars and python wheels) to Archiva
Therefore we would like to site a runner within the analytics VLAN, provide it with Kerberos keytabs as required, and begin to use this for both CI and automated code deployments.
There is a possibility of creating a 'test-analytics' runner first, which only has access to the test-hadoop cluster, before promoting this configuration to production.
Many thanks.