I'm trying to move from certificate based GitLab Kubernetes integration which got deprecated, to new agent based Kubernetes integration. I use CI/CD workflow, created separate project for Gitlab Kubernetes Agents and registered them there. The equation is how to restrict the usage of registered agents in other projects? Previously when one uses certificate based approach, one can set target namespace in project setting, also one can set environment for the integrated cluster, to use it with protected environments. Now Kubernetes context is just available in other projects under same group, and once you have access to CI\CD files you can do whatever you want, and deploy anywhere.
Asked
Active
Viewed 184 times
4
-
Can you control how this context is distributed? You can just limit the privileges of the users in each context to have access control. – zer0 Jul 20 '22 at 17:44