Concept of giving gitlab-runner other privileges?

Hello altogether,

I am new to this community. Thanks a lot for this great piece of software! I am still marveling how this all is put together.

I have a Omnibus CE running on Centos 7, everything works fine. Projects have been set up, a CI shell runner is up, too, but currently failing.

My problem:

I see that the runner is - as a system service - called under user gitlab-runner. Through a lint-validated .gitlab-ci.yml I’d like the runner to execute some scripts in /home/alterego.

the user alterego has a special .bashrc which is why I’d like gitlab-runner to assume its identity.

I have so far failed with visudo as well as with alterego’s and/or gitlab-runner’s sudo password as gitlab-ci secret variable.

What would you recommend in this case?

Set up a special gitlab-runner-alterego.service to serve the runner as user alterego?

Can anyone hint me to a well-formed example of a .gitlab-ci.yml that performs something like su - alterego or sudo -i -u alterego or sudo -H -u alterego including password entry?

I am stuck for the moment…