In order to use the docker command to build, pull and push I need to use docker in docker (dind) .
But to enable dind i need to provide the docker socket which will provides lot of permission, such as:
docker stop $(docker ps -a -q) docker rm $(docker ps -a -q)
An article about docker security can be resume with this strong statement:
Only trusted users should be allowed to control your Docker daemon
So If I provide the docker socket to the gitlab-runner, all user will be able to control the Docker daemon.
I didn’t found a well explained article to secure the gitlab-runner with dind enabled.
similar topic : https://docs.docker.com/engine/security/
Thanks for your insights