Instance cluster for self-managed gitlab with kas

I’m a big gitlab fan and have been working on tracking the latest version of gitlab features and applying them to the company’s production practices.

According to the gitlab circuit diagram, the 15 version will deprecate certificate-based integration. This brings some challenges to my current job, and I would like to consult relevant experts. The specific questions are as follows:

status quo:
We use a self-managed gitlab server on our PC and open gitlab to our company teams. On gitlab, we inherit the self-built k8s cluster at the instance level (admin->kubernetes) through certificate-based and share the cluster to the CI/CD of each team for deployment.
Each team is managed in the form of group in gitlab, the form is as follows:

Everything is working fine now, all team projects are deployed to the self-built k8s cluster through ci/cd.

Challenges brought by version 15.0:
With the failure of certificate-based integration, we will need to adjust our k8s integration solution to kas. However, the current kas method does not seem to be able to establish an instance-level cluster integration solution. The solution we can think of is to establish an independent agent project under each group and perform relevant authorization to integrate k8s within the group, and we need to adjust the corresponding ci/cd deployment script, and distinguish the corresponding agent of each team in the script kube-context. Obviously, doing this greatly increases our subconscious allocation workload.

Are there better and more reasonable ideas to help us migrate?

thank you very much! !