Is it safe to map local .ssh to gitlab runner?

Hi all,


Is it safe to map local .ssh to gitlab runner and is there a better solution?

I’m looking for advice.

I’ve installed and registered gitlab-runner on local machine and also I’m running gitlab-runner on that same machine. I have one project that is pulled onto that machine using ssh keys.

Gitlab Runner is docker based, and docker.sock is volume mounted into gitlab runner - using local docker engine as docker engine of gitlab runner.

I need to use git pull inside of runner job, but it gives me this error:

Host key verification failed.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.

Other git commands, such as git stash or git status works fine, here is the list of commands that needs to be executed:

    - git config --global "username@username.username";
    - git stash;
    - git checkout master;
    - git pull;
    - git stash pop;

Other notice is that git is previously installed in this same job, because I need this part of code to be executed on special image.

I managed to solve this by mapping local .ssh directory to gitlab runner .ssh directory in config.toml.

The main problem that is concerning me, is this safe solution and is there a better solution for this problem?