my plan is to use GitLab pipeline to build maven application and deploy it to AWS Elastic Beanstalk. During research I found this page.
If you are using gitlab.com there is a shared runner by default which you can use. Note this runner is shared with other users that means it may mean you have to wait in a que until another user’s build has completed, cannot scale and also mean that you may not use the shared runner builds including variables which may be exposed in a shared runner.
I’m confused. All builds are done inside the docker, so as far as I understand, there is no way to see my code, credentials to deploy or built artifacts. So is it safe to use shared runner in my case? I just want to make sure that my code, credentials / keys to deploy and build jar is safe.