Volume mount as gitlab-runner user not as root

I have a gitlab-runner (self-hosted) with a docker executor. The runner is in system mode and will execute commands as need as the gitlab-runner user. However When it clones the repo to the build dir and mounts it as a volume into the container. Its mounted with the root user permissions.

My issue is that my container user is not root user (for security reasons). However I do need to change some permissions on on a couple of files however as my UID in the container is different form the UID the files are mounted as I get permission denied.

What I would like is for the git clone to be done as the gitlab-runner user. So when its mounted to the container it will use the UID of the gitlab-runner. Then In the container I will just create my user with the same UID so I will be able to change the permissions on these files in the container as needed.

Can anyone tell me how I can configure the runner to clone the repo as the gitlab-runner user not as root so when its mounted to the container I can map the UID?

2 Likes

I searched for this feature too and I think that this issue is the only one relevant for now: Specify which "user" shall run the job (docker-executor) (#2750) · Issues · GitLab.org / gitlab-runner · GitLab

As this comment states, I think I’m going to use a shell executor doing docker run --user ... in the script of the job.