This post follows up on the previous SetUID Runners article by taking a deeper look at code and rationale for specific features. In the previous post we outlined our goals and process for the first phase of ongoing work to improve security and functionality of GitLab CI Runners at the Department of Energy’s (DoE) High Performance Computing (HPC) labs. If you haven’t seen it, you can read it here
GitLab’s built in continuous integration (CI) tools are some of the best in the industry. Onyx Point has been leading an effort to improve GitLab’s CI security. Continue reading to learn more about how Onyx Point has implemented more secure job access controls in high-performance computing infrastructures.