Automatic runner connection
When installing a runner to a k8s (Kubernetes) cluster, a k8s connection to the cluster will be automatically created as a part of the runner installation. The created connection will use the runner’s service account and permissions (full permissions to the runner namespace).
Configure a specific scope for runner connection permissions
To create a connection with specific permissions upon runner installation, use the following helm command flags as a part of your runner helm command:
--set globalReader=true # create a cluster readonly permission in the cluster
--set "scopedNamespaces={dev,demo}" # creates an admin (Read/Write) permission for dev and demo namespaces within the cluster