I have a private repository on gitlab.com, i.e. not my own hosted GitLab instance, which has git submodule which is a private repository on gitlab.com. I added the submodule and changed the URL in .gitmodules according to Getting GitLab CI to clone private repositories which makes the cloning work when using shared runners from gitlab.com. I'd like to use a specific runner which runs under my desk for no specific reasons (the runner works fine for public projects).
I went through
- https://docs.gitlab.com/ee/user/permissions.html
- https://docs.gitlab.com/runner/security
- https://docs.gitlab.com/ee/user/project/new_ci_build_permissions_model.html
and tried changing the remote URL to git clone https://<username>:<private-token>@gitlab.com/[my username]/[my submodule project name].git following some issue reports. I'm still not sure whether that's the deprecated way of allowing runners to clone or not.
I don't find any explanation for permissions for runners which are configured from a user perspective (in the sense that I'm not the admin of gitlab.com). All linked articles are missing crucial examples, distinction between target group of users and admin and version references and thus might be outdated or not.
