The helm chart to deploy gitlab runner for configuring different prometheus resources (blackbox-servicemonitor-alertmanager-rule) on various k8s namesapaces. (see https://github.com/rezaebrahimi1/cd-thanos)
The required role are specified on role-gitlabrunner.yml file regarding least priviledge principle.
The installation is done using helm. Change gitlabUrl, runnerRegistrationToken, clusterWideAccess, image, tags and protected values in values.yaml to your desired state.
Adjust roles for "default" SA
After creation of gitlab-runner namespace, the default SA (service account) will be created. Since this SA is utilized to deploy monitoring resources to k8s cluster namespaces, some extra role are added to it.
Run following command respectively, to have a gitlab-runner instance on K8S cluster and also it's registration with your gitlab instance:
kubectl create ns gitlabrunner
kubectl create -f role-gitlabrunner.yaml
helm repo add gitlab https://charts.gitlab.io
helm repo update
helm upgrade --install gitlabrunner -n gitlabrunner -f values.yaml gitlab/gitlab-runner
After that you should see green status under Available specific runners part.
file:///home/reza/Downloads/gitlab-runner.png