►
From YouTube: The CI CD tunnel
Description
A
Hello,
my
name
is
viktor
knight,
and
I
am
the
product
manager
of
the
configure
group
at
git
lab.
My
team
is
responsible
for
gitlab's
kubernetes
integrations
and
in
this
video
I
would
like
to
show
you
our
most
recent
development,
the
ci
city
tunnel.
The
cic
tunnel
connects
your
gitlab
ci
jobs
with
your
kubernetes
clusters
in
a
secure
and
easy
to
maintain
way.
You
can
read
more
about
the
comments
agent
in
our
documentation
where
describe
its
other
supported
features
as
well
like
pool
based
deployment
and
network
security
integrations.
A
But
let's
focus
on
the
push-based
use
case.
Now
I
have
a
cluster
really
set
up
and
the
cluster
side
component
of
the
agent
is
already
installed
in
this
cluster
lot
of
banana.
We
do
not
require
any
special
rights
for
the
agent
run,
you
own
the
agent
and
you
can
give
as
much
access
to
it
in
your
cluster
as
you
want.
A
A
A
So
the
server
address
and
the
user
token
as
I'm
on
gitlab.com,
I
use
the
kubernetes
agent
server
provided
by
the
gitlab
sre
team,
that's
cast.gitlab.com
on
self-managed
instances.
You
should
change
this
to
your
own
endpoint.
We
access
the
cluster
by
gitlab,
and
this
enables
authorization
to
happen
at
gitlab
as
well.
The
token
used
for
authenticating
with
the
cluster
builds
under
both
this
job
uses.
The
agent
service
account
to
connect
with
the
cluster.
A
We
are
currently
working
on
adding
job
and
user
specific
impersonation
as
well
as
you
can
see
the
token
reference
is
the
agent
id
I
want
to
use
and
we
use
the
ci
job
token
to
authenticate
with
the
commander's
access
server.
The
agent
id
today
can
be
retrieved
only
from
a
graphql
endpoint.
In
my
case,
this
is
291,
but
we
are
working
on
surfacing
it
to
the
gitlab
ui.