I've been experimenting with gitlab runners and noticed shell runners installed on linux systems sitting behind a VPNs can be accessed without any networking issues or regards to the firewall.
If I wanted to set up a kubernetes runner in the same environment, that involves adding a publicly accessible endpoint.
How does the gitlab runner get around my vpn and firewall when using the shell runner?
Note that my VPN/Firewall limits incoming traffic, but not outgoing. Is the gitlab-runner making requests out to github to get instructions on when to run pipelines?
Is the gitlab-runner making requests out to github to get instructions on when to run pipelines?
Yes, the runners initiate the connection, not the GitLab instance. That's why runners can be behind a firewall/VPN/whatever. As long as the runner can connect to GitLab instance it works.