Hi, I'm the founder of actuated.<p>We don't think that Docker in Docker is safe for CI, neither is mounting a Docker Socket.<p>We also think that managing runners is boring and time-consuming.<p>So we've automated it, and secured it with Firecracker.<p>This article talks about some of the challenges we've faced, and lessons we've learned working with pilot customers so far.<p>Alex