Continuous Deployment Security

Hi there,

I have a project in Github for an Android app where I’m currently using circleCi.

I was configuring a workflow to perform the deployment to Google Play Store using a gradle task however I running in cricles trying to prevent other developers from triggering the deployment.

I have a protected branch where I intend to push the code version I want to deploy. So no one can force push to it and my workflow configuration states the task only runs for.this branch. However what’s preventing another developer to change config.yml and allowing the deployment job to run on all branches including his.

Am I missing something? Is there anyway to restrict job execution outside the config.yml.

I’m using v2.0 btw.