My organization deploy source code on github org account and uses Bulidkite as CI/CD tool. Any one who has access to Buildkite project can trigger a build for any repository pipelines. Is there a pipeline/repository access control in Buildkite to allow only selected users to trigger a build and make it readonly for other users? Ideally, I'd like to put the access control list on pipeline.yml file.
If you think about it, you can not put that ACL into a pipeline.yml file, because then everyone has write access to it so it is zero effort to break it. Buildkite has team setup so the administrator can define the permission for a group of people so that they either can observe or build or manage a pipeline.