How to protect .drone.yml to be updated by anyone apart from admins


From last two months we are using Drone as CI/CD solutions of our work and i found it very awesome tool in its class.

I have one use case, where i want to know about the best possible solution is possible.

Use Case:
.drone.yml file should be available in the project repo, as it is expected by drone to execute the pipelines, but problem(not exactly a problem) i see here is that, this .drone.yml can be updated by anyone who has access to that project repo and they can override/comments some of the pipeline steps, which i don’t want to allow.

Hence i want to know about the possible if anything can be done for this use case, so that this .drone.yml file can be by limited or allowed users, even though developers having read/write access to the project repo


please see the following threads, are similar in nature and discuss various options: