How to protect my drone instance from unauthorized user

I have set up my drone instance using the kubernetes helm chart and it is exposed to the internet via a subdomain. I see that it authenticates based on my github and gives me access to my repos so I know a rogue user cannot see my builds. But couldn’t a user authenticate with their own repo and start getting a free ride for their builds on my server? How does one prevent this?

You can limit access to individual users or members of organizations:

also you can disable self-registration:

when you disable registration, new users must be manually added to the system by an administrator, using the command line tools:

adding my organization to the ConfigMap worked great, thanks!