I decided to use GitLab as a package registry, mainly for maven packages. I chose a group-level package registry. I have configured CI jobs to publish artifacts upon merge to master but now everyone with a developer role can also publish to this group-level registry which is a risky situation and someone can overwrite a critical package by mistake. Is there any way to limit the access of developers so they can not publish to the package registry?
I use GitLab enterprise 14.2.