I have a problem about authority management.
there’s my situation:
a project has some submodules
the submodules are libraries and some member can’t access it.
but if anyone push code to gitlab and the CI/CD is triggered.
the CI/CD yml file can script jobs to copy submodule souce code and send it to gitlab.
finally, the source code can be downloaded.
all member can modify yml file to do anything they want.
this makes the authority setting fails. I can’t protect the libraries source code.
does any method to prevent this?