Hi @Rohit_Nair,
You can choose to have a restricted access structure to enable the same.
Like at our end:
- Developers don’t have access to upload/push packages on orchestrator.
- Only our Primary process owner(business owners) is allowed to promote a package on prod orchestrator after UAT sign off.
So, in this case, even if a certain package is pushed to git branch, it will never make its way to prod orchestrator as person responsible for pushing code into git will always be a developer, however, person promoting the package to orchestrator will always be a business user. Hence, no intervention.
Publishing to git - only applicable to developers or robot accounts, zero access to promote code in prod orchestrator.
Publishing to prod orchestrator - only applicable to business owner, zero access to git repo or studio.
Hope this helps.
Regards
Sonali