Add "allowed to deploy" option for protected branches
Enterprises need to define which group/individuals are able to deploy to sensitive environments (such as production). Leveraging existing branch configuration, define who can deploy the contents of the protected branch to an environment.
In the "protected branches" configuration settings of the repository, add an "allowed to deploy" option (similar to allowed to push/merge). In the same manner, users can add roles, users, and groups to this dropdown.
Manual actions targeting branches that are protected AND have an
environment set, can be played only if you are in that list.