Open Source app and keystore

I published my app to the respective stores on Google and Apple and now I’d like to open source the code on GitHub. Can anyone suggest or point me to best practices for managing access to the keystore and preventing random people from running a deployment?

Guess I’ll close the loop on this. There are various articles with guidance and best practices if one searches for ‘GitHub secrets’, ‘Android keystore management’, etc. The bottom line is don’t check ever check these files in to a repo - public or private!