Hi. Is there a recommended git ops workflow best practice for teams which don't want developers to directly submit flows with an agent?
j
Jenny
09/15/2020, 9:45 PM
Hi @Ian Fridge - Thanks for the question! Let me check I understand - Are you wanting a way to prevent developers from running a flow without approval?
i
Ian Fridge
09/15/2020, 10:19 PM
Yeah, The goal is to have a jenkins workflow which submits the job after automated tests have been run. We would like developers to be able to log in to the UI and view the status of flows. We would like the only way to submit tasks to the scheduler to be done via jenkins.
c
Chris White
09/15/2020, 10:39 PM
Hey Ian - Prefect Server does not have any concept of permissions or authorization, so you’d likely need to craft a custom configuration of some kind.
My recommendation would be to use Prefect Cloud (which has role based access): you could configure your CICD pipeline to register your Flows with an appropriately scoped token, and you only give your developers READ ONLY roles
i
Ian Fridge
09/15/2020, 10:51 PM
Thanks!
👍 1
Could my flows still be executed in my local kubernetes cluster with the dask kubernetes metacontroller?