Mitchell Bregman
10/21/2020, 4:32 PMZanie
Mitchell Bregman
10/21/2020, 5:13 PMdevelop
to master
, we run a workflow that registers all the flows to the cloud… what really happens under the hood is - we’ve build an abstraction around prefect flows that configure all of our storage/environment/helper needs.. code is grouped by relevant data source, i.e. snowflake, mysql, postgres
Zanie
How were you able to register flows for a given user via CI/CD?
Mitchell Bregman
10/21/2020, 5:26 PMfor flow_cls in ParkMobileFlow.__subclasses__():
flow = flow_cls()
flow.register()
Marko Herkaliuk
10/21/2020, 5:30 PMMitchell Bregman
10/21/2020, 5:30 PMZanie
flow.register()
to take an auth token which you would provide by peeking at the user for the flow. However, this requires managing multiple tokens in a safe way and introduces complexity for our handling of client tokens which would affect much more than just flow.register
. The way it’s implemented currently we have a clear opinion that if a client authenticates correctly in one place in your code, it will everywhere — I don’t think this is something we are willing to risk breaking by adding first-class support for situational token passing. I think this also reveals some dangers with registering your flows per-user in CI. That said, the Client
loads the auth token from the prefect.context
which provides a context manager specifically for situations where the context should be temporarily modified so you can use that as a solution if you must. We have plans to work on service accounts in the near future and improving the cloud user/auth experience is on our roadmap so hopefully we can reduce the complexity of this for you!Mitchell Bregman
10/21/2020, 7:08 PM