Looking to see how anyone else implemented this We have pref

Question

Looking to see how anyone else implemented this We have prefect up and running in our kubernetes cluster just fine in a VPC which can be accessed internally or externally if we allow the service to the problem I have is that our CI pipeline is a hosted service My question is how can I register the flow without exposing the apollo endpoint to everyone who uses the CI service I can whitelist the IP range of the CI provider but then anyone who uses that provider could in theory access apollo I can set auth on the ingress controller but then how do I get `python my flow py` with the register method to respect that

Ben Davison · Answer

I could create a tiny service which accepts the flow serialised and then sends that to the graphql layer and have just that service able use basic auth But there must be a better way

Jenny · Answer

Hi Ben I don t think we have any Prefect answer for that but interested to see if others can chip in with suggestions

Nazeer Hussain · Answer

Hi < Ben Davison> could you share your approach of Kubernetes deployment or any other reference document we are trying to deploy it on AWS ECS and facing challenges

Ben Davison · Answer

Hi Nazeer for Kubernetes deployment I just used helm as a starting point For my problem with deployment I worked out an easy way to deal with it I use basic auth + SSL + ingress ip ranges in the kubernetes layer and add this environment variable on the CI side `PREFECT SERVER HOST= ` The `baz bar ` is the basic auth part