Hi All, My team is designing a deployment pipeline (from Gitlab to our local Prefect Server). The reason is that our Developers are now able to use

flow.register

to deploy to production Prefect servers, which is not ideal. So I would like to ask if there are any online guilds on how to restrict the access of

flow.register

and any recommended deployment pipelines? Thanks

The most straightforward approach would be to build a CI/CD pipeline that automatically registers your flows when a PR is merged to your main branch. We have some examples of building a CI/CD pipelines here. The most straightforward pipeline with CircleCI for Server would be (I'm no DevOps - you can use it just as a starting point):

version: 2
jobs:
  build:
    docker:
      - image: prefecthq/prefect:latest-python3.9
    steps:
      - checkout  
      - run: pip install .
      - run: prefect backend server && export PREFECT__SERVER__ENDPOINT="<http://YOUR_MACHINES_PUBLIC_IP:4200/graphql>" && prefect register --project xxx -p flows/

This sounds like you can just avoid giving developers API keys to prod and rely on CI/CD to push to that like Anna suggested?

Kevin, I think the API keys option won't work since they are on Prefect Server

Oh oops! That’s right

Thanks all, I will discuss with my team and evaluate

Prefect Cloud

.