Ray Tang

    Ray Tang

    5 months ago
    Hi All, My team is designing a deployment pipeline (from Gitlab to our local Prefect Server). The reason is that our Developers are now able to use
    flow.register
    to deploy to production Prefect servers, which is not ideal. So I would like to ask if there are any online guilds on how to restrict the access of
    flow.register
    and any recommended deployment pipelines? Thanks
    Anna Geller

    Anna Geller

    5 months ago
    The most straightforward approach would be to build a CI/CD pipeline that automatically registers your flows when a PR is merged to your main branch. We have some examples of building a CI/CD pipelines here. The most straightforward pipeline with CircleCI for Server would be (I'm no DevOps - you can use it just as a starting point):
    version: 2
    jobs:
      build:
        docker:
          - image: prefecthq/prefect:latest-python3.9
        steps:
          - checkout  
          - run: pip install .
          - run: prefect backend server && export PREFECT__SERVER__ENDPOINT="<http://YOUR_MACHINES_PUBLIC_IP:4200/graphql>" && prefect register --project xxx -p flows/
    Kevin Kho

    Kevin Kho

    5 months ago
    This sounds like you can just avoid giving developers API keys to prod and rely on CI/CD to push to that like Anna suggested?
    Anna Geller

    Anna Geller

    5 months ago
    Kevin, I think the API keys option won't work since they are on Prefect Server
    Kevin Kho

    Kevin Kho

    5 months ago
    Oh oops! That’s right
    Ray Tang

    Ray Tang

    5 months ago
    Thanks all, I will discuss with my team and evaluate
    Prefect Cloud
    .