Skip to content
This repository has been archived by the owner on Feb 8, 2024. It is now read-only.

List projects API (v2) is missing #97

Open
vinitshahdeo opened this issue Apr 13, 2021 · 7 comments
Open

List projects API (v2) is missing #97

vinitshahdeo opened this issue Apr 13, 2021 · 7 comments

Comments

@vinitshahdeo
Copy link

Hello 👋

I am looking for an endpoint which can help us list all the projects within an organization (or the projects the user has access to). However we have an endpoint(v1/projects) in CircleCI API (v1) which returns the projects followed by the user.

A route like GET /v2/projects should list all the projects the user has access to.

@stiyyagura0901
Copy link

if it helps

$ curl --location --request GET 'https://circleci.com/api/v2/insights/gh/$ORG_SLUG/summary' --header 'Circle-Token: $CIRCLE_TOKEN'

it has a key in response all_projects with list of project slugs

@NicolaiLolansen
Copy link

NicolaiLolansen commented Jan 5, 2023

This endpoint seems to be limited in the amount of projects it returns

@alrodgers
Copy link

Yes, doesn't list all my projects. :(

@pinko-fowle
Copy link

We're trying to rotate all our secrets per the recent security incident, and lacking this capability is bringing us down a lot.

@nslusher-sf
Copy link

We're trying to rotate all our secrets per the recent security incident, and lacking this capability is bringing us down a lot.

I was looking for this functionality as well and not having it is definitely slowing us down. While there is a tool that was posted to track down secrets it does not provide the ability to list all projects with SSH keys.

@NicolaiLolansen
Copy link

NicolaiLolansen commented Jan 9, 2023

We ended up going the other way, using the Github API to list all projects with a token called "CircleCi", then used those slugs to first delete, then add them again with the CircleCI API. Also deleting the deploy key on circleCI does not propagate and delete it on Github, you have to also take care of that. It does however require a personal-token that has access to all those organizations.

You can use the same "trick" to pull env-variables as you now have the project slugs needed to look them up one by one.

@alrodgers
Copy link

alrodgers commented Jan 9, 2023

Update: our SecOps team were able to obtain a list of all our configured projects by contacting CircleCI directly.

Nicolai's approach wouldn't have worked well for us, as we also had some obsolete projects that had secrets configured as env vars but didn't have tokens configured in GitHub any more.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants
@NicolaiLolansen @alrodgers @vinitshahdeo @stiyyagura0901 @pinko-fowle @nslusher-sf and others