Comments (3)
Seeing as nobody from CircleCI answered you here, I'm going to post the reply I got from them today about this when I raised a support ticket.
Thanks for writing in. I guess the reason behind for personal API is being used for API is triggering build should be someone, not the project itself. On UI, you can see who actually triggered the build - it means the build is triggered by the user, so it's natural that personal keys are used to trigger the API. Also, for the successful builds permissions for read/write is necessary but it's only available for the member in the organization.
What I'd like to recommend is to create one more additional Github/CircleCI account for API, and use the account's personal token so that you can deal with any other situation no matter team members left or not.
from api-preview-docs.
^ If that's the expected workaround, then it'd be a nice to be able to send the user that triggered the original workflow job in the payload of the pipeline triggering.
This is mainly so that the UI can display who "owns" the current trigger, instead of having this joint "Github/CircleCI account for API" that owns all the jobs. Makes it harder to track your own build in the UI.
from api-preview-docs.
The two reasons why project-tokens are so problematic are billing and the paper trail.
Because billing is by seat, project tokens obviously open up a plethora of opportunities for abuse.
The paper trail is important for many of our larger or governmental customers, who need the ability to know who performed a certain action, and this needs to be reasonably tamper-proof.
That being said we're looking at what we can do to bring project-tokens to the v2 API. I don't know yet what that will look like, and we don't have a specific timeline, but we are thinking about it.
from api-preview-docs.
Related Issues (20)
- Question: Filtering scheduled pipelines by branch name HOT 3
- Conditions should allow operators HOT 1
- Retrying workflows
- Triggering a pipeline by tag doesn't trigger any workflows HOT 2
- List projects by organisation HOT 5
- Body parser is not tolerant of whitespace?? HOT 3
- Pipeline Parameters Ignored with API HOT 2
- Trigger workflow in different repo with same user HOT 1
- POST /pipeline Returns 201 When No Actual Workflow Is Triggered HOT 5
- Cannot access job output HOT 2
- Unable to trigger pipeline to build forked Pull Request via V2 API, error message: *Branch not found*
- Add v1 deprecation to v1 docs
- Pipeline updated_at field not actually updating
- How to pass executor parameters
- Workflow jobs and Workflow runs documentation HOT 3
- curl command in README is incorrect HOT 1
- Typo in CircleCI API v2 Docs HOT 2
- List projects API (v2) is missing HOT 7
- typo in orb reference in docs HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api-preview-docs.