List projects API (v2) is missing about api-preview-docs HOT 7 OPEN

We're trying to rotate all our secrets per the recent security incident, and lacking this capability is bringing us down a lot.

from api-preview-docs.

if it helps

$ curl --location --request GET 'https://circleci.com/api/v2/insights/gh/$ORG_SLUG/summary' --header 'Circle-Token: $CIRCLE_TOKEN'

it has a key in response all_projects with list of project slugs

from api-preview-docs.

This endpoint seems to be limited in the amount of projects it returns

from api-preview-docs.

Yes, doesn't list all my projects. :(

from api-preview-docs.

We're trying to rotate all our secrets per the recent security incident, and lacking this capability is bringing us down a lot.

I was looking for this functionality as well and not having it is definitely slowing us down. While there is a tool that was posted to track down secrets it does not provide the ability to list all projects with SSH keys.

from api-preview-docs.

We ended up going the other way, using the Github API to list all projects with a token called "CircleCi", then used those slugs to first delete, then add them again with the CircleCI API. Also deleting the deploy key on circleCI does not propagate and delete it on Github, you have to also take care of that. It does however require a personal-token that has access to all those organizations.

You can use the same "trick" to pull env-variables as you now have the project slugs needed to look them up one by one.

from api-preview-docs.

Update: our SecOps team were able to obtain a list of all our configured projects by contacting CircleCI directly.

Nicolai's approach wouldn't have worked well for us, as we also had some obsolete projects that had secrets configured as env vars but didn't have tokens configured in GitHub any more.

from api-preview-docs.