Email: Your access to Slicer/Slicer from CircleCI was revoked by GitHub

jcfr · March 23, 2018, 7:13pm

Thanks @fbudin69500 for reporting the problem.

If you got an email with the same title, just to let you know that we contacted CircleCI support.

I will post update here.

It may be related to this but I will know more later. See https://circleci.com/docs/1.0/github-3rdparty-app-restrictions/

jcfr · March 23, 2018, 7:30pm

Update from CircleCI support:

jcfr · March 24, 2018, 1:47am

Update from CircleCI:

Earlier today we experienced an issue that caused your GitHub project access to be revoked. This was caused by a regression in GitHub’s API that resulted in the loss of access to your GitHub projects on CircleCI.

We apologize for the confusion and downtime this may have caused for you and your team.

What happened:

Around 5:00PM UTC, GitHub pushed a change to their API that incorrectly omitted the permissions field of certain endpoints. This caused us to revoke permissions for many users.

Around 7:00PM UTC, GitHub deployed a fix of their API. This resolved issues for most customers. However, as an effect of the false-negatives on permissions, some users remained without access to a subset of projects. This subsequently caused some builds to appear to revert to CircleCI 1.0 configurations.

At 8:15PM UTC, we started deploying a fix which ensured users who lost access and now properly had access would automatically resume following projects on CircleCI. This fixed further issues regarding visibility and access to certain projects.

At 8:45PM UTC, we communicated through StatusPage that if our fix had not deployed to you yet, that a manual workaround involving resetting your GitHub webhooks existed.

What we’re doing to prevent this in the future: We are currently setting up systems to help us more closely monitor for changes to GitHub’s API that can cause these types of issues. Revoking access for users where we no longer see permissions present is the correct action for security purposes. Moving forward, we will maintain our focus on the security of your projects while also looking for ways to be more robust in the face of upstream changes.

Steps you can take: If your project continues to not build as expected, have your organization’s GitHub administrator take the following actions:

Remove all CircleCI webhooks and services from your GitHub repo settings.

Tell the project to stop building on CircleCI through “Project settings.”

Add the project back on CircleCI.

Self-hosted CircleCI customers using github.com were also impacted and can use the steps described above to remove and re-add projects for builds to resume.

If you have any additional questions, please don’t hesitate to reach out. You can reach our support team here.

Sincerely,

The CircleCI Team

Topic		Replies	Views
2021.11.02 Weekly Meeting Weekly meetings	5	286	November 2, 2021
CircleCI build failures Development	7	420	December 1, 2021
2023.08.01 Weekly Meeting Weekly meetings	2	308	July 31, 2023
2020.08.25 Hangout w/ Project Week Discussion Weekly meetings	1	296	August 25, 2020
[SOLVED] Slicer Wiki and Issue Tracker brief outage Support	1	300	October 17, 2017

Email: Your access to Slicer/Slicer from CircleCI was revoked by GitHub

Related Topics