I’ve had a number of contributors complain that they cannot see build logs, particularly for their PRs, without logging in to CircleCI. The appears to have gotten worse, with that login now demanding write access to all the user’s repos!
Here’s an example:
It’s such a shame, as I’d love to show off CircleCI more and try and get the platform more customers, but at the moment it’s tipping towards “maybe I should just move my stuff to GitHub Actions?”.
I hope someone can help…
Hi @cjw296! Thank for the feedback.
Our v2 APIs originally required auth to access data, but we’ve made changes so that some of the endpoints, particularly for viewing data, can be accessed without auth for OSS projects. Our UI is not quite up to date with the v2 API, but we’re actively working on updating it.
I understand how seeing those GitHub permissions can seem like a lot, but we ask for them for a variety of reasons. For example, when customers “edit” the config via the config editor, they are actually making an updated version and committing it to the repo, which means they need write permissions.
I’m happy to chat about it and answer more questions!
@thekatertot - okay, can you confirm when OSS projects should be able to view build logs without logging in?
I’m afraid your answer as an explanation for “we want write access to all your repos as soon as you log in” really isn’t okay, and I’m sure is putting a lot of people off. I know several contributors to OSS projects of mine have already refused to log in to CircleCI because of this.
What would it take for you to request only minimal access on login and then incrementally request access if someone decides to build a repo?
The config editor argument is, I’m afraid, a weak one: most people are going to just edit the yaml in their own checkouts…
I don’t have an exact date for when OSS projects should be viewable without login yet; I don’t want to give you an incorrect estimate, but I know it’s actively being worked on now, which usually means ~2-3 weeks. If that changes, I’ll let you know.
As for the GitHub permissions, the config editor was just one example. There are some limitations in the granularity of the GitHub API that we’re working around, and we make an effort to ask for the minimum access that we can. I can put you in touch with someone from that team if it will help.
I’m afraid “write access to all my repos” doesn’t feel very minimal to me, and the feedback I have is that it’s putting off collaborators on my OSS projects, which can’t be good for CircleCI adoption, which is what’s going to lead to income for you folk… Very happy to speak to whoever’s appropriate on your team