Disable re-run job with SSH

Overview

For security purposes you may want to disable the Rerun Job with SSH feature. CircleCI allows organization admins to request that this feature be disabled on a project basis. 

 

Disabling the re-run with SSH using the CircleCI v1 API  

To disable the Rerun Job with SSH feature please confirm that you are an organization admin. If you are an organization admin, you can disable this feature using the CircleCI v1 API

 

curl -X PUT \
--header
"Circle-Token: <token>" \
--header
"Accept: application/json" \
--header
"Content-Type: application/json" \
--data
'{"feature_flags": {"disable-ssh": true}}' \
'https://circleci.com/api/v1.1/project/<vcs>/<org>/<project>/settings'

 

  • For the project URL under the --data payload, replace <vcs>/<org>/<project> with the project that you wish to apply these feature flags to. For example, github/acmeorg/foobar
  • Replace the <token> with a Personal API Token.
    • This can also be authenticated using Basic authentication after encoding your Personal API Token
  • When successful, CircleCI returns HTTP 200, and an empty string "" 

 

To confirm that SSH is indeed disabled, you can use the API and jq as well.

curl -X GET \
--header
"Circle-Token: <token>" \
'https://circleci.com/api/v1.1/project/<vcs>/<org>/<project>/settings' \
| jq '.feature_flags."disable-ssh"'

 

Important Notice

If you rerun a workflow that contains a job which was previously re-run with SSH, the new workflow will be run with SSH enabled for that job, even after SSH capability has been disabled at the project level.

 

Additional Resources: 

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.