403 Resource protected by organization SAML enforcement #1504
Description
Describe the bug
I followed the steps here to add a scorecard action to microsoft/msquic with this PR. The Action passed on the PR.
After I merged the PR, the action failed though:
Event file: /github/workflow/event.json
Event name: push
Ref: refs/heads/main
Private repository: false
Publication enabled: true
Format: sarif
Policy file: /policy.yml
2022/01/20 20:05:01 repo unreachable: GET https://api.github.com/repos/microsoft/msquic: 403 Resource protected by organization SAML enforcement. You must grant your Personal Access token access to this organization. []
panic: repo unreachable: GET https://api.github.com/repos/microsoft/msquic: 403 Resource protected by organization SAML enforcement. You must grant your Personal Access token access to this organization. []
I just double checked my PAT and it exactly matches what is required per the setup instructions. What am I doing wrong? Is the Microsoft organization doing something special on push runs to prevent this from working?
The only difference on my end is that publication is disabled for PRs, but enabled on push to main. Does the above only execute when publication is enabled?