Hm...

Deleting failed SARIF upload
  In test mode, therefore deleting the failed analysis to avoid impacting tool status for the Action repository. SARIF ID to delete: 3146eec2-b0d6-11ee-9ed6-a261d13cdc7d.
  Analysis ID to delete: 160977804.
Error: Failed to delete uploaded SARIF analysis. Reason: Error: HttpError: Resource not accessible by integration

Odd as we have not changed anything about our token permissions between this PR and the last run. Also, our PUT calls to the analysis and analysis/status endpoints are working, so we should still have the necessary security_events:write permissions for a DELETE (https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28#delete-a-code-scanning-analysis-from-a-repository)

That is odd. Maybe try re-running just in case that was a fluke. The workflow has security-events: write

I had re-run it on a previous commit too, probably have 5 total consecutive runs failing now 🤔 might be some kind of API error but odd that it's not hit on any of the other times we're hitting code scanning endpoints.

I think the "Submit SARIF after failure" check doesn't work on forks — we need to update it so it doesn't try to delete the SARIF when running from a fork. I've backlinked an internal issue.

Right... I forgot about that.

I think the "Submit SARIF after failure" check doesn't work on forks — we need to update it so it doesn't try to delete the SARIF when running from a fork. I've backlinked an internal issue.

Oh shoot I also forgot about that. Thanks!

I'm going to remove it from being Required until we have that backlinked issue done.