Unable to set up auto-updating of new package

[christeredvartsen]

I'm struggling to set up auto-updating of the following package:

https://packagist.org/packages/navikt/coding-standard

Packagist have been given access to the org where the repo is. When trying to trigger a manual account sync I'm seeing the following error:

An unexpected error occurred during sync.

I'm not sure what is going on here. I have other repos in the same org that I have enabled auto-updating on without issues.

[christeredvartsen]

Checked again now to see if was some temporary error, but the error message is still the same as seen in the screenshot:

[Seldaek]

The issue I'm seeing on our end is this:

`GET https:\/\/api.github.com\/repos\/navikt\/coding-standard-php\/hooks` resulted in a `403 Forbidden` response:
{
  \"message\": \"Resource protected by organization SAML enforcement. You must grant your OAuth token access to this orga ...

Could it be something special you have enabled on your org?

[stof]

maybe your organization uses the third-party application access policy features of Github, and you haven't authorized the Packagist github app on your org.

[christeredvartsen]

We have three other repos that is automatically updated in the same org. Looks like that app has access:

[christeredvartsen]

It might be that we have enabled forced 2FA on the organization after I initially set up the Packagist integration. I can try to re-approve the app and see if that helps.

[stof]

@christeredvartsen is your organization using the SAML single sign-on feature of GitHub Enterprise Cloud ?

[christeredvartsen]

is your organization using the SAML single sign-on feature of GitHub Enterprise Cloud ?

Yes, but it has been doing so since we initially set this up a couple of years back.

[christeredvartsen]

The auto-updating of one of our other packages worked a couple of days ago btw, so the only repo that it doesn't work with is the one mentioned above.

[christeredvartsen]

Would love to get this sorted out. I can help debug on the GitHub-organization side if you need me to test something.

[Seldaek]

Can you try to set it up manually by using the instructions at Do not want to log in via GitHub and grant us webhook configuration access? on https://packagist.org/about#how-to-update-packages ?

[christeredvartsen]

That seems to be working. Will I have to do this for all our future packages for this org?

[Seldaek]

I don't know as I am not sure what is going on here tbh. Not familiar at all with this SAML stuff, and I can't say I have time to dive into it atm.

[Messhias]

Still nowadays having this issue, and no, I don't know about SAML and etc and as @Seldaek told, we don't have time to dive into this.

[emmadesilva]

Having this issue too, for an organization. Getting "You must connect your user account to github to sync packages.", but I can't connect, as I can't log in as the organization.

Edit: I of course have double checked that the installed app on the organization has permissions to access the repo.

I can confirm that using the webhook works, and is at this point the simplest fix.

[stof]

Based on https://docs.github.com/en/enterprise-cloud@latest/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso, I think you need to have an active Saml SSO session for your organization at the time you ask Packagist to perform a sync.