Compliance Framework not found or access denied

Summary

The compliance pipelines get defined in a project, and applied to other projects using a Compliance Framework tags. The problem is that pipelines that are run by bot users (created by making a Project Access Token) error with “Compliance Framework not found or access denied” .

Does a user need a certain access level/permissions in order to run a pipeline that pulls in the Compliance Framework? For normal includes a user may need access to the included repo/pipeline but thought this was different for Compliance Frameworks?

Steps to reproduce & Example Project

See comment 👇

What is the current bug behavior?

What is the expected correct behavior?

Relevant logs and/or screenshots

Possible fixes