No usage of project key in cache key leading to wrong repos added to Organization Folder jobs

[thomas-boehm-tractive]

Jenkins and plugins versions report

Environment

```text Jenkins: 2.387.3 OS: Linux - 4.14.336-253.554.amzn2.x86_64 Java: 11.0.19 - Eclipse Adoptium (OpenJDK 64-Bit Server VM) --- ace-editor:1.1 amazon-ecr:1.114.vfd22430621f5 ansicolor:1.0.2 antisamy-markup-formatter:159.v25b_c67cd35fb_ apache-httpcomponents-client-4-api:4.5.14-150.v7a_b_9d17134a_5 atlassian-jira-software-cloud:2.0.7 authentication-tokens:1.4 authorize-project:1.5.1 aws-codepipeline:0.47 aws-credentials:191.vcb_f183ce58b_9 aws-java-sdk:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-cloudformation:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-codebuild:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-ec2:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-ecr:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-ecs:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-efs:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-elasticbeanstalk:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-iam:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-kinesis:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-logs:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-minimal:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-secretsmanager:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-sns:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-sqs:1.12.606-418.vce5b_4cd017c6 aws-java-sdk-ssm:1.12.606-418.vce5b_4cd017c6 aws-secrets-manager-credentials-provider:1.202.ve0ec0c17611c aws-secrets-manager-secret-source:1.62.v120c8e5058ee bitbucket-approval-filter:1.0.3 bootstrap4-api:4.6.0-6 bootstrap5-api:5.2.1-3 bouncycastle-api:2.30.1.77-225.v26ea_c9455fd9 branch-api:2.1105.v472604208c55 browserstack-integration:1.2.12 build-blocker-plugin:1.7.9 build-discarder:139.v05696a_7fe240 build-timeout:1.28 caffeine-api:3.1.8-133.v17b_1ff2e0599 checks-api:1.8.1 cloudbees-bitbucket-branch-source:805.v7f97d29dc0f5 cloudbees-folder:6.815.v0dd5a_cb_40e0e command-launcher:107.v773860566e2e commons-httpclient3-api:3.1-3 commons-lang3-api:3.13.0-62.v7d18e55f51e2 commons-text-api:1.10.0-68.v0d0b_c439292b_ conditional-buildstep:1.4.3 configuration-as-code:1625.v27444588cc3d copyartifact:714.v28a_34f8c563f credentials:1224.vc23ca_a_9a_2cb_0 credentials-binding:626.v8d9034b_8ea_cc data-tables-api:1.12.1-4 dependency-track:4.3.1 display-url-api:2.200.vb_9327d658781 docker-commons:419.v8e3cd84ef49c docker-workflow:572.v950f58993843 dtkit-api:3.0.2 durable-task:543.v262f6a_803410 echarts-api:5.4.0-1 email-ext:2.99 extended-read-permission:3.2 external-monitor-job:215.v2e88e894db_f8 favorite:2.4.3 font-awesome-api:6.2.1-1 git:5.0.2 git-client:4.3.0 git-parameter:0.9.19 git-server:99.va_0826a_b_cdfa_d github-api:1.318-461.v7a_c09c9fa_d63 google-login:1.8 gradle:2.9 handlebars:3.0.8 handy-uri-templates-2-api:2.1.8-22.v77d5b_75e6953 htmlpublisher:1.31 instance-identity:185.v303dc7c645f9 ionicons-api:56.v1b_1c8c49374e jackson2-api:2.15.3-363.v82c51b_de9f60 jakarta-activation-api:2.0.1-3 jakarta-mail-api:2.0.1-3 javadoc:243.vb_b_503b_b_45537 javax-activation-api:1.2.0-6 javax-mail-api:1.6.2-9 jaxb:2.3.8-1 jdk-tool:73.vddf737284550 jjwt-api:0.11.5-77.v646c772fddb_0 jnr-posix-api:3.1.18-1 job-dsl:1.82 jquery:1.12.4-1 jquery-detached:1.2.1 jquery3-api:3.6.1-2 jsch:0.2.16-86.v42e010d9484b_ junit:1202.v79a_986785076 label-linked-jobs:6.0.1 ldap:711.vb_d1a_491714dc lockable-resources:1131.vb_7c3d377e723 mailer:457.v3f72cb_e015e5 mapdb-api:1.0.9-28.vf251ce40855d matrix-auth:3.1.9 matrix-project:802.v8013b_40c7edc maven-plugin:3.22 mina-sshd-api-common:2.12.0-90.v9f7fb_9fa_3d3b_ mina-sshd-api-core:2.12.0-90.v9f7fb_9fa_3d3b_ momentjs:1.1.1 node-iterator-api:55.v3b_77d4032326 nvm-wrapper:0.1.7 okhttp-api:4.11.0-145.vcb_8de402ef81 pagerduty:0.7.1 pam-auth:1.10 parameterized-trigger:2.45 pipeline-aws:1.43 pipeline-build-step:491.v1fec530da_858 pipeline-github-lib:42.v0739460cda_c4 pipeline-graph-analysis:202.va_d268e64deb_3 pipeline-groovy-lib:689.veec561a_dee13 pipeline-input-step:477.v339683a_8d55e pipeline-milestone-step:111.v449306f708b_7 pipeline-model-api:2.2133.ve46a_6113dfc3 pipeline-model-definition:2.2133.ve46a_6113dfc3 pipeline-model-extensions:2.2133.ve46a_6113dfc3 pipeline-rest-api:2.34 pipeline-stage-step:305.ve96d0205c1c6 pipeline-stage-tags-metadata:2.2133.ve46a_6113dfc3 pipeline-stage-view:2.34 pipeline-utility-steps:2.16.0 plain-credentials:143.v1b_df8b_d3b_e48 plugin-usage-plugin:4.1 plugin-util-api:2.20.0 popper-api:1.16.1-3 popper2-api:2.11.6-2 publish-over:0.22 pubsub-light:1.18 resource-disposer:0.23 role-strategy:633.v836e5b_3e80a_5 run-condition:1.5 scm-api:676.v886669a_199a_a_ script-security:1269.v639888f5e366 slack:684.v833089650554 snakeyaml-api:2.2-111.vc6598e30cc65 sonar:2.15 sse-gateway:1.26 ssh-credentials:305.v8f4381501156 ssh-slaves:2.877.v365f5eb_a_b_eec sshd:3.322.v159e91f6a_550 structs:325.vcb_307d2a_2782 throttle-concurrents:2.14 timestamper:1.25 token-macro:359.vb_cde11682e0c trilead-api:2.84.v72119de229b_7 variant:60.v7290fc0eb_b_cd versioncolumn:95.v82f3985cd6e1 windows-slaves:1.8.1 workflow-aggregator:596.v8c21c963d92d workflow-api:1283.v99c10937efcb_ workflow-basic-steps:1042.ve7b_140c4a_e0c workflow-cps:3673.v5b_dd74276262 workflow-cps-global-lib:609.vd95673f149b_b workflow-durable-task-step:1289.v4d3e7b_01546b_ workflow-job:1326.ve643e00e9220 workflow-multibranch:746.v05814d19c001 workflow-scm-step:408.v7d5b_135a_b_d49 workflow-step-api:639.v6eca_cd8c04a_a_ workflow-support:839.v35e2736cfd5c ws-cleanup:0.45 ws-ws-replacement:1.0.1 xunit:3.1.3 ```

What Operating System are you using (both controller, and any agents involved in the problem)?

Not relevant. Agents -> Ubuntu Controller -> running in docker

Reproduction steps

• Create a Bitbucket cloud user with access to at least 2 projects.
• Set up an 2 "Organization Folder" jobs in Jenkins, using the created user, for different projects
• Enable caching in "Manage Jenkins" -> Configure System -> Bitbucket Endpoints -> Enable Caching
• Click on the "Scan Organization Folder now" for both created jobs after each other

Expected Results

Both jobs should contain the correct projects.

Actual Results

The job that was scanned second shows the results of the first scan, as those were cached and the project key is not included in the cache key.

Anything else?

We know we are not running the latest version of the plugin currently, but the issue is still present on the current master branch.

Are you interested in contributing a fix?

yes, I already have a working version and will open a PR for further discussion in a few minutes

[nfalco79]

I have the same issue every where I trigger a folder scan it takes all repository regardless the project key configured for the organization folder. The only workaround is disable cache in jenkins configuration