Organization scan: Failed to recompute children of ProjectABC

[mathieu-hw]

Jenkins and plugins versions report

Environment

```text Jenkins: 2.440.3 OS: Linux - 6.5.0-1018-azure Java: 11.0.22 - Ubuntu (OpenJDK 64-Bit Server VM) --- Office-365-Connector:4.21.1 ace-editor:1.1 additional-identities-plugin:43.v663f30564db_c analysis-model-api:12.1.0 ant:497.v94e7d9fffa_b_9 antisamy-markup-formatter:162.v0e6ec0fcfcf6 apache-httpcomponents-client-4-api:4.5.14-208.v438351942757 asm-api:9.7-33.v4d23ef79fcc8 aws-credentials:231.v08a_59f17d742 aws-java-sdk:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-api-gateway:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-autoscaling:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-cloudformation:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-cloudfront:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-codebuild:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-codedeploy:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-ec2:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-ecr:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-ecs:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-efs:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-elasticbeanstalk:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-elasticloadbalancingv2:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-iam:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-kinesis:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-lambda:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-logs:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-minimal:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-organizations:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-secretsmanager:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-sns:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-sqs:1.12.696-451.v0651a_da_9ca_ec aws-java-sdk-ssm:1.12.696-451.v0651a_da_9ca_ec azure-commons:1.1.3 azure-credentials:312.v0f3973cd1e59 azure-sdk:157.v855da_0b_eb_dc2 blueocean-commons:1.27.12 blueocean-rest:1.27.12 bootstrap4-api:4.6.0-6 bootstrap5-api:5.3.3-1 bouncycastle-api:2.30.1.77-225.v26ea_c9455fd9 branch-api:2.1152.v6f101e97dd77 build-blocker-plugin:1.7.9 build-timeout:1.32 caffeine-api:3.1.8-133.v17b_1ff2e0599 calendar-view:0.3.3 checks-api:2.2.0 cloudbees-folder:6.901.vb_4c7a_da_75da_3 command-launcher:107.v773860566e2e commons-httpclient3-api:3.1-3 commons-lang3-api:3.13.0-62.v7d18e55f51e2 commons-text-api:1.11.0-95.v22a_d30ee5d36 conditional-buildstep:1.4.3 config-file-provider:968.ve1ca_eb_913f8c copyartifact:722.v0662a_9b_e22a_c credentials:1337.v60b_d7b_c7b_c9f credentials-binding:657.v2b_19db_7d6e6d custom-folder-icon:2.12 data-tables-api:2.0.3-1 display-url-api:2.200.vb_9327d658781 durable-task:555.v6802fe0f0b_82 echarts-api:5.5.0-1 email-ext:1806.v856a_01a_fa_39a_ extended-choice-parameter:381.v360a_25ea_017c extended-read-permission:53.v6499940139e5 extensible-choice-parameter:1.8.1 external-monitor-job:215.v2e88e894db_f8 file-parameters:316.va_83a_1221db_a_7 font-awesome-api:6.5.1-3 forensics-api:2.4.0 git:5.2.1 git-client:4.6.0 git-server:114.v068a_c7cc2574 github:1.38.0 github-api:1.318-461.v7a_c09c9fa_d63 github-branch-source:1787.v8b_8cd49a_f8f1 gitlab-api:5.3.0-91.v1f9a_fda_d654f gitlab-branch-source:704.vc7f1202d7e14 gitlab-plugin:1.8.0 gradle:2.11 gson-api:2.10.1-15.v0d99f670e0a_7 h2-api:11.1.4.199-12.v9f4244395f7a_ handlebars:3.0.8 handy-uri-templates-2-api:2.1.8-30.v7e777411b_148 htmlpublisher:1.33 http_request:1.18 instance-identity:185.v303dc7c645f9 ionicons-api:70.v2959a_b_74e3cf jackson2-api:2.17.0-379.v02de8ec9f64c jakarta-activation-api:2.1.3-1 jakarta-mail-api:2.1.3-1 javadoc:243.vb_b_503b_b_45537 javax-activation-api:1.2.0-6 javax-mail-api:1.6.2-9 jaxb:2.3.9-1 jdk-tool:73.vddf737284550 jersey2-api:2.42-147.va_28a_44603b_d5 jjwt-api:0.11.5-112.ve82dfb_224b_a_d jnr-posix-api:3.1.19-2 job-dsl:1.87 jobConfigHistory:1229.v3039470161a_d joda-time-api:2.12.7-29.v5a_b_e3a_82269a_ jquery:1.12.4-1 jquery3-api:3.7.1-2 jsch:0.2.16-86.v42e010d9484b_ json-api:20240303-41.v94e11e6de726 json-path-api:2.9.0-58.v62e3e85b_a_655 junit:1265.v65b_14fa_f12f0 ldap:719.vcb_d039b_77d0d lockable-resources:1246.v28b_e4cc6fa_16 mailer:472.vf7c289a_4b_420 matrix-auth:3.2.2 matrix-project:822.824.v14451b_c0fd42 maven-plugin:3.23 mina-sshd-api-common:2.12.1-101.v85b_e08b_780dd mina-sshd-api-core:2.12.0-90.v9f7fb_9fa_3d3b_ momentjs:1.1.1 next-build-number:1.8 okhttp-api:4.11.0-172.vda_da_1feeb_c6e pam-auth:1.10 parameter-separator:166.vd0120849b_386 parameterized-scheduler:262.v00f3d90585cc parameterized-trigger:787.v665fcf2a_830b_ permissive-script-security:0.7 pipeline-aws:1.45 pipeline-build-step:540.vb_e8849e1a_b_d8 pipeline-github-lib:42.v0739460cda_c4 pipeline-graph-analysis:216.vfd8b_ece330ca_ pipeline-groovy-lib:704.vc58b_8890a_384 pipeline-input-step:495.ve9c153f6067b_ pipeline-maven:1396.veb_f07b_2fc1d8 pipeline-maven-api:1396.veb_f07b_2fc1d8 pipeline-milestone-step:119.vdfdc43fc3b_9a_ pipeline-model-api:2.2198.v41dd8ef6dd56 pipeline-model-definition:2.2198.v41dd8ef6dd56 pipeline-model-extensions:2.2198.v41dd8ef6dd56 pipeline-rest-api:2.34 pipeline-stage-step:312.v8cd10304c27a_ pipeline-stage-tags-metadata:2.2198.v41dd8ef6dd56 pipeline-stage-view:2.34 pipeline-utility-steps:2.16.2 plain-credentials:179.vc5cb_98f6db_38 plugin-util-api:4.1.0 popper-api:1.16.1-3 popper2-api:2.11.6-4 prism-api:1.29.0-13 rebuild:332.va_1ee476d8f6d remote-file:1.24 repo:1.16.0 resource-disposer:0.23 rich-text-publisher-plugin:1.5 role-strategy:717.v6a_69a_fe98974 run-condition:1.7 s3:466.vf5b_3db_8e3eb_2 s3explorer:1.0.8 scm-api:689.v237b_6d3a_ef7f script-security:1335.vf07d9ce377a_e snakeyaml-api:2.2-111.vc6598e30cc65 ssh-agent:367.vf9076cd4ee21 ssh-credentials:308.ve4497b_ccd8f4 ssh-slaves:2.948.vb_8050d697fec sshd:3.322.v159e91f6a_550 structs:337.v1b_04ea_4df7c8 timestamper:1.26 token-macro:400.v35420b_922dcb_ trilead-api:2.142.v748523a_76693 uno-choice:2.8.3 variant:60.v7290fc0eb_b_cd versioncolumn:243.vda_c20eea_a_8a_f warnings-ng:11.3.0 windows-azure-storage:419.v4046cd70d2e3 windows-slaves:1.8.1 workflow-aggregator:596.v8c21c963d92d workflow-api:1291.v51fd2a_625da_7 workflow-basic-steps:1049.v257a_e6b_30fb_d workflow-cps:3894.vd0f0248b_a_fc4 workflow-cps-global-lib:612.v55f2f80781ef workflow-durable-task-step:1336.v768003e07199 workflow-job:1400.v7fd111b_ec82f workflow-multibranch:773.vc4fe1378f1d5 workflow-scm-step:427.v4ca_6512e7df1 workflow-step-api:657.v03b_e8115821b_ workflow-support:896.v175a_a_9c5b_78f ws-cleanup:0.45 ```

What Operating System are you using (both controller, and any agents involved in the problem)?

OS: Ubuntu 22.04.3 LTS (GNU/Linux 6.5.0-1018-azure x86_64)

Reproduction steps

Steps

1. Create a credential of type: SSH Username with private key in Jenkins (For the gitlab account)
2. Create a Multibranch Pipeline in Jenkins
3. Configure the repository source like the image below

Credential of type: SSH Username with private key

Config Multibranch Pipeline in Jenkins

Expected Results

The Multibranch pipeline job should be able to scan my gitlab project.

Actual Results

My "multiBranch pipeline job" in Jenkins isn't able to scan my gitlab project. The issue started this week (may 13th).

I verify the gitlab account used in the job. I configured the job with my own gitlab account and I got the same error message.

Log from Jenkins.

Started by timer
[Wed May 15 11:30:10 EDT 2024] Starting organization scan...
[Wed May 15 11:30:10 EDT 2024] Updating actions...
[Wed May 15 11:30:10 EDT 2024] Finished organization scan. Scan took 0.12 sec
FATAL: Failed to recompute children of ProjectABC » Apps
org.gitlab4j.api.GitLabApiException: invalid_token
    at org.gitlab4j.api.AbstractApi.validate(AbstractApi.java:678)
    at org.gitlab4j.api.AbstractApi.get(AbstractApi.java:214)
    at org.gitlab4j.api.GroupApi.getGroup(GroupApi.java:507)
    at io.jenkins.plugins.gitlabbranchsource.helpers.GitLabOwner.fetchOwner(GitLabOwner.java:26)
Caused: java.lang.IllegalStateException: Unable to fetch Group
    at io.jenkins.plugins.gitlabbranchsource.helpers.GitLabOwner.fetchOwner(GitLabOwner.java:36)
    at io.jenkins.plugins.gitlabbranchsource.GitLabSCMNavigator.getGitlabOwner(GitLabSCMNavigator.java:208)
    at io.jenkins.plugins.gitlabbranchsource.GitLabSCMNavigator.getGitlabOwner(GitLabSCMNavigator.java:201)
    at io.jenkins.plugins.gitlabbranchsource.GitLabSCMNavigator.retrieveActions(GitLabSCMNavigator.java:409)
    at jenkins.scm.api.SCMNavigator.fetchActions(SCMNavigator.java:326)
    at jenkins.branch.OrganizationFolder.computeChildren(OrganizationFolder.java:486)
    at com.cloudbees.hudson.plugins.folder.computed.ComputedFolder.updateChildren(ComputedFolder.java:265)
    at com.cloudbees.hudson.plugins.folder.computed.FolderComputation.run(FolderComputation.java:167)
    at jenkins.branch.OrganizationFolder$OrganizationScan.run(OrganizationFolder.java:920)
    at hudson.model.ResourceController.execute(ResourceController.java:101)
    at hudson.model.Executor.run(Executor.java:442)
Finished: FAILURE

Anything else?

Could it be related to the recent gitlab update ?

Are you interested in contributing a fix?

No response

[mzalgaonker]

Might not be related but you should check in GitLab if your token still exists. They added a 1 year max expiration for tokens in GitLab 16 I think it was. A bunch of our GitLab tokens that previously had no expiry expired this week.

[mathieu-hw]

@mzalgaonker The multibranch pipeline job doesn't use a Gitlab token. It uses directly the usename and the ssh private key

[mzalgaonker]

If you go to Manage Jenkins-> System and check your "GitLab Servers", there is a token specified there. I am pretty sure this token is used for scanning pipelines. The credentials you configured are for doing SCM checkout

[mathieu-hw]

@mzalgaonker I configured the GitLab Servers in the System menu and It didn't solve my issue. I still have the same error message.

[Turiok]

Hi @mathieu-hw ,

To scan an organization group, the plugin uses the Gitlab API. It use the HTTP protocol do to it. So your SSH configuration is not used for the scan. Your SSH key is used to checkout the Git repository after the scan succeed. Can you detail or show the token configuration between the Jenkins plugin and Gitlab?

[mathieu-hw]

Hi @Turiok

I created a new access token to make some tests.

Gitlab server config

Jenkins Credential - GitLab API token

From Gitlab

[mathieu-hw]

@mzalgaonker My bad... I was looking at the wrong section in the system menu.. I fixed the token used by the Gitlab servers config.