Gitlab Branch Source Plugin won't create secret token.

[jdteasler]

trafficstars

I am using Gitlab 14.0.12 and Jenkins 2.400. GitLab Branch Source Plugin Version660.vd45c0f4c0042 installed. When using any of the logins, it gives me the same error. When I went through and tried seeing what the cookies that are returned when going through sign in like the code does, I do not get anything that looks like the format expected. I am not sure if I am using the wrong version of something somewhere, but it's been driving me crazy that this isn't working. I cannot get my Multibranch plugins to kick off automatically because of this. org.gitlab4j.api.GitLabApiException: authenticity_token not found, aborting!

at org.gitlab4j.api.utils.AccessTokenUtils.login(AccessTokenUtils.java:616)

at org.gitlab4j.api.utils.AccessTokenUtils.createPersonalAccessToken(AccessTokenUtils.java:159)

at io.jenkins.plugins.gitlabserverconfig.servers.helpers.GitLabPersonalAccessTokenCreator.doCreateTokenByCredentials(GitLabPersonalAccessTokenCreator.java:141)

at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:719)

at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)

at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)

at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:78)

at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)

at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)

at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)

at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)

at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)

at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:770)

at org.kohsuke.stapler.Stapler.invoke(Stapler.java:900)

at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)

at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)

at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:770)

at org.kohsuke.stapler.Stapler.invoke(Stapler.java:900)

at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:836)

at org.kohsuke.stapler.Stapler.invoke(Stapler.java:900)

at org.kohsuke.stapler.MetaClass$9.dispatch(MetaClass.java:475)

at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:770)

at org.kohsuke.stapler.Stapler.invoke(Stapler.java:900)

at org.kohsuke.stapler.Stapler.invoke(Stapler.java:698)

at org.kohsuke.stapler.Stapler.service(Stapler.java:248)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:764)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)

at org.jenkinsci.plugins.ssegateway.Endpoint$SSEListenChannelFilter.doFilter(Endpoint.java:248)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at io.jenkins.blueocean.auth.jwt.impl.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:60)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at com.cloudbees.jenkins.support.slowrequest.SlowRequestFilter.doFilter(SlowRequestFilter.java:37)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125)

at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)

at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)

at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126)

at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:110)

at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:101)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:227)

at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:117)

at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)

at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)

at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)

at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)

at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:659)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)

at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)

at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)

at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)

at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895)

at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1722)

at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)

at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)

at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

at java.base/java.lang.Thread.run(Thread.java:835)

[jmini]

You need to explain what needs to be changed in this project, maybe provide a reproducer that is independent of Jenkins.

Or you need to open an issue in the corresponding Jenkins plugin: https://github.com/jenkinsci/gitlab-branch-source-plugin/

Because the stacktrace you provided doesn't give me enough explanation about what is going wrong.

[jdteasler]

Well, I went through the code and figured out what it was doing. I went and looked at the Set-Cookie and mine shows the following: "_gitlab_session=05b30b3b1f12a51be27a1bd9e10e412a; path=/; expires=Fri, 16 Jun 2023 04:34:52 GMT; secure; HttpOnly; SameSite=None" I am just unclear on what could be wrong. It's either in my setup. I am just lost and this is where the error lead me to.

[krachynski]

I've been digging into the plugin and GitLab itself in relation to jenkinsci/gitlab-branch-source-plugin#340 and wonder if there's a roundtrip that's failing here.

GitLab's documentation says that the header is supposed to be X-GitLab-Event: System Hook but GitLab 16.1 sends is X-GitLab-Event: Repository Update Hook

[krachynski]

Unless there is an actual roundtrip with the system hook, this is probably a red herring.