Cannot access Admin/credentials Project Access Token tab, returns 500
Summary
When we try to access /admin/credentials the GitLab instance is returning 500 error.
This appears to be a new bug introduced by the change !79645 (merged) due to it assuming that all project token bot users are associated to projects. After the Group Access Token feature was launched the same user type was shared for Group tokens which will not be associated to any projects, thereby the nil and the error when the code queries user.projects.first.
Steps to reproduce
- Use GitLab 14.8.0 or higher (GitLab.com is affected too)
- Visit any Group and create a Group Access Token
- Visit Admin > Credentials and it will outright fail
Example Project
What is the current bug behavior?
- Accessing the path
/admin/credentialsresults in 500 error
What is the expected correct behavior?
- Accessing the path
/admin/credentialsshould not result in 500 error
Relevant logs and/or screenshots
{
"method": "GET",
"path": "/admin/credentials",
"format": "html",
"controller": "Admin::CredentialsController",
"action": "index",
"status": 500,
"time": "2022-03-04T09:45:38.611Z",
"params": [],
"correlation_id": "01FXA543EAC2B4AQPNYGTVVS7F",
"meta.user": "root",
"meta.client_id": "user/1",
"meta.caller_id": "Admin::CredentialsController#index",
"meta.remote_ip": "223.178.243.151",
"meta.feature_category": "compliance_management",
"remote_ip": "223.178.243.151",
"user_id": 1,
"username": "root",
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.109 Safari/537.36",
"queue_duration_s": 0.285904,
"request_urgency": "default",
"target_duration_s": 1,
"redis_calls": 8,
"redis_duration_s": 0.002519,
"redis_read_bytes": 1382,
"redis_write_bytes": 1523,
"redis_cache_calls": 6,
"redis_cache_duration_s": 0.001265,
"redis_cache_read_bytes": 1137,
"redis_cache_write_bytes": 316,
"redis_shared_state_calls": 1,
"redis_shared_state_duration_s": 0.000436,
"redis_shared_state_write_bytes": 53,
"redis_sessions_calls": 1,
"redis_sessions_duration_s": 0.000818,
"redis_sessions_read_bytes": 245,
"redis_sessions_write_bytes": 1154,
"db_count": 9,
"db_write_count": 0,
"db_cached_count": 0,
"db_replica_count": 0,
"db_primary_count": 9,
"db_replica_cached_count": 0,
"db_primary_cached_count": 0,
"db_replica_wal_count": 0,
"db_primary_wal_count": 0,
"db_replica_wal_cached_count": 0,
"db_primary_wal_cached_count": 0,
"db_replica_duration_s": 0,
"db_primary_duration_s": 0.016,
"cpu_s": 0.477117,
"mem_objects": 198698,
"mem_bytes": 30443755,
"mem_mallocs": 118379,
"mem_total_bytes": 38391675,
"pid": 1002149,
"exception.class": "ActionView::Template::Error",
"exception.message": "undefined method `id' for nil:NilClass",
"exception.backtrace": [
"ee/app/views/shared/credentials_inventory/personal_access_tokens/_personal_access_token.html.haml:33",
"ee/app/views/shared/credentials_inventory/_personal_access_tokens.html.haml:9",
"ee/app/views/shared/credentials_inventory/index.html.haml:21",
"app/controllers/application_controller.rb:133:in `render'",
"ee/app/controllers/concerns/credentials_inventory_actions.rb:12:in `block (2 levels) in index'",
"ee/app/controllers/concerns/credentials_inventory_actions.rb:10:in `index'",
"ee/lib/gitlab/ip_address_state.rb:10:in `with'",
"ee/app/controllers/ee/application_controller.rb:45:in `set_current_ip_address'",
"app/controllers/application_controller.rb:490:in `set_current_admin'",
"lib/gitlab/session.rb:11:in `with_session'",
"app/controllers/application_controller.rb:481:in `set_session_storage'",
"lib/gitlab/i18n.rb:105:in `with_locale'",
"lib/gitlab/i18n.rb:111:in `with_user_locale'",
"app/controllers/application_controller.rb:475:in `set_locale'",
"app/controllers/application_controller.rb:469:in `set_current_context'",
"lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call'",
"lib/gitlab/middleware/rails_queue_duration.rb:33:in `call'",
"lib/gitlab/middleware/memory_report.rb:13:in `call'",
"lib/gitlab/middleware/speedscope.rb:13:in `call'",
"lib/gitlab/request_profiler/middleware.rb:17:in `call'",
"lib/gitlab/database/load_balancing/rack_middleware.rb:23:in `call'",
"lib/gitlab/metrics/rack_middleware.rb:16:in `block in call'",
"lib/gitlab/metrics/web_transaction.rb:46:in `run'",
"lib/gitlab/metrics/rack_middleware.rb:16:in `call'",
"lib/gitlab/jira/middleware.rb:19:in `call'",
"lib/gitlab/middleware/go.rb:20:in `call'",
"lib/gitlab/etag_caching/middleware.rb:21:in `call'",
"lib/gitlab/middleware/multipart.rb:173:in `call'",
"lib/gitlab/middleware/read_only/controller.rb:50:in `call'",
"lib/gitlab/middleware/read_only.rb:18:in `call'",
"lib/gitlab/middleware/same_site_cookies.rb:27:in `call'",
"lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'",
"lib/gitlab/middleware/basic_health_check.rb:25:in `call'",
"lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'",
"lib/gitlab/middleware/request_context.rb:21:in `call'",
"lib/gitlab/middleware/webhook_recursion_detection.rb:15:in `call'",
"config/initializers/fix_local_cache_middleware.rb:11:in `call'",
"lib/gitlab/middleware/compressed_json.rb:26:in `call'",
"lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'",
"lib/gitlab/middleware/sidekiq_web_static.rb:20:in `call'",
"lib/gitlab/metrics/requests_rack_middleware.rb:77:in `call'",
"lib/gitlab/middleware/release_env.rb:13:in `call'"
],
"db_duration_s": 0.10565,
"view_duration_s": 0,
"duration_s": 0.31953
}Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) System information System: Ubuntu 20.04 Proxy: no Current User: git Using RVM: no Ruby Version: 2.7.5p203 Gem Version: 3.1.4 Bundler Version:2.1.4 Rake Version: 13.0.6 Redis Version: 6.2.6 Sidekiq Version:6.4.0 Go Version: unknown GitLab information Version: 14.8.2-ee Revision: 20a7fdf52c9 Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: PostgreSQL DB Version: 12.7 URL: http://basic-instance.sazhar-gcp-test.gcp.gitlabsandbox.net HTTP Clone URL: http://basic-instance.sazhar-gcp-test.gcp.gitlabsandbox.net/some-group/some-project.git SSH Clone URL: git@basic-instance.sazhar-gcp-test.gcp.gitlabsandbox.net:some-group/some-project.git Elasticsearch: no Geo: no Using LDAP: no Using Omniauth: yes Omniauth Providers: GitLab Shell Version: 13.23.2 Repository storage paths: - default: /var/opt/gitlab/git-data/repositories GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)(we will only investigate if the tests are passing)
Possible fixes
Exclude Group Access Tokens from trying to display
Edited by Cynthia "Arty" Ng