What happened?
When a town has a GitHub App integration configured (platformIntegrationId), the worker's /refresh-git-token endpoint always generates a fresh ghs_ GitHub App installation token (1hr expiry), completely overriding any github_pat_ fine-grained PAT saved in the dashboard's Git Authentication settings.
Reproduction:
- User saves a
github_pat_... 90-day PAT in Gastown Settings → Git Authentication → GitHub Token, clicks Save
- User exits and re-enters Settings — the
github_pat_ is gone, replaced with the ghs_ App installation token
- User clicks "Container Token Refresh" — the container receives a fresh
ghs_ token, NOT the PAT
- The
/refresh-git-token worker endpoint returns {"data":{"token":"ghs_..."}} even after the PAT was saved
Root cause: The GitHub App integration takes precedence over manually-configured tokens. In agent-runner.ts:273, resolveGitCredentials() fetches a fresh token from the Kilo Cloud API using platformIntegrationId, which generates ghs_ installation tokens. The git_auth.github_token PAT from town config is never used because the integration-sourced token always wins.
Impact: The user explicitly created a 90-day PAT to avoid the 1-hour expiry cycle that has stranded work 3+ times this session. But the integration override makes the PAT useless — the town is forced to use 1-hour ghs_ tokens that expire mid-task.
Expected behavior: When a user manually sets git_auth.github_token to a PAT (github_pat_ or ghp_), it should take precedence over the GitHub App integration token. The integration token should only be used as a fallback when no static token is configured.
Alternatively: Allow users to disable the GitHub App integration per-rig so a static PAT can be used instead.
Town: b1d2b62b-b236-48c0-8558-3b32057470be. Worker API: https://gastown.kiloapps.io
Area
Container / Git
Context
- Town ID: b1d2b62b-b236-48c0-8558-3b32057470be
- Agent: Mayor (d0f9f7a6-3442-4cd2-bc2f-e6acf48d536a)
- Rig ID: e29ba178-b878-499f-9b8f-a3d3f8bdcc88
Recent Errors
refresh-git-token endpoint returns ghs_ installation token despite github_pat_ PAT saved in town config. Dashboard reverts PAT to ghs_ on page refresh. resolveGitCredentials() in agent-runner.ts:273 prioritizes platformIntegrationId over git_auth.github_token.
Filed automatically by the Mayor via gt_report_bug.
What happened?
When a town has a GitHub App integration configured (platformIntegrationId), the worker's
/refresh-git-tokenendpoint always generates a freshghs_GitHub App installation token (1hr expiry), completely overriding anygithub_pat_fine-grained PAT saved in the dashboard's Git Authentication settings.Reproduction:
github_pat_...90-day PAT in Gastown Settings → Git Authentication → GitHub Token, clicks Savegithub_pat_is gone, replaced with theghs_App installation tokenghs_token, NOT the PAT/refresh-git-tokenworker endpoint returns{"data":{"token":"ghs_..."}}even after the PAT was savedRoot cause: The GitHub App integration takes precedence over manually-configured tokens. In
agent-runner.ts:273,resolveGitCredentials()fetches a fresh token from the Kilo Cloud API usingplatformIntegrationId, which generatesghs_installation tokens. Thegit_auth.github_tokenPAT from town config is never used because the integration-sourced token always wins.Impact: The user explicitly created a 90-day PAT to avoid the 1-hour expiry cycle that has stranded work 3+ times this session. But the integration override makes the PAT useless — the town is forced to use 1-hour
ghs_tokens that expire mid-task.Expected behavior: When a user manually sets
git_auth.github_tokento a PAT (github_pat_orghp_), it should take precedence over the GitHub App integration token. The integration token should only be used as a fallback when no static token is configured.Alternatively: Allow users to disable the GitHub App integration per-rig so a static PAT can be used instead.
Town: b1d2b62b-b236-48c0-8558-3b32057470be. Worker API: https://gastown.kiloapps.io
Area
Container / Git
Context
Recent Errors
Filed automatically by the Mayor via
gt_report_bug.