refactor(cloud-agent-next): migrate to git-token-service RPC#2747
Merged
refactor(cloud-agent-next): migrate to git-token-service RPC#2747
Conversation
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
Contributor
Code Review SummaryStatus: No Issues Found | Recommendation: Merge Files Reviewed (0 files)No files changed since the previous review. Reviewed by gpt-5.5-2026-04-23 · 823,602 tokens |
alex-alecu
reviewed
Apr 28, 2026
alex-alecu
approved these changes
Apr 29, 2026
eshurakov
force-pushed
the
eshurakov/lush-heart
branch
from
bc097f2 to
98e042b
Compare
Replace the in-worker GitHubTokenService and InstallationLookupService with calls to the shared git-token-service Worker via a GIT_TOKEN_SERVICE service binding, and drop the now-redundant token fetching in the web app routers. - Wire GIT_TOKEN_SERVICE binding in wrangler.jsonc; drop GITHUB_APP_ID, GITHUB_LITE_APP_ID, and GITHUB_TOKEN_CACHE KV bindings. Restore the HYPERDRIVE binding for an upcoming feature. - Resolve GitHub tokens for repo + managed GitLab tokens through a new shared helper (src/services/git-token-service-client.ts) used from both session-prepare and async-preparation paths. - Persist gitlabTokenManaged in session metadata so the DO can refresh GitLab tokens on startExecutionV2 via refreshManagedGitLabToken. Successful refreshes are persisted via updateGitToken so later transient failures fall back to the last-known working token instead of the stale prepare-time token. Treat gitlabTokenManaged === undefined as managed for backwards compatibility with pre-existing sessions. - Fail closed on GitLab access revocation: no_integration_found and invalid_org_id reasons throw BAD_REQUEST at session prepare and startExecutionV2 instead of falling back to the stored token, so the session cannot keep using a managed token after the integration or org access was removed. Transient failures retain the last-known token fallback. - Parameterize DurableObject<WorkerEnv> on the base class, removing 28 'as unknown as WorkerEnv' casts in CloudAgentSession and aligning with the rest of the repo's DO pattern. - Extract cloudflare-git-token-service into a standalone 'git-token-service' dev group shared by cloud-agent, app-builder, and gastown. Switch its dev script to 'wrangler dev --env dev' so the locally-running worker is named 'git-token-service-dev', matching what cloud-agent-next and the security workers reference in their dev service bindings. - Web routers (personal + org) no longer fetch GitHub/GitLab tokens for prepareSession/sendMessage — cloud-agent-next handles token resolution and refresh centrally.
eshurakov
force-pushed
the
eshurakov/lush-heart
branch
from
98e042b to
9b8b5c8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replaces the in-worker
GitHubTokenServiceandInstallationLookupServiceincloud-agent-nextwith calls to the sharedgit-token-serviceWorker via a newGIT_TOKEN_SERVICEservice binding, and removes the now-redundant token pre-fetching in the web app tRPC routers.Architectural changes
cloud-agent-nextno longer talks to Postgres (Hyperdrive) or KV to resolve GitHub App installations / cache tokens. A singleGIT_TOKEN_SERVICE.getTokenForRepo/getToken/getGitLabTokenRPC replaces both services.services/cloud-agent-next/src/services/git-token-service-client.ts, used from both the synchronoussession-preparepath and theautoInitiateasync preparation path.gitlabTokenManagedflag is persisted inCloudAgentSessionmetadata. When set,startExecutionV2refreshes the GitLab token on every execution via a newrefreshManagedGitLabTokenhelper on the DO.cloud-agent-next-router.ts+organization-cloud-agent-next-router.ts) stop fetching GitHub/GitLab tokens forprepareSessionandsendMessage.cloud-agent-nexthandles token resolution and refresh centrally. TheNo GitLab integration found. Please connect your GitLab account first.BAD_REQUESTpreviously surfaced by the web app is now raised insidecloud-agent-nextat prepare time, preserving the UX.wrangler.jsonc: wires theGIT_TOKEN_SERVICEbinding (prod + dev) and dropsGITHUB_APP_ID,GITHUB_LITE_APP_ID, theGITHUB_TOKEN_CACHEKV namespace and theHYPERDRIVEbinding.Net change: −549/+286. The old KV namespace (
GITHUB_TOKEN_CACHE) and Hyperdrive config (HYPERDRIVE) in Cloudflare are now unbound; they can be decommissioned after rollout.Verification
Visual Changes
N/A