Bug Description
The workflow resource validation (_check_internal_toolkit_credentials in credential_validator.py) rejects workflows that reference assistants using GitHub App-based Git integrations. The validator checks for creds.url and creds.token (line 173), but GitHub App integrations authenticate via private_key + app_id + installation_id — they don't have a token field.
Steps to Reproduce
- Create a Git integration with
auth_type: github_app (using app_id, private_key, installation_id) for a project
- Create a workflow in that project that references an assistant using Git toolkit tools (e.g.,
get_pr_changes, create_pr_change_comment)
- Deploy/save the workflow
Expected: Workflow saves successfully since the project has a valid Git integration
Actual: Returns 400 Workflow Configuration error with message:
Tools (referenced in assistant definitions) require missing integrations:
get_pr_changes
create_pr_change_comment
Workaround
Adding a second, PAT-based Git integration (with url + token) to the same project resolves the issue — the validator finds the token-based credential and passes.
Root Cause
In src/codemie/service/assistant/credential_validator.py, line 173:
creds = SettingsService.get_git_creds(
user_id=user.id,
project_name=project_name,
repo_link=None,
tool_config=tool_config,
assistant_id=assistant_id,
)
is_valid = bool(creds and creds.url and creds.token) # ← token is None for GitHub App auth
The validation should also accept GitHub App credentials (where creds.private_key and creds.app_id are set instead of creds.token).
Suggested Fix
is_valid = bool(creds and creds.url and (creds.token or (creds.private_key and creds.app_id)))
Environment
- Introduced by:
EPMCDME-11250 (commit 545b40e — "Report missing assistant integrations on workflow save")
- Affected since: 2026-05-28
Bug Description
The workflow resource validation (
_check_internal_toolkit_credentialsincredential_validator.py) rejects workflows that reference assistants using GitHub App-based Git integrations. The validator checks forcreds.url and creds.token(line 173), but GitHub App integrations authenticate viaprivate_key+app_id+installation_id— they don't have atokenfield.Steps to Reproduce
auth_type: github_app(using app_id, private_key, installation_id) for a projectget_pr_changes,create_pr_change_comment)Expected: Workflow saves successfully since the project has a valid Git integration
Actual: Returns
400 Workflow Configuration errorwith message:Workaround
Adding a second, PAT-based Git integration (with
url+token) to the same project resolves the issue — the validator finds the token-based credential and passes.Root Cause
In
src/codemie/service/assistant/credential_validator.py, line 173:The validation should also accept GitHub App credentials (where
creds.private_keyandcreds.app_idare set instead ofcreds.token).Suggested Fix
Environment
EPMCDME-11250(commit545b40e— "Report missing assistant integrations on workflow save")