octokit.js: `HttpError` or `HttpError: Bad Credentials`

Checklist

• I checked all open bugs and none of them matched my problem.

Environment

• https://api.github.com
• GitHub Enterprise Server:
• GitHub Enterprise Cloud
• Node.js
• Browsers:
• Others:

Versions

├─┬ @octokit/app@4.2.1
│ ├─┬ @octokit/request@5.3.1
│ │ ├─┬ @octokit/endpoint@5.5.1
│ │ ├─┬ @octokit/types@2.0.2
├─┬ @octokit/plugin-retry@2.2.0
├─┬ @octokit/plugin-throttling@2.7.1
├─┬ @octokit/rest@16.43.1
│ ├─┬ @octokit/auth-token@2.4.0
│ ├─┬ @octokit/plugin-paginate-rest@1.1.2
│ ├── @octokit/plugin-request-log@1.0.0
│ ├─┬ @octokit/plugin-rest-endpoint-methods@2.4.0
│ ├─┬ @octokit/request-error@1.0.4
│ ├── octokit-pagination-methods@1.1.0
├─┬ @octokit/webhooks@7.6.5

I’m still on rest@16 because the change in type definitions has been an insurmountable hurdle.

What happened?

I’m running a GitHub app that, as recommnded by the marketplace docs, syncs with GitHub every day. About two weeks ago, I started getting HttpError: Bad Credentials pretty regularly. Mostly, it happened during syncs but it also occasionally happened during regular API calls. Retries worked around the issue.

A few days ago, that sync job started failing far more agresssively - I now just get HttpError, retries don’t fix it, and I’m pretty sure none of the syncs succeed.

I recently added bottleneck to see if I was hitting some kind of credential limit, but I’m fairly confident I’m not creating more credentials than I need to.

Minimal test case to reproduce the problem

I’m not really sure how to reproduce it yet. This stack trace isn’t particularly helpful:

What did you expect to happen?

I expected I wouldn’t get an HttpError

What the problem might be

The only thing I can think of is that I’m authorizing a few hundred installations in a short period and then making a few calls using each set of credentials, but I feel like I have a far lower magnitude than many other apps, so that seems unlikely.