We are using a customized version of Drone v0.4. We activate numerous GitHub repositories in Drone via the API, using the same user token (retrieved from Drone profile screen). After some time, maybe a year, the Drone webhooks on many of the repositories begin failing with 404 errors. The Drone builds do not occur and upon checking the Drone logs, we found the following error (sensitive info replaced with brackets <>).
time="<time>" level=error msg="failure to get .drone.yml for <org>/<repo>. GET <github url>/contents/.drone.yml?ref=<ref #>: 401 Bad credentials "
Error #01: GET /contents/.drone.yml?ref=: 401 Bad credentials 
The issue also occurs when attempting to activate new repositories in Drone (via API) using the same Drone user token. The Drone database token expiration column contains ‘0’, seemingly indicating that the token does not expire.
We have found a work around by deactivating the repository from Drone and reactivating using a different Drone user token, but this results in loss of build history. To prevent the issue from occurring during new repo creation, update encryption_token in relevant .yml