Eigenoid (Automation Bot)
CI/CD bot for the eigenoid org. Comments on issues, closes issues, and manages labels in repository lifecycle workflows.
In short
Credential-only bot (Type A) -- it has no code of its own. It exists so that automated comments on issues appear as eigenoid-automation-bot[bot] instead of github-actions[bot], giving the automation a recognizable identity.
Technical details
| Field | Value |
|---|---|
| Type | A (credential-only -- no code) |
| App ID | 3416093 |
| Bot User ID | 277151495 |
| Slug | eigenoid-automation-bot |
| Installation | Entire org (repository_selection: all) |
| Runtime | None -- only dispenses tokens for workflows |
| Cost | $0 (no infrastructure) |
Permissions (Repository)
| Permission | Level | Reason |
|---|---|---|
| Contents | Read & Write | Read repo files during workflows |
| Issues | Read & Write | Comment on and close lifecycle issues |
| Metadata | Read | Base permission required by GitHub |
| Pull requests | Read & Write | Reserved for future CI/CD workflows |
Usage in workflows
Workflows generate an ephemeral token via actions/create-github-app-token:
- name: Generate automation-bot token
id: bot-token
uses: actions/create-github-app-token@vX.Y.Z # SHA-pinned
with:
client-id: ${{ vars.AUTOMATION_BOT_CLIENT_ID }}
private-key: ${{ secrets.AUTOMATION_BOT_PRIVATE_KEY }}
Credentials stored in platform-settings
| Name | Type | Value |
|---|---|---|
AUTOMATION_BOT_CLIENT_ID | Variable | Iv23lir5g3lQ3S8Jla6x |
AUTOMATION_BOT_PRIVATE_KEY | Secret | Private key PEM for the bot |
Workflows that use it
| Workflow | Purpose |
|---|---|
new-repo.yml | Posts a summary table and closes duplicate issues |
approve-repo.yml | Posts confirmation and closes the issue when the repo is created |
archive-repo.yml | Posts the result and closes the issue when the repo is archived |
delete-archived-repos.yml | Comments on the original issue when the repo is deleted |
notify-lifecycle-approvers.yml | Notifies @eigenoid/platform-lifecycle-approvers |
auto-tag.yml | Creates environment-suffixed git tags for the distribution pipeline |
Difference from Settings Bot
| Settings Bot | Automation Bot | |
|---|---|---|
| Purpose | Governance (push config, checkout, repo operations) | CI/CD automation (comments, labels, notifications) |
| Type | B (with code -- Cloud Run) | A (credential-only) |
| Bypass actor in rulesets | Yes | No |
| Appears as commit author | Yes | No |
| Appears as comment author | No (reserved for governance) | Yes |
Private key rotation
- Go to github.com/organizations/eigenoid/settings/apps/eigenoid-automation-bot and navigate to Private keys.
- Click Generate a private key and download the new
.pemfile. - Update the
AUTOMATION_BOT_PRIVATE_KEYsecret inplatform-settingsunder Settings, then Secrets. - Delete the old key on the app page under Private keys.
- Verify: open a test issue and confirm the bot comments correctly.
Human owner
@shoootyou is responsible for this App. Contact them for permission changes, installations, or incidents.