Feature: use separate token for admin tasks.
To improve security, I would like to limit the access that the bot has.
Right now, it uses algitbot, which has full admin access. Some admin level access is required to be able to read user e-mails, so my proposal is:
- Use a read-only admin token for automaintainer (and other tasks that require it)
- Use a project access token for interacting with the project
The project access token is associated with a bot user. I've already created one, and renamed it to @aports-qa-bot (though we could rename it to something different as well).
Not sure if this will cause issues though (ie, when interacting with forks).