GitHub
Run AlphaBase from GitHub comments, pull requests, and scheduled workflows.
AlphaBase can run inside GitHub Actions to triage issues, review pull requests, and implement changes in isolated branches.
Quick Setup
Run:
alphabase github installThis bootstraps the GitHub integration flow.
Manual Setup
- Install the AlphaBase GitHub App on your target repository/org.
- Add a workflow file at
.github/workflows/alphabase.yml. - Add required repository secrets (provider API key and optional
GITHUB_TOKENpolicy overrides).
Minimal Comment-Driven Workflow
name: alphabase
on: issue_comment: types: [created] pull_request_review_comment: types: [created]
jobs: alphabase: if: | contains(github.event.comment.body, '/alphabase') || contains(github.event.comment.body, '/oc') runs-on: ubuntu-latest permissions: id-token: write contents: write pull-requests: write issues: write steps: - uses: actions/checkout@v6 with: fetch-depth: 1 persist-credentials: false
- uses: XtremeHarness/alphabase/github@latest env: PROVIDER_API_KEY: ${{ secrets.PROVIDER_API_KEY }} with: model: <provider>/<model-id> agent: buildSupported Trigger Patterns
- issue comments
- pull request review comments
- pull request events
- issue events
- scheduled runs
- manual
workflow_dispatch
For non-comment triggers (schedule, issues, pull_request, workflow_dispatch), provide a prompt in workflow inputs.
Security Checklist
- Use least-privilege workflow permissions.
- Keep API keys only in GitHub Secrets.
- Use protected branches and required reviews.
- Restrict which events can write to the repository.
- Use staging repos first before production rollout.
Recommended Operational Pattern
- Start with read-only review tasks.
- Enable write/PR automation after confidence.
- Add scheduled maintenance tasks later (dependency checks, TODO sweeps, docs drift checks).
See Launch Gates and Troubleshooting.