Most companies will have a GitHub Organization, this is where repositories reside. It is also important to ensure the Bot account has permissions to said organization.
In this scenario, I have created a fictitious GitHub Organization called Jenkins X Corp.
The Bot account is in fact a GitHub account, does not have Multi-factor authentication enabled. It is given the Member Role within the GitHub Organization.