feat: add support for FASTAPI_TOKEN for authentication

This update introduces support for an optional `FASTAPI_TOKEN` to authorize requests against the FastAPI server. The token can be set as an input or environment variable, and if provided, it adds an `Authorization` header to requests. Documentation and configuration files have been updated accordingly to reflect this enhancement.

README.md

@@ -32,10 +32,12 @@ Each item looks like:
 The action defines the following inputs (see `action.yml`):
 
 - fastapi-base-url (required): Base URL of your FastAPI server (e.g. `https://api.example.com`).
+- fastapi-token (optional but recommended): Bearer token used to authorize requests to your FastAPI server.
 - gitea-base-url (optional): Base URL of your Gitea instance. Note: the current action image defaults to `https://gitea.ethumada.com`.
 
 Environment passed to the container:
 - FASTAPI_BASE_URL: from `inputs.fastapi-base-url`
+- FASTAPI_TOKEN: from `inputs.fastapi-token`
 - GITEA_BASE_URL: hardcoded to `https://gitea.ethumada.com` (used only for presence check)
 - REPO_OWNER, REPO_NAME: from the event repository context
 - GITEA_TOKEN: from `secrets.GITEA_TOKEN`
@@ -51,6 +53,7 @@ To override the API base URL (if your Gitea instance differs), set an environmen
     GITEA_API_BASE_URL: https://gitea.example.com
   with:
     fastapi-base-url: ${{ secrets.FASTAPI_BASE_URL }}
+    fastapi-token: ${{ secrets.FASTAPI_TOKEN }}
 ```
 
 
@@ -60,6 +63,7 @@ To override the API base URL (if your Gitea instance differs), set an environmen
 - A FastAPI middleware exposing the endpoint below and handling authentication to Odoo
 - Repository secret: `GITEA_TOKEN` (personal access token with repo scope) for reading time tracking via the API
 - Repository secret: `FASTAPI_BASE_URL` (the base URL of your FastAPI server)
+- Repository secret or variable: `FASTAPI_TOKEN` (Bearer token to authorize requests to your FastAPI middleware)
 
 
 ## FastAPI contract
@@ -68,6 +72,7 @@ The action will POST to:
 - URL: `${FASTAPI_BASE_URL}/api/v1/account_analytic_gitea_odoo`
 - Method: POST
 - Body: JSON array of items (see example above)
+- Auth: If `FASTAPI_TOKEN` is provided, the request includes `Authorization: Bearer <token>`.
 
 Example array payload:
 ```json
@@ -117,6 +122,7 @@ jobs:
         uses: https://gitea.ethumada.com/gitea/export-issue-tracked-times
         with:
           fastapi-base-url: ${{ secrets.FASTAPI_BASE_URL }}
+          fastapi-token: ${{ secrets.FASTAPI_TOKEN }}
 ```
 
 If you have this repo checked out locally or mirrored in your Gitea instance under a different slug (e.g. `gitea/weekly-odoo-timesheets`), adjust the `uses:` URL accordingly, for example:

action.yml

@@ -10,12 +10,16 @@ inputs:
   fastapi-base-url:
     description: 'Base URL of the FastAPI server.'
     required: true
+  fastapi-token:
+    description: 'Bearer token used to authorize requests to the FastAPI server.'
+    required: false
 
 runs:
   using: 'docker'
   image: 'Dockerfile'
   env:
     FASTAPI_BASE_URL: ${{ inputs.fastapi-base-url }}
+    FASTAPI_TOKEN: ${{ inputs.fastapi-token }}
     GITEA_BASE_URL: https://gitea.ethumada.com
     REPO_OWNER: ${{ gitea.event.repository.owner.login }}
     REPO_NAME: ${{ gitea.event.repository.name }}

main.go

@@ -85,6 +85,7 @@ func main() {
 
 	giteaBaseUrl := os.Getenv("GITEA_BASE_URL")
 	fastApiBaseUrl := os.Getenv("FASTAPI_BASE_URL")
+	fastApiToken := os.Getenv("FASTAPI_TOKEN")
 	token := os.Getenv("GITEA_TOKEN")
 	owner := os.Getenv("REPO_OWNER")
 	repo := os.Getenv("REPO_NAME")
@@ -169,6 +170,11 @@ func main() {
 		os.Exit(1)
 	}
 	req.Header.Set("Content-Type", "application/json")
+	if strings.TrimSpace(fastApiToken) != "" {
+		req.Header.Set("Authorization", "Bearer "+fastApiToken)
+	} else {
+		logger.Println("FASTAPI_TOKEN not provided; sending request without Authorization header")
+	}
 
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {