From d075c60e1e14e4a7cdabedf1c11959126c9e4a2f Mon Sep 17 00:00:00 2001
From: Mandresy RABENJAHARISON <actions@gitea.com>
Date: Thu, 4 Sep 2025 13:45:32 +0300
Subject: [PATCH] feat: Update patch-issue workflow to use auth token for
 FastAPI

Upgraded the patch-odoo-ticket action to version v1.3 and added support for an authentication token to secure communication with the FastAPI server. Modified the workflow, main logic, and action definition to handle the auth_token input and ensure proper authorization. Includes error handling for missing or invalid tokens.
---
 action.yml |  4 ++++
 main.go    | 25 +++++++++++++++++--------
 2 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/action.yml b/action.yml
index 10f6f7f..6d06e14 100644
--- a/action.yml
+++ b/action.yml
@@ -10,12 +10,16 @@ inputs:
   base_url:
     description: 'Base URL of the FastAPI server.'
     required: true
+  auth_token:
+    description: 'Bearer token for authenticating to the FastAPI server.'
+    required: true
 
 runs:
   using: 'docker'
   image: 'Dockerfile'
   env:
     BASE_URL: ${{ inputs.base_url }}
+    AUTH_TOKEN: ${{ inputs.auth_token }}
     BRANCH_REF: ${{ gitea.event.issue.ref }}
     ISSUE_STATE: ${{ gitea.event.issue.state }}
     ISSUE_ASSIGNEES: ${{ join(gitea.event.issue.assignees.*.login, ',') }}
diff --git a/main.go b/main.go
index 2460579..dfbe797 100644
--- a/main.go
+++ b/main.go
@@ -12,10 +12,10 @@ import (
 )
 
 type Payload struct {
-	TaskID    int64    `json:"task_id"`
-	State     string   `json:"state"`
-	UserIDs   []string `json:"user_ids"`
-	DueDate   string   `json:"date_deadline,omitempty"`
+	TaskID  int64    `json:"task_id"`
+	State   string   `json:"state"`
+	UserIDs []string `json:"user_ids"`
+	DueDate string   `json:"date_deadline,omitempty"`
 }
 
 func splitCSV(value string) []string {
@@ -54,6 +54,11 @@ func main() {
 	issueAssignees := splitCSV(os.Getenv("ISSUE_ASSIGNEES"))
 	issueDueDate := os.Getenv("ISSUE_DUE_DATE")
 	branchRef := os.Getenv("BRANCH_REF")
+	authToken := os.Getenv("AUTH_TOKEN")
+	if strings.TrimSpace(authToken) == "" {
+		logger.Println("AUTH_TOKEN not provided. Please pass 'auth_token' input mapped to a secret.")
+		os.Exit(1)
+	}
 
 	var odooTicketNumber int64
 	if branchRef != "" {
@@ -69,10 +74,10 @@ func main() {
 	}
 
 	payload := Payload{
-		TaskID:    odooTicketNumber,
-		State:     issueState,
-		UserIDs:   issueAssignees,
-		DueDate:   issueDueDate,
+		TaskID:  odooTicketNumber,
+		State:   issueState,
+		UserIDs: issueAssignees,
+		DueDate: issueDueDate,
 	}
 
 	payloadBytes, err := json.Marshal([]Payload{payload})
@@ -88,6 +93,7 @@ func main() {
 		os.Exit(1)
 	}
 	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", "Bearer "+authToken)
 
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
@@ -97,6 +103,9 @@ func main() {
 	defer resp.Body.Close()
 	body, _ := io.ReadAll(resp.Body)
 	logger.Printf("Status: %s\nResponse: %s\n", resp.Status, string(body))
+	if resp.StatusCode == http.StatusUnauthorized || resp.StatusCode == http.StatusForbidden {
+		logger.Println("Authentication to FastAPI failed. Check FASTAPI token.")
+	}
 	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
 		os.Exit(1)
 	}