feat: Update patch-issue workflow to use auth token for FastAPI

Upgraded the patch-odoo-ticket action to version v1.3 and added support for an authentication token to secure communication with the FastAPI server. Modified the workflow, main logic, and action definition to handle the auth_token input and ensure proper authorization. Includes error handling for missing or invalid tokens.

README.md

@@ -14,20 +14,14 @@ The action builds a JSON array with a single object from the issue event:
 [
   {
     "task_id": 123,
-    "title": "Issue Title",
-    "body": "Issue body/description",
     "state": "open",
-    "author": "jdoe",
     "assignees": ["alice", "bob"],
-    "labels": ["bug", "backend"],
     "date_deadline": "2025-05-06"
   }
 ]
 ```
 
 - `task_id`: from `${{ gitea.event.issue.number }}`
-- `title`: from `${{ gitea.event.issue.title }}`
-- `body`: from `${{ gitea.event.issue.body }}`
 - `state`: from `${{ gitea.event.issue.state }}` ("open" or "closed")
 - `author`: from `${{ gitea.event.issue.user.login }}`
 - `assignees`: from `${{ join(gitea.event.issue.assignees.*.login, ',') }}` (expanded and split)

action.yml

@@ -10,17 +10,17 @@ inputs:
   base_url:
     description: 'Base URL of the FastAPI server.'
     required: true
+  auth_token:
+    description: 'Bearer token for authenticating to the FastAPI server.'
+    required: true
 
 runs:
   using: 'docker'
   image: 'Dockerfile'
   env:
     BASE_URL: ${{ inputs.base_url }}
-    ISSUE_NUMBER: ${{ gitea.event.issue.number }}
+    AUTH_TOKEN: ${{ inputs.auth_token }}
-    ISSUE_TITLE: ${{ gitea.event.issue.title }}
+    BRANCH_REF: ${{ gitea.event.issue.ref }}
-    ISSUE_BODY: ${{ gitea.event.issue.body }}
     ISSUE_STATE: ${{ gitea.event.issue.state }}
-    ISSUE_AUTHOR: ${{ gitea.event.issue.user.login }}
     ISSUE_ASSIGNEES: ${{ join(gitea.event.issue.assignees.*.login, ',') }}
-    ISSUE_LABELS: ${{ join(gitea.event.issue.labels.*.name, ',') }}
     ISSUE_DUE_DATE: ${{ gitea.event.issue.due_date }}

main.go

@@ -13,12 +13,8 @@ import (
 
 type Payload struct {
 	TaskID  int64    `json:"task_id"`
-	Title     string   `json:"title"`
-	Body      string   `json:"body"`
 	State   string   `json:"state"`
-	Author    string   `json:"author"`
+	UserIDs []string `json:"user_ids"`
-	Assignees []string `json:"assignees"`
-	Labels    []string `json:"labels"`
 	DueDate string   `json:"date_deadline,omitempty"`
 }
 
@@ -54,29 +50,33 @@ func main() {
 	logger := log.New(io.MultiWriter(os.Stdout, logFile), "", log.LstdFlags)
 
 	// Build payload from env
-	issueNumber := os.Getenv("ISSUE_NUMBER")
-	issueTitle := os.Getenv("ISSUE_TITLE")
-	issueBody := os.Getenv("ISSUE_BODY")
 	issueState := os.Getenv("ISSUE_STATE")
-	issueAuthor := os.Getenv("ISSUE_AUTHOR")
 	issueAssignees := splitCSV(os.Getenv("ISSUE_ASSIGNEES"))
-	issueLabels := splitCSV(os.Getenv("ISSUE_LABELS"))
 	issueDueDate := os.Getenv("ISSUE_DUE_DATE")
+	branchRef := os.Getenv("BRANCH_REF")
+	authToken := os.Getenv("AUTH_TOKEN")
+	if strings.TrimSpace(authToken) == "" {
+		logger.Println("AUTH_TOKEN not provided. Please pass 'auth_token' input mapped to a secret.")
+		os.Exit(1)
+	}
 
-	var taskID int64
+	var odooTicketNumber int64
-	if issueNumber != "" {
+	if branchRef != "" {
-		// Best-effort parse; if it fails, taskID remains 0
+		// Expect format: <prefix>/ticket-OdooTicketNumber
-		fmt.Sscanf(issueNumber, "%d", &taskID)
+		parts := strings.Split(branchRef, "/")
+		for _, part := range parts {
+			if strings.HasPrefix(part, "ticket-") {
+				ticketStr := strings.TrimPrefix(part, "ticket-")
+				fmt.Sscanf(ticketStr, "%d", &odooTicketNumber)
+				break
+			}
+		}
 	}
 
 	payload := Payload{
-		TaskID:    taskID,
+		TaskID:  odooTicketNumber,
-		Title:     issueTitle,
-		Body:      issueBody,
 		State:   issueState,
-		Author:    issueAuthor,
+		UserIDs: issueAssignees,
-		Assignees: issueAssignees,
-		Labels:    issueLabels,
 		DueDate: issueDueDate,
 	}
 
@@ -87,7 +87,15 @@ func main() {
 	}
 
 	endpoint := strings.TrimRight(baseURL, "/") + "/api/v1/patch_gitea_odoo"
-	resp, err := http.Post(endpoint, "application/json", bytes.NewBuffer(payloadBytes))
+	req, err := http.NewRequest(http.MethodPatch, endpoint, bytes.NewBuffer(payloadBytes))
+	if err != nil {
+		logger.Printf("Error creating HTTP request: %v\n", err)
+		os.Exit(1)
+	}
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", "Bearer "+authToken)
+
+	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
 		logger.Printf("HTTP request failed: %v\n", err)
 		os.Exit(1)
@@ -95,6 +103,9 @@ func main() {
 	defer resp.Body.Close()
 	body, _ := io.ReadAll(resp.Body)
 	logger.Printf("Status: %s\nResponse: %s\n", resp.Status, string(body))
+	if resp.StatusCode == http.StatusUnauthorized || resp.StatusCode == http.StatusForbidden {
+		logger.Println("Authentication to FastAPI failed. Check FASTAPI token.")
+	}
 	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
 		os.Exit(1)
 	}