feat: Update patch-issue workflow to use auth token for FastAPI

Upgraded the patch-odoo-ticket action to version v1.3 and added support for an authentication token to secure communication with the FastAPI server. Modified the workflow, main logic, and action definition to handle the auth_token input and ensure proper authorization. Includes error handling for missing or invalid tokens.

action.yml

@@ -10,12 +10,16 @@ inputs:
   base_url:
     description: 'Base URL of the FastAPI server.'
     required: true
+  auth_token:
+    description: 'Bearer token for authenticating to the FastAPI server.'
+    required: true
 
 runs:
   using: 'docker'
   image: 'Dockerfile'
   env:
     BASE_URL: ${{ inputs.base_url }}
+    AUTH_TOKEN: ${{ inputs.auth_token }}
     BRANCH_REF: ${{ gitea.event.issue.ref }}
     ISSUE_STATE: ${{ gitea.event.issue.state }}
     ISSUE_ASSIGNEES: ${{ join(gitea.event.issue.assignees.*.login, ',') }}

main.go

@@ -54,6 +54,11 @@ func main() {
 	issueAssignees := splitCSV(os.Getenv("ISSUE_ASSIGNEES"))
 	issueDueDate := os.Getenv("ISSUE_DUE_DATE")
 	branchRef := os.Getenv("BRANCH_REF")
+	authToken := os.Getenv("AUTH_TOKEN")
+	if strings.TrimSpace(authToken) == "" {
+		logger.Println("AUTH_TOKEN not provided. Please pass 'auth_token' input mapped to a secret.")
+		os.Exit(1)
+	}
 
 	var odooTicketNumber int64
 	if branchRef != "" {
@@ -88,6 +93,7 @@ func main() {
 		os.Exit(1)
 	}
 	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", "Bearer "+authToken)
 
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
@@ -97,6 +103,9 @@ func main() {
 	defer resp.Body.Close()
 	body, _ := io.ReadAll(resp.Body)
 	logger.Printf("Status: %s\nResponse: %s\n", resp.Status, string(body))
+	if resp.StatusCode == http.StatusUnauthorized || resp.StatusCode == http.StatusForbidden {
+		logger.Println("Authentication to FastAPI failed. Check FASTAPI token.")
+	}
 	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
 		os.Exit(1)
 	}