fix(jira): update authentication to use Basic Auth instead of Bearer token

[mwaykole]

Changes:

• Updated utilities/jira.py to use PYTEST_JIRA_USERNAME and PYTEST_JIRA_PASSWORD
  for Basic Auth instead of PYTEST_JIRA_TOKEN for Bearer auth
• Enhanced documentation in get_jira_connection() to clarify environment variables
  and explain that PYTEST_JIRA_PASSWORD contains the API token
• Updated docs/GETTING_STARTED.md with correct environment variable setup
• Added clear notes that PYTEST_JIRA_PASSWORD should contain the API token,
  and warning against using PYTEST_JIRA_TOKEN which causes Bearer auth failures

Fixes 403 Forbidden errors during test collection and 404 errors in test code
when accessing Jira API.

Summary by CodeRabbit

• Documentation

  • Updated Jira integration guide to instruct using a server URL plus username and password environment variables for authentication and clarified example test markers.

• Refactor

  • Switched Jira authentication from token-based to basic username/password authentication to streamline setup and compatibility.

[github-actions]

The following are automatically added/executed:

• PR size label.
• Run pre-commit
• Run tox
• Add PR author as the PR assignee
• Build image based on the PR

Available user actions:

• To mark a PR as WIP, add /wip in a comment. To remove it from the PR comment /wip cancel to the PR.
• To block merging of a PR, add /hold in a comment. To un-block merging of PR comment /hold cancel.
• To mark a PR as approved, add /lgtm in a comment. To remove, add /lgtm cancel.
  lgtm label removed on each new commit push.
• To mark PR as verified comment /verified to the PR, to un-verify comment /verified cancel to the PR.
  verified label removed on each new commit push.
• To Cherry-pick a merged PR /cherry-pick <target_branch_name> to the PR. If <target_branch_name> is valid,
  and the current PR is merged, a cherry-picked PR would be created and linked to the current PR.
• To build and push image to quay, add /build-push-pr-image in a comment. This would create an image with tag
  pr-<pr_number> to quay repository. This image tag, however would be deleted on PR merge or close action.

Supported labels

{'/hold', '/verified', '/lgtm', '/cherry-pick', '/build-push-pr-image', '/wip'}

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 8195f979-6bad-43d3-a2ba-656e25d33c83

📥 Commits

Reviewing files that changed from the base of the PR and between 2060a98 and 7f76c1d.

📒 Files selected for processing (2)

• docs/GETTING_STARTED.md
• utilities/jira.py

---

📝 Walkthrough

Walkthrough

Jira auth changed from token-based to Basic Authentication: code now reads PYTEST_JIRA_URL, PYTEST_JIRA_USERNAME, and PYTEST_JIRA_PASSWORD and builds a basic_auth (username, password) tuple. Verify secrets are stored securely and not logged (CWE-200, CWE-798).

Changes

Cohort / File(s)	Summary
Jira Authentication Refactoring docs/GETTING_STARTED.md, utilities/jira.py	Replaced token-based auth with Basic Authentication. Docs updated to require PYTEST_JIRA_URL, PYTEST_JIRA_USERNAME, and PYTEST_JIRA_PASSWORD (example env now shows username/password). Implementation uses basic_auth=(username, password) sourced from the environment.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 1 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description covers changes made and the problems fixed, but is missing required template sections: Related Issues links, How it has been tested checkboxes, and Additional Requirements checkboxes.	Add missing sections from template: Related Issues (with Fixes and JIRA links), How it has been tested (with Locally/Jenkins checkboxes), and Additional Requirements checkboxes.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and specifically describes the main change: switching from Bearer token authentication to Basic Auth for Jira integration.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can validate your CodeRabbit configuration file in your editor.

If your editor has YAML language server, you can enable auto-completion and validation by adding # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json at the top of your CodeRabbit configuration file.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/GETTING_STARTED.md`:
- Around line 143-147: The docs currently tell users to export the API token
directly (PYTEST_JIRA_PASSWORD), which risks storing secrets in shell history;
update the snippet to stop showing a plaintext export and instead prompt for the
Jira API token interactively (use a silent read into PYTEST_JIRA_PASSWORD,
export that variable afterward) and add a newline/echo after the prompt; keep
the PYTEST_JIRA_URL and PYTEST_JIRA_USERNAME lines unchanged and mention the API
token source URL in a comment.

In `@utilities/jira.py`:
- Around line 33-35: The code calls JIRA(...) with credentials from os.getenv
which may be None; add a fail-fast validation before the JIRA(...) call to
ensure PYTEST_JIRA_USERNAME, PYTEST_JIRA_PASSWORD and PYTEST_JIRA_URL are
present (non-empty), and raise a clear exception (e.g., RuntimeError) with a
descriptive message if any are missing, then pass the validated values into
JIRA(...). Use the exact symbols from the diff (the JIRA(...) call and the env
var names) so the check sits immediately before the return.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: 1a8da959-d4f8-4775-a7d5-a9f9742f3160

📥 Commits

Reviewing files that changed from the base of the PR and between 4e3cb17 and 2060a98.

📒 Files selected for processing (2)

• docs/GETTING_STARTED.md
• utilities/jira.py

[fege]

/lgtm

[mwaykole]

tested and verified the changes

[github-actions]

Status of building tag latest: success.
Status of pushing tag latest to image registry: success.