feat: add Forge app endpoints for Jira event trigger and run status

[woywro]

Summary by CodeRabbit

• New Features
  • Introduced secure Jira Forge integration enabling direct ticket dispatch and processing from within Jira workflows
  • Added Jira Forge panel capability to retrieve, display, and monitor comprehensive run status, execution outcomes, and associated pull request information in real-time
  • Implemented environment-based authentication mechanism to ensure secure communication across all Jira Forge endpoints

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 87a4eeea-8455-45d9-ba8a-8ce876248a49

📥 Commits

Reviewing files that changed from the base of the PR and between 350a754 and 40ca7dd.

📒 Files selected for processing (3)

• env.ts
• src/routes/jira/dispatch.post.ts
• src/routes/runs/[key].get.ts

---

📝 Walkthrough

Walkthrough

This PR introduces Jira Forge app integration by adding a shared secret environment variable and two authenticated HTTP endpoints: a POST route to dispatch tickets for processing and a GET route to retrieve run state by issue key. Both routes use constant-time secret verification for authorization.

Changes

Jira Forge Authentication and Endpoints

Layer / File(s)	Summary
Environment Configuration env.ts	FORGE_SHARED_SECRET optional environment variable added to schema for Forge app request authentication.
POST Dispatch Route src/routes/jira/dispatch.post.ts	New endpoint accepts issueKey, validates shared secret header, invokes dispatchTicket, and returns status with reason and runId; includes local verifyForgeSecret helper for 401 error handling.
GET Run State Route src/routes/runs/[key].get.ts	New endpoint retrieves run state by issue key, validates shared secret header, returns failed/idle/active payloads with optional sandboxId and PR URL; includes verifyForgeSecret and setResponseStatus helpers.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A Forge app takes root in the soil,
Two endpoints bloom with secret guard,
Dispatch and state, no more toil—
Constant-time checks stand ever hard.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}