Add API GTFS schedule sources compatibility

[emmambd]

What problem are we trying to solve?

Right now, GTFS schedule sources that are served by an API cannot be included in the database. We want to be able to add them.

How do we know when this is done?

• The README is updated to include the same authentication fields for GTFS Schedule that currently exist for GTFS Realtime
• Update GitHub workflow so keys can be stored and used for sources with an authentication type greater than 0

Tasks

• Make authentication type optional for GTFS Realtime sources #185
• Update process to download GTFS Schedule before loading them #189
• Update GTFS schedule schema to include authentication fields
• Update operations to include authentication info
• Update latest dataset URL workflow

[e-lo]

Right now, only sources that return a ZIP file on download can be logged in the catalogs, since we are running checks to verify if the URL opens a valid file.

Can't you store the API keys as repo secrets?

[e-lo]

It seems like a format like {API_KEY_<MBD_ID>} could be little easier for storing keys as repo-secrets – but also could do {API_KEY} and then do the joining to MBD_ID on the backside.

[maximearmstrong]

Can't you store the API keys as repo secrets?

Yes we can. We should store them so that the daily cron job downloads the latest dataset, unless we should not make publicly available datasets requiring an API key to be downloaded. This is most likely something described by the license, so it would be on a case by case basis.