From 71683255c87c32e08b0ee10ddc536b116dd3cc5b Mon Sep 17 00:00:00 2001 From: Lucas Lopes Date: Mon, 16 Oct 2023 17:07:22 -0300 Subject: [PATCH 01/19] Adding pull_request_target trigger to pull request workflow --- .github/workflows/pull-request.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 3571f9b309..94a09f9db9 100755 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -1,7 +1,7 @@ name: CI-pullrequest on: - pull_request: + pull_request_target: branches: - dev-v* - release-v* @@ -11,7 +11,13 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - name: Checkout base branch + uses: actions/checkout@v3 + + - name: Checkout PR + run: gh pr checkout ${{ github.event.pull_request.number }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout into branch run: git checkout -b staging-pr-workflow From 088740f74fdff4f5460f4113f107f1cb99925411 Mon Sep 17 00:00:00 2001 From: Lucas Machado Date: Mon, 16 Oct 2023 21:53:53 -0300 Subject: [PATCH 02/19] Checking out the PR changes in the other jobs of the pull request workflow --- .github/workflows/pull-request.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 94a09f9db9..aae9072db7 100755 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -34,12 +34,36 @@ jobs: - name: Run Hull tests run: cd tests && go test -v ./... + check-images: + name: Check Container Images + runs-on: ubuntu-latest + steps: + - name: Checkout base branch + uses: actions/checkout@v3 + + - name: Checkout PR + run: gh pr checkout ${{ github.event.pull_request.number }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Check container images run: make check-images env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + check-rc: + name: Check RC Images and Charts + runs-on: ubuntu-latest + steps: + - name: Checkout base branch + uses: actions/checkout@v3 + + - name: Checkout PR + run: gh pr checkout ${{ github.event.pull_request.number }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Check RC images and charts run: make check-rc if: startsWith(github.ref, 'refs/heads/upstream/release-v') \ No newline at end of file From b8a6a112e1278c012bad0749c96328e671b868ad Mon Sep 17 00:00:00 2001 From: Lucas Lopes Date: Tue, 17 Oct 2023 12:46:51 -0300 Subject: [PATCH 03/19] Bumping scripts version to v0.5.2 --- scripts/version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/version b/scripts/version index 4e1fe05332..215036aab5 100755 --- a/scripts/version +++ b/scripts/version @@ -2,4 +2,4 @@ set -e CHARTS_BUILD_SCRIPTS_REPO=https://github.com/rancher/charts-build-scripts.git -CHARTS_BUILD_SCRIPT_VERSION="${CHARTS_BUILD_SCRIPT_VERSION:-v0.5.0}" +CHARTS_BUILD_SCRIPT_VERSION="${CHARTS_BUILD_SCRIPT_VERSION:-v0.5.2}" From 6b1615447ca781ab259c856229b3946348db8574 Mon Sep 17 00:00:00 2001 From: Lucas Machado Date: Tue, 10 Oct 2023 09:13:02 -0300 Subject: [PATCH 04/19] Standardizing pull request workflow --- .github/workflows/pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index aae9072db7..a2ee39cf9c 100755 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -8,8 +8,8 @@ on: jobs: build: + name: Build runs-on: ubuntu-latest - steps: - name: Checkout base branch uses: actions/checkout@v3 From e3b42eedc5b098e9e466495a0d2842dfd427a788 Mon Sep 17 00:00:00 2001 From: Lucas Machado Date: Tue, 10 Oct 2023 09:11:06 -0300 Subject: [PATCH 05/19] Moving regsync-split to root folder and changing split file prefix --- regsync-split.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/regsync-split.rb b/regsync-split.rb index 197ed2f1f0..a0c0e6f05c 100644 --- a/regsync-split.rb +++ b/regsync-split.rb @@ -1,24 +1,24 @@ #! /usr/bin/env ruby -​ + require "json" require "pathname" require "yaml" -​ + pwd = Pathname(Dir.pwd) -​ + regsync = YAML.load((pwd + "regsync.yaml").read) -​ + regsync["sync"].sum do |sync| sync["tags"]["allow"].count end.then do |sum| puts "total tags to consider: #{sum}" end -​ + regsync["sync"].each do |sync| regsync.merge("sync" => [sync]).then do |regsync| - (pwd + "regsync" + sync["source"]).then do |dir| + (pwd + "split-regsync" + sync["source"]).then do |dir| dir.mkpath - (dir + "regsync.yaml").write(YAML.dump(regsync)) + (dir + "split-regsync.yaml").write(YAML.dump(regsync)) end end end \ No newline at end of file From 3f5b08f64eb9f123aced4e466859c2aec89d6820 Mon Sep 17 00:00:00 2001 From: Lucas Machado Date: Tue, 10 Oct 2023 09:12:27 -0300 Subject: [PATCH 06/19] Modifying regsync workflow trigger to protect stored credentials --- .github/workflows/regsync-config.yaml | 57 ++++++++++++++++++++++----- 1 file changed, 48 insertions(+), 9 deletions(-) diff --git a/.github/workflows/regsync-config.yaml b/.github/workflows/regsync-config.yaml index 7bc0dc4a5d..19741436e1 100644 --- a/.github/workflows/regsync-config.yaml +++ b/.github/workflows/regsync-config.yaml @@ -5,36 +5,75 @@ name: Generate-Regsync-Config on: - pull_request_review: - types: [submitted, edited] + pull_request_target: + types: + - labeled jobs: + onLabelAndApproval: + if: github.event.label.name == 'regsync-ready' && startsWith(github.event.pull_request.base.ref, 'release-v') + runs-on: ubuntu-latest + outputs: + is_approved: ${{ steps.check-approval.outputs.approved }} + steps: + - name: Check if PR is approved + id: check-approval + run: | + IS_APPROVED=$(gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews --jq '[.[] | select(.state == "APPROVED")] | length') + if [[ "$IS_APPROVED" -gt 0 ]]; then + echo "::set-output name=approved::true" + else + echo "::set-output name=approved::false" + fi + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + build: - if: github.event.review.state == 'approved' && github.event.pull_request.base.ref == 'release-v2.7' + needs: onLabelAndApproval + if: needs.onLabelAndApproval.outputs.is_approved == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3 + with: + token: ${{ secrets.PUSH_TOKEN }} + + - name: Set-up Ruby 3.2 + uses: ruby/setup-ruby@v1 + with: + ruby-version: '3.2' # Not needed with a .ruby-version file # Need to remove export version once rancher/charts gets the latest version - # of charts-build-script binary. + # of charts-build-script binary. + # Test removal of regsync.yaml, commit and push before regenerating it - name: Generate RegSync run: | + echo ${{ secrets.PUSH_TOKEN }} | gh auth login --with-token + gh pr checkout ${{ github.event.pull_request.number }} + git config --global user.email "${{ secrets.USER_GITHUB }}" + git config --global user.name "rancherbot" export CHARTS_BUILD_SCRIPT_VERSION=v0.4.2 make pull-scripts make regsync - + + - name: Commit files + run: | + git add regsync.yaml + git commit -m "Updating resync.yaml" + git branch + git push + - name: Install Regsync run: | curl --silent --fail --location --output regsync https://github.com/regclient/regclient/releases/download/v0.5.1/regsync-linux-amd64 chmod +x regsync - name: Sync Images to Registry - # time ./regsync once --config regsync.yaml run: | head regsync.yaml ruby ./regsync-split.rb - time find regsync -type f -name regsync.yaml -print -exec time regsync once --config '{}' ';' + time find regsync -type f -name split-regsync.yaml -print -exec time regsync once --config '{}' ';' env: REGISTRY_ENDPOINT: ${{ secrets.REGISTRY_ENDPOINT }} REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} - REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} \ No newline at end of file From e5eb9562974a27f58ad48c1def761c63a6e92079 Mon Sep 17 00:00:00 2001 From: Lucas Lopes Date: Thu, 21 Sep 2023 15:16:34 -0300 Subject: [PATCH 07/19] Fixing target branch conditional to Check RC step --- .github/workflows/pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index a2ee39cf9c..2e2607bea2 100755 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -66,4 +66,4 @@ jobs: - name: Check RC images and charts run: make check-rc - if: startsWith(github.ref, 'refs/heads/upstream/release-v') \ No newline at end of file + if: startsWith(github.ref, 'refs/heads/release-v') \ No newline at end of file From fd5c004d85b8c73ff1879049f8fed1a75d76a0bb Mon Sep 17 00:00:00 2001 From: Lucas Lopes Date: Wed, 27 Sep 2023 17:07:14 -0300 Subject: [PATCH 08/19] Removing tasks check workflow and updating the require checklist workflow to use thumbs up reaction --- .github/workflows/require-checklist.yaml | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/require-checklist.yaml diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/require-checklist.yaml new file mode 100644 index 0000000000..f929a15b74 --- /dev/null +++ b/.github/workflows/require-checklist.yaml @@ -0,0 +1,33 @@ +name: Require Checklist + +on: + pull_request_target: + branches: + - dev-v* + - release-v* + +jobs: + review-checklist: + name: Make validation comment on PR + runs-on: ubuntu-latest + permissions: write-all + steps: + - name: Make validation comment + uses: actions/github-script@v4 + with: + github-token: ${{secrets.GITHUB_TOKEN}} + script: | + github.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: `## Validation steps [CI won't pass without adding a 👍 (thumbs up) reaction to this comment] + Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers. + Add a 👍 (thumbs up) reaction to this comment once done.`, + 
+              Ex:- 
+                longhorn-controller:
+                   repository: rancher/hardened-sriov-cni
+                   tag: v2.6.3-build20230913
+
`, + }) From 02f28fd8d8b03b3b34420be7e99416c97b10205b Mon Sep 17 00:00:00 2001 From: Lucas Lopes Date: Thu, 28 Sep 2023 16:41:46 -0300 Subject: [PATCH 09/19] Fixing the comment --- .github/workflows/require-checklist.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/require-checklist.yaml index f929a15b74..c3d78e2d74 100644 --- a/.github/workflows/require-checklist.yaml +++ b/.github/workflows/require-checklist.yaml @@ -23,11 +23,11 @@ jobs: repo: context.repo.repo, body: `## Validation steps [CI won't pass without adding a 👍 (thumbs up) reaction to this comment] Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers. - Add a 👍 (thumbs up) reaction to this comment once done.`, - 
-              Ex:- 
-                longhorn-controller:
-                   repository: rancher/hardened-sriov-cni
-                   tag: v2.6.3-build20230913
-
`, + Add a 👍 (thumbs up) reaction to this comment once done. + 
+                Ex:- 
+                  longhorn-controller:
+                    repository: rancher/hardened-sriov-cni
+                    tag: v2.6.3-build20230913
+
`, }) From 6a83e5b366d236667f01be1a9380ad8684f22709 Mon Sep 17 00:00:00 2001 From: Lucas Lopes Date: Thu, 28 Sep 2023 16:51:41 -0300 Subject: [PATCH 10/19] Fixing comment format --- .github/workflows/require-checklist.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/require-checklist.yaml index c3d78e2d74..2b064112cb 100644 --- a/.github/workflows/require-checklist.yaml +++ b/.github/workflows/require-checklist.yaml @@ -24,6 +24,7 @@ jobs: body: `## Validation steps [CI won't pass without adding a 👍 (thumbs up) reaction to this comment] Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers. Add a 👍 (thumbs up) reaction to this comment once done. + 
                 Ex:- 
                   longhorn-controller:

From 7fca495ebc9fc12ac13abf50b385f97c62bdab36 Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Thu, 28 Sep 2023 17:01:36 -0300
Subject: [PATCH 11/19] Adding item in bot comment

---
 .github/workflows/require-checklist.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/require-checklist.yaml
index 2b064112cb..bafac9d48a 100644
--- a/.github/workflows/require-checklist.yaml
+++ b/.github/workflows/require-checklist.yaml
@@ -22,7 +22,7 @@ jobs:
               owner: context.repo.owner,
               repo: context.repo.repo,
               body: `## Validation steps [CI won't pass without adding a 👍 (thumbs up) reaction to this comment]
-                Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
+                - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
                 Add a 👍 (thumbs up) reaction to this comment once done.
                 
                 

From d0453fb66d32116072119898990a736a6fa47dec Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Thu, 28 Sep 2023 17:16:40 -0300
Subject: [PATCH 12/19] Fixing identation in the bot's comment

---
 .github/workflows/require-checklist.yaml | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/require-checklist.yaml
index bafac9d48a..cfc32b1e17 100644
--- a/.github/workflows/require-checklist.yaml
+++ b/.github/workflows/require-checklist.yaml
@@ -22,13 +22,13 @@ jobs:
               owner: context.repo.owner,
               repo: context.repo.repo,
               body: `## Validation steps [CI won't pass without adding a 👍 (thumbs up) reaction to this comment]
-                - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
-                Add a 👍 (thumbs up) reaction to this comment once done.
-                
-                
-                Ex:- 
-                  longhorn-controller:
-                    repository: rancher/hardened-sriov-cni
-                    tag: v2.6.3-build20230913
-                
`,
+              - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
+              Add a 👍 (thumbs up) reaction to this comment once done.
+              
+              
+              Ex:- 
+                longhorn-controller:
+                  repository: rancher/hardened-sriov-cni
+                  tag: v2.6.3-build20230913
+              
`,
             })

From 223ea8db32aefdad0b9602487d8f99bd3275ca7a Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Thu, 28 Sep 2023 17:38:31 -0300
Subject: [PATCH 13/19] Adding workflow to check for positive reactions to the
 github-actions [bot] comment

---
 .github/workflows/validation-check.yaml | 50 +++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 .github/workflows/validation-check.yaml

diff --git a/.github/workflows/validation-check.yaml b/.github/workflows/validation-check.yaml
new file mode 100644
index 0000000000..c2e009806f
--- /dev/null
+++ b/.github/workflows/validation-check.yaml
@@ -0,0 +1,50 @@
+name: Validation Check
+
+on:
+  pull_request_review:
+    types: [submitted]
+
+jobs:
+  check-reaction:
+    name: Check for positive reaction on bot's latest validation comment from PR author
+    if: startsWith(github.event.pull_request.base.ref, 'dev-v') || startsWith(github.event.pull_request.base.ref, 'release-v')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check for positive reaction on bot's latest validation comment
+        uses: actions/github-script@v4
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          script: |
+            // Get comments on the PR
+            const comments = await github.issues.listComments({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo
+            });
+
+            // Sort comments based on their creation datetime in descending order
+            const sortedComments = comments.data.sort((a, b) => new Date(b.created_at) - new Date(a.created_at));
+
+            // Find the latest validation comment by github-actions[bot]
+            const latestValidationComment = sortedComments.find(comment => comment.user.login === 'github-actions[bot]' && comment.body.startsWith("## Validation steps"));
+
+            if (latestValidationComment) {
+              const reactions = await github.reactions.listForIssueComment({
+                comment_id: latestValidationComment.id,
+                owner: context.repo.owner,
+                repo: context.repo.repo
+              });
+
+              // Check if the PR author gave a thumbs-up reaction on the bot's validation comment
+              const authorReaction = reactions.data.find(reaction => reaction.user.login === context.payload.pull_request.user.login && reaction.content === '+1');
+
+              if (authorReaction) {
+                console.log("The latest validation comment by github-actions[bot] has the required thumbs-up reaction from the PR author.");
+              } else {
+                const createdAt = new Date(latestValidationComment.created_at).toLocaleString('en-US', { timeZoneName: 'short' });
+                console.error("Failed Check - Comment Created At:", createdAt);
+                core.setFailed("The latest validation comment by github-actions[bot] does not have the required thumbs-up reaction from the PR author!");
+              }
+            } else {
+              console.warn("No validation comments by github-actions[bot] found.");
+            }

From 35bf784abb0d5ee22b4a58bb66d3d983249990bc Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Fri, 29 Sep 2023 11:46:53 -0300
Subject: [PATCH 14/19] Renaming require checklist workflow

---
 .../{require-checklist.yaml => validation-comment.yaml}       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename .github/workflows/{require-checklist.yaml => validation-comment.yaml} (96%)

diff --git a/.github/workflows/require-checklist.yaml b/.github/workflows/validation-comment.yaml
similarity index 96%
rename from .github/workflows/require-checklist.yaml
rename to .github/workflows/validation-comment.yaml
index cfc32b1e17..61b5c58fdd 100644
--- a/.github/workflows/require-checklist.yaml
+++ b/.github/workflows/validation-comment.yaml
@@ -1,4 +1,4 @@
-name: Require Checklist
+name: Validation Comment
 
 on:
   pull_request_target:
@@ -7,7 +7,7 @@ on:
       - release-v*
 
 jobs:
-  review-checklist:
+  validation-comment:
     name: Make validation comment on PR
     runs-on: ubuntu-latest
     permissions: write-all

From 3cb4793c819cece7282b038e1f56d88551cd6e7e Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Fri, 29 Sep 2023 11:49:16 -0300
Subject: [PATCH 15/19] Adding instructions in the github-action [bot] comment

---
 .github/workflows/validation-comment.yaml | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/validation-comment.yaml b/.github/workflows/validation-comment.yaml
index 61b5c58fdd..3bc6f3e30a 100644
--- a/.github/workflows/validation-comment.yaml
+++ b/.github/workflows/validation-comment.yaml
@@ -21,14 +21,15 @@ jobs:
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: `## Validation steps [CI won't pass without adding a 👍 (thumbs up) reaction to this comment]
-              - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
-              Add a 👍 (thumbs up) reaction to this comment once done.
-              
-              
-              Ex:- 
-                longhorn-controller:
-                  repository: rancher/hardened-sriov-cni
-                  tag: v2.6.3-build20230913
-              
`,
+              body: `## Validation steps
+                - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
+                - Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment. The thumbs up reaction must be from the PR's author.
+                - Approve the PR to run the CI check.
+                
+                
+                Ex:- 
+                  longhorn-controller:
+                    repository: rancher/hardened-sriov-cni
+                    tag: v2.6.3-build20230913
+                
`,
             })

From befc4725a2f9d83fb929b4e3ec54e9510f1601a9 Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Fri, 29 Sep 2023 14:04:38 -0300
Subject: [PATCH 16/19] Fixing github-action bot's comment formatting

---
 .github/workflows/validation-comment.yaml | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/validation-comment.yaml b/.github/workflows/validation-comment.yaml
index 3bc6f3e30a..6ffab10b70 100644
--- a/.github/workflows/validation-comment.yaml
+++ b/.github/workflows/validation-comment.yaml
@@ -21,15 +21,15 @@ jobs:
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: `## Validation steps
-                - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
-                - Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment. The thumbs up reaction must be from the PR's author.
-                - Approve the PR to run the CI check.
-                
-                
-                Ex:- 
-                  longhorn-controller:
-                    repository: rancher/hardened-sriov-cni
-                    tag: v2.6.3-build20230913
-                
`,
+              body:
+              `## Validation steps
+              - Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
+              
+              Ex:- 
+                longhorn-controller:
+                  repository: rancher/hardened-sriov-cni
+                  tag: v2.6.3-build20230913
+              

+              - Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment. The thumbs up reaction must be from the PR's author.
+              - Approve the PR to run the CI check.`
             })

From 66d1cf59972375f5fc48655fca3d88e3011ceaa0 Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Wed, 4 Oct 2023 16:55:59 -0300
Subject: [PATCH 17/19] Removes requirement for the thumbs up reaction to be
 from the PR's author

---
 .github/workflows/validation-check.yaml | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/validation-check.yaml b/.github/workflows/validation-check.yaml
index c2e009806f..6488b30501 100644
--- a/.github/workflows/validation-check.yaml
+++ b/.github/workflows/validation-check.yaml
@@ -6,7 +6,7 @@ on:
 
 jobs:
   check-reaction:
-    name: Check for positive reaction on bot's latest validation comment from PR author
+    name: Check for positive reaction on bot's latest validation comment
     if: startsWith(github.event.pull_request.base.ref, 'dev-v') || startsWith(github.event.pull_request.base.ref, 'release-v')
     runs-on: ubuntu-latest
     steps:
@@ -35,16 +35,15 @@ jobs:
                 repo: context.repo.repo
               });
 
-              // Check if the PR author gave a thumbs-up reaction on the bot's validation comment
-              const authorReaction = reactions.data.find(reaction => reaction.user.login === context.payload.pull_request.user.login && reaction.content === '+1');
+              // Check if there's a thumbs-up reaction on the bot's validation comment
+              const thumbsUpReaction = reactions.data.some(reaction => reaction.content === '+1');
 
-              if (authorReaction) {
-                console.log("The latest validation comment by github-actions[bot] has the required thumbs-up reaction from the PR author.");
+              if (thumbsUpReaction) {
+                console.log("The validation comment by github-actions[bot] has the required thumbs-up reaction.");
               } else {
-                const createdAt = new Date(latestValidationComment.created_at).toLocaleString('en-US', { timeZoneName: 'short' });
                 console.error("Failed Check - Comment Created At:", createdAt);
-                core.setFailed("The latest validation comment by github-actions[bot] does not have the required thumbs-up reaction from the PR author!");
+                core.setFailed("The latest validation comment by github-actions[bot] does not have the required thumbs-up reaction!");
               }
             } else {
-              console.warn("No validation comments by github-actions[bot] found.");
+              core.setFailed("No validation comments by github-actions[bot] found.");
             }

From b458aa2b8a2bdb3f8849859158984376f69b4269 Mon Sep 17 00:00:00 2001
From: Lucas Lopes 
Date: Wed, 4 Oct 2023 18:03:18 -0300
Subject: [PATCH 18/19] Removing requirement of the PR author's reaction from
 comment

---
 .github/workflows/validation-comment.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/validation-comment.yaml b/.github/workflows/validation-comment.yaml
index 6ffab10b70..cd765c940b 100644
--- a/.github/workflows/validation-comment.yaml
+++ b/.github/workflows/validation-comment.yaml
@@ -30,6 +30,6 @@ jobs:
                   repository: rancher/hardened-sriov-cni
                   tag: v2.6.3-build20230913
               

-              - Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment. The thumbs up reaction must be from the PR's author.
+              - Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment.
               - Approve the PR to run the CI check.`
             })

From ca594a7c78f5410bb5663c185bcd6f70e00c47f2 Mon Sep 17 00:00:00 2001
From: Lucas Machado 
Date: Tue, 10 Oct 2023 15:35:51 +0000
Subject: [PATCH 19/19] Update validation-check.yaml

---
 .github/workflows/validation-check.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/validation-check.yaml b/.github/workflows/validation-check.yaml
index 6488b30501..7f8cc94241 100644
--- a/.github/workflows/validation-check.yaml
+++ b/.github/workflows/validation-check.yaml
@@ -41,6 +41,7 @@ jobs:
               if (thumbsUpReaction) {
                 console.log("The validation comment by github-actions[bot] has the required thumbs-up reaction.");
               } else {
+                const createdAt = new Date(latestValidationComment.created_at).toLocaleString('en-US', { timeZoneName: 'short' });
                 console.error("Failed Check - Comment Created At:", createdAt);
                 core.setFailed("The latest validation comment by github-actions[bot] does not have the required thumbs-up reaction!");
               }