try to fix ci 100500

RAprogramm · RAprogramm · commit 8a89f0d58e10 · 2025-09-17T18:06:05.000+07:00
diff --git a/.github/workflows/reusable-ci.yml b/.github/workflows/reusable-ci.yml
@@ -7,6 +7,11 @@ on:
         type: boolean
         default: true
 
+# даём боту право писать в репо; без этого пуш/PR не взлетит
+permissions:
+  contents: write
+  pull-requests: write
+
 jobs:
   ci:
     runs-on: ubuntu-latest
@@ -18,7 +23,7 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          persist-credentials: true
+          persist-credentials: true  # оставляем токен в origin, чтобы git push работал
 
       - name: Read MSRV from Cargo.toml
         id: msrv
@@ -46,7 +51,7 @@ jobs:
       - name: Install nightly rustfmt
         uses: dtolnay/rust-toolchain@v1
         with:
-          toolchain: nightly-2025-08-01
+          toolchain: nightly
           components: rustfmt
 
       - name: Cache cargo
@@ -101,8 +106,9 @@ jobs:
             echo "README is up to date (PR)."
           fi
 
-      - name: README autocommit on main
+      - name: README autocommit on main (push or PR)
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+        id: readme_update
         shell: bash
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -116,37 +122,60 @@ jobs:
           fi
           if [ "$need_update" -eq 0 ]; then
             echo "README is up to date (main)."
+            echo "updated=false" >> "$GITHUB_OUTPUT"
             exit 0
           fi
-          echo "Updating README on main and pushing..."
+
+          echo "Updating README working tree..."
+          cp -f "$README_CANDIDATE" README.md
+          git add README.md
+
           git config user.name  "github-actions[bot]"
           git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git config --global --add safe.directory "$GITHUB_WORKSPACE"
-          cp -f "$README_CANDIDATE" README.md
-          git add README.md
-          git commit -m "chore(readme): auto-refresh [skip ci]"
-          git pull --rebase --autostash origin main || true
-          git push origin HEAD:main || {
-            git pull --rebase --autostash origin main
-            git push origin HEAD:main
-          }
-          git fetch origin main
-          git reset --hard origin/main
-          git clean -fdx
 
-      - name: Ensure tree is clean before package
-        shell: bash
-        run: |
-          set -euo pipefail
-          if ! git diff --quiet; then
-            echo "Working tree is dirty:"
-            git status --porcelain
-            exit 1
+          git commit -m "chore(readme): auto-refresh [skip ci]" || true
+
+          set +e
+          git pull --rebase --autostash origin main
+          git push origin HEAD:main
+          rc=$?
+          set -e
+
+          if [ $rc -eq 0 ]; then
+            echo "Push to main succeeded."
+            echo "updated=true" >> "$GITHUB_OUTPUT"
+            # вычистим дерево, чтобы дальше всё было чисто
+            git fetch origin main
+            git reset --hard origin/main
+            git clean -fdx
+            exit 0
           fi
+
+          echo "Push to main denied (likely branch protection). Preparing PR..."
+          echo "updated=true" >> "$GITHUB_OUTPUT"
+          # создаём ветку для PR
+          BR="ci/readme-auto-refresh"
+          git switch -c "$BR" || git checkout -b "$BR"
+          # коммит уже есть, просто запушим ветку
+          git push -u origin "$BR"
+
+      - name: Create pull request for README (fallback)
+        if: steps.readme_update.outputs.updated == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main'
+        uses: peter-evans/create-pull-request@v6
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ci/readme-auto-refresh
+          title: "chore(readme): auto-refresh"
+          body: |
+            Автоматически сгенерированный апдейт README. Прямой пуш в `main` запрещён политикой, поэтому открыт PR.
+          commit-message: "chore(readme): auto-refresh [skip ci]"
+          labels: ci, chore
+          delete-branch: true
       # ---------- end README handling ----------
 
       - name: Check formatting (nightly rustfmt)
-        run: cargo +nightly-2025-08-01 fmt --all -- --check
+        run: cargo +nightly fmt --all -- --check
 
       - name: Clippy (MSRV)
         shell: bash
@@ -168,6 +197,16 @@ jobs:
             cargo +${{ steps.msrv.outputs.msrv }} test --workspace --no-fail-fast
           fi
 
+      - name: Ensure tree is clean before package
+        shell: bash
+        run: |
+          set -euo pipefail
+          if ! git diff --quiet; then
+            echo "Working tree is dirty:"
+            git status --porcelain
+            exit 1
+          fi
+
       - name: Package (dry-run)
         run: cargo +${{ steps.msrv.outputs.msrv }} package --locked
 
