Skip to content

Add scheduled mutation testing via the shared workflow#67

Merged
leynos merged 2 commits into
mainfrom
add-mutation-testing
Jul 9, 2026
Merged

Add scheduled mutation testing via the shared workflow#67
leynos merged 2 commits into
mainfrom
add-mutation-testing

Conversation

@leynos

@leynos leynos commented Jul 8, 2026

Copy link
Copy Markdown
Owner

Summary

Enrols lag-complexity in the estate-wide scheduled mutation testing rollout. This pull request adds a thin caller of the leynos/shared-actions mutation-cargo reusable workflow, pinned to commit 859416a90eb3987b46a57682c5d6b8964ad3f0a6, following the estate template established in leynos/wireframe#572. The run is informational only — a daily scoped guard at 09:20 UTC plus sharded full runs on manual dispatch — and never gates merges.

Configuration for this repository

  • .github/workflows/mutation-testing.yml — the caller. It sets only what this repository needs:
    • extra-args: "--all-features" mirrors the CI test baseline (make test runs cargo test --all-targets --all-features), so feature-gated code (cli, json5, yaml, toml, provider-api) is built and tested against mutants.
    • exclude-globs: "src/tests/**,tests/support/**,src/bin/bless_traces.rs" excludes test scaffolding — src/tests re-exports tests/support into the library (via #[path]), so both would otherwise be mutation targets — and the golden-snapshot regenerator bless_traces, which is invoked manually (make bless) and not guarded by the test suite. Mutants there would only be noise survivors.
    • The paths input is omitted: the default (src/,examples/,benches/) already covers this single-crate layout. --test-workspace is omitted because the repository is not a cargo workspace, and no setup-commands are needed (no custom linker).
  • tests/workflow_contracts/mutation_testing_test.py — contract tests that parse the caller with PyYAML and pin the SHA, least-privilege permissions, per-ref non-cancelling concurrency, the 09:20 UTC cron slot, and the exact with: block, so drift fails CI on the pull request rather than surfacing in a scheduled run.
  • Makefile — a test-workflow-contracts target running the suite via uv run with pytest and PyYAML.
  • .github/workflows/ci.yml — a pinned astral-sh/setup-uv step and the contract-test step after Lint in the build-test job.
  • .gitignore — now covers __pycache__/.

Known limitation: baseline currently blocked (#66)

Baseline verification found that plain cargo test --all-features — what cargo-mutants runs to validate the unmutated tree — fails on three doctests in src/heuristics/text.rs, which import the pub(crate) module heuristics::text from outside the crate. CI stays green because --all-targets skips doctests. Until #66 is resolved, the scheduled run will report a failed baseline rather than mutation results. The workflow is informational, so enrolment proceeds regardless.

Validation

  • python3 -c "import yaml; …" — both workflow files parse.
  • actionlint — clean on mutation-testing.yml and ci.yml.
  • make test-workflow-contracts — 6 passed.
  • Negative pin test: repointing the uses: ref to @v1 fails test_uses_reference_is_pinned_to_the_documented_sha; restoring the SHA returns the suite to green.

Adopt the leynos/shared-actions mutation-cargo reusable workflow as a
thin caller, pinned to 859416a90eb3987b46a57682c5d6b8964ad3f0a6,
scheduled daily at 09:20 UTC with manual dispatch. The run is
informational: it never gates merges.

The caller configures only what this repository needs:

- extra-args "--all-features", mirroring the CI test baseline
  (make test runs cargo test --all-targets --all-features);
- exclude-globs for test scaffolding (the re-exported src/tests
  module and tests/support helpers) and the manually invoked
  golden-snapshot regenerator src/bin/bless_traces.rs, none of which
  the test suite guards.

The default source paths (src/, examples/, benches/) already cover
this single-crate layout, so the paths input is omitted, as is
--test-workspace (not a workspace).

A contract test suite (tests/workflow_contracts) parses the caller
with PyYAML and pins the SHA, least-privilege permissions, per-ref
non-cancelling concurrency, the cron slot, and the exact with-block,
so drift fails CI on the pull request. CI wires it in via a new
test-workflow-contracts make target after the Lint step, and
.gitignore now covers __pycache__/.

Note: the mutation baseline is currently blocked by three doctests in
src/heuristics/text.rs that fail under plain cargo test (issue #66);
CI misses them because --all-targets skips doctests.

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @leynos, you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

@coderabbitai

coderabbitai Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

This PR adds a scheduled mutation-testing GitHub Actions workflow that calls a shared reusable workflow with pinned SHA, permissions, and concurrency settings. A new Makefile target and CI step run a PyYAML-based contract test suite verifying the workflow's structure, plus a minor .gitignore update.

Changes

Mutation testing workflow and contract verification

Layer / File(s) Summary
Mutation testing workflow definition
.github/workflows/mutation-testing.yml
Defines a daily cron/manual-dispatch workflow with empty top-level permissions, per-ref concurrency, and a caller job pinned to a shared mutation-cargo.yml SHA passing --all-features and exclude-globs.
Contract test wiring via Makefile and CI
Makefile, .github/workflows/ci.yml, .gitignore
Adds a test-workflow-contracts Make target (via uv), a .PHONY entry, a CI step to run it after setting up uv/Python 3.13, and ignores __pycache__/.
Workflow contract test suite
tests/workflow_contracts/mutation_testing_test.py
Adds PyYAML-based tests asserting the pinned SHA, job permissions, workflow-level permissions, concurrency, triggers, and with block match expected constants.

Possibly related PRs

  • leynos/wireframe#563: Introduces the mutation-testing.yml workflow that the contract tests in this PR validate.
  • leynos/shared-actions#319: Adds the reusable mutation-cargo.yml workflow that this PR's caller workflow and contract tests reference by pinned SHA.
  • leynos/wireframe#572: Maintains the same mutation-testing.yml caller semantics and contract-test surface enforced here.

Suggested labels: Issue

Poem

A rabbit hops through YAML fields at night,
Pinning SHAs so nothing drifts from sight,
uv sets the stage, pytest takes the floor,
Contracts checked, permissions locked once more,
Mutation tests run daily, tidy and right. 🐇✅

🚥 Pre-merge checks | ✅ 5 | ❌ 15

❌ Failed checks (15 inconclusive)

Check name Status Explanation Resolution
Testing (Overall) ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
User-Facing Documentation ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Developer Documentation ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Module-Level Documentation ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Testing (Unit And Behavioural) ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Testing (Property / Proof) ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Testing (Compile-Time / Ui) ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Unit Architecture ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Domain Architecture ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Observability ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Security And Privacy ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Performance And Resource Use ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Concurrency And State ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Architectural Complexity And Maintainability ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
Rust Compiler Lint Integrity ❓ Inconclusive Repository clone failed, so this custom check could not run with code access. Retry the review run. If this persists, inspect pre-merge custom-check logs for infrastructure or agent runtime failures.
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly matches the main change: adding scheduled mutation testing via the shared workflow.
Description check ✅ Passed The description directly explains the workflow, contract tests, CI wiring, and current limitation for this changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch add-mutation-testing

Comment @coderabbitai help to get the list of available commands.

codescene-access[bot]

This comment was marked as outdated.

@coderabbitai coderabbitai Bot added the Issue label Jul 8, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Around line 21-23: The test-workflow-contracts target currently pulls pytest
and pyyaml with ad-hoc version ranges via uv run, which bypasses the project’s
locked dev set. Move pytest and pyyaml into the dev dependency group in
pyproject.toml, then update the Makefile target to run pytest without --with
flags so it uses the reproducible resolved environment.

In `@tests/workflow_contracts/mutation_testing_test.py`:
- Around line 42-44: The repeated calls to _load() in the mutation testing tests
reparses the same workflow YAML in every test, so move that parsing into a
shared module-scoped pytest fixture and inject it into each test instead. Create
the fixture in conftest.py or the shared fixtures area per project convention,
have it return the parsed workflow data once, and update each test_* function to
accept the fixture parameter rather than calling _load() directly. Keep _load()
only if needed as the fixture helper, and ensure all existing tests use the
shared workflow fixture consistently.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 9a6814df-3376-4480-a3be-d169fb220835

📥 Commits

Reviewing files that changed from the base of the PR and between 9fa593d and a79f71c.

📒 Files selected for processing (5)
  • .github/workflows/ci.yml
  • .github/workflows/mutation-testing.yml
  • .gitignore
  • Makefile
  • tests/workflow_contracts/mutation_testing_test.py
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

  • leynos/shared-actions (auto-detected)

Comment thread Makefile
Comment thread tests/workflow_contracts/mutation_testing_test.py Outdated
Replace the per-test _load() helper with a module-scoped pytest
fixture so the caller workflow is parsed once rather than in every
test, as CodeRabbit suggested and the repository's test guidance
prefers.
@leynos leynos merged commit 1858065 into main Jul 9, 2026
6 checks passed
@leynos leynos deleted the add-mutation-testing branch July 9, 2026 18:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant