veza/.github/workflows/mutation-testing.yml

name: Mutation Testing

on:
    schedule:
        - cron: "0 3 * * 0" # Weekly on Sunday at 3am UTC
    workflow_dispatch:

permissions:
    contents: read

env:
    GIT_SSL_NO_VERIFY: "true"
    NODE_TLS_REJECT_UNAUTHORIZED: "0"

jobs:
    mutation:
        runs-on: ubuntu-latest
        timeout-minutes: 60
        steps:
            - uses: actions/checkout@v4

            - uses: actions/setup-node@v4
              with:
                  node-version: 20
                  cache: npm
                  cache-dependency-path: apps/web/package-lock.json

            - name: Install dependencies
              run: cd apps/web && npm ci

            - name: Run Stryker mutation testing
              run: cd apps/web && npx stryker run

            - name: Upload mutation report
              if: always()
              uses: actions/upload-artifact@v4
              with:
                  name: mutation-report
                  path: apps/web/reports/mutation/
                  retention-days: 30