Tests in CI

.devcontainer/Dockerfile

@@ -1,53 +1,88 @@
-# Use the official Dev Container base image for Debian Bookworm
+# Use the official Dev Container base image for Debian Trixie
 # We use this instead of plain Debian to get a better development experience out of the box
 # as it includes common tools and configurations for development.
-FROM mcr.microsoft.com/devcontainers/base:bookworm AS base
+FROM mcr.microsoft.com/devcontainers/base:trixie AS base
 
 LABEL org.opencontainers.image.description="Development Container for Swindon Makerspace Access System"
 
 # libparse-debianchangelog-perl \
 RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
     && apt-get -y install --no-install-recommends \
-        perl \ 
-        cpanminus \
-        build-essential \
-        libalgorithm-diff-perl \
-        libalgorithm-diff-xs-perl \
-        libalgorithm-merge-perl \
-        libcgi-fast-perl \
-        libcgi-pm-perl \
-        libclass-accessor-perl \
-        libclass-isa-perl \
-        libencode-locale-perl \
-        libfcgi-perl \
-        libfile-fcntllock-perl \
-        libhtml-parser-perl \
-        libhtml-tagset-perl \
-        libhttp-date-perl \
-        libhttp-message-perl \
-        libio-html-perl \
-        libio-string-perl \
-        liblocale-gettext-perl \
-        liblwp-mediatypes-perl \
-        libsub-name-perl \
-        libswitch-perl \
-        libtext-charwidth-perl \
-        libtext-iconv-perl \
-        libtext-wrapi18n-perl \
-        libtimedate-perl \
-        liburi-perl \
-        libscalar-list-utils-perl \
-    && cpanm -S Carton \
-# for Perl::LanguageServer
+    perl \
+    cpanminus \
+    build-essential \
+    # Database drivers
+    libdbd-sqlite3-perl \
+    libdbd-pg-perl \
+    libpq-dev \
+    # Libraries for CPAN XS modules
+    libexpat1-dev \
+    libxml2-dev \
+    zlib1g-dev \
+    # Core Perl modules from apt
+    libalgorithm-diff-perl \
+    libalgorithm-diff-xs-perl \
+    libalgorithm-merge-perl \
+    libcgi-fast-perl \
+    libcgi-pm-perl \
+    libclass-accessor-perl \
+    libclass-isa-perl \
+    libencode-locale-perl \
+    libfcgi-perl \
+    libfile-fcntllock-perl \
+    libhtml-parser-perl \
+    libhtml-tagset-perl \
+    libhttp-date-perl \
+    libhttp-message-perl \
+    libio-html-perl \
+    libio-string-perl \
+    liblocale-gettext-perl \
+    liblwp-mediatypes-perl \
+    libsub-name-perl \
+    libswitch-perl \
+    libtext-charwidth-perl \
+    libtext-iconv-perl \
+    libtext-wrapi18n-perl \
+    libtimedate-perl \
+    liburi-perl \
+    libscalar-list-utils-perl \
+    libmoose-perl \
+    libjson-perl \
+    libdata-dump-perl \
+    libtry-tiny-perl \
+    libdatetime-perl \
+    libpath-class-perl \
+    libplack-perl \
+    libxml-parser-perl \
+    libcrypt-des-perl \
+    libssl-dev \
+    libio-socket-ssl-perl \
+    libnet-ssleay-perl \
+    ca-certificates \
+    && cpanm -n Carton \
+    # for Perl::LanguageServer
     && apt-get -y install  --no-install-recommends \
-        libanyevent-perl \
-        libclass-refresh-perl \
-        libdata-dump-perl \
-        libio-aio-perl \
-        libjson-perl \
-        libmoose-perl \
-        libpadwalker-perl \
-        libscalar-list-utils-perl \
-        libcoro-perl \
+    libanyevent-perl \
+    libclass-refresh-perl \
+    libio-aio-perl \
+    libpadwalker-perl \
+    libcoro-perl \
     && cpanm Perl::LanguageServer \
-    && rm -rf /var/lib/apt/lists/*
+    && rm -rf /var/lib/apt/lists/* /root/.cpanm
+
+# =============================================================================
+# DEPS STAGE - Install CPAN dependencies via Carton
+# =============================================================================
+FROM base AS deps
+
+WORKDIR /workspace
+
+# Copy dependency files first (for better layer caching)
+COPY cpanfile cpanfile.snapshot ./
+
+# Create vendor directory structure (for cached install)
+COPY vendor/ vendor/
+
+# Install dependencies using cached mode
+RUN carton install --cached \
+    && rm -rf /root/.cpanm

.dockerignore

@@ -0,0 +1,54 @@
+# Git
+.git/
+.gitignore
+.github/
+
+# Development files
+.devcontainer/
+.vscode/
+.idea/
+*.code-workspace
+
+# Database files (should not be in image)
+db/
+*.db
+*.db.bak
+rapidapp_coreschema.db
+
+# Documentation
+docs/
+*.md
+NOTES.txt
+Changes
+
+# Config backups and local configs (mount at runtime)
+config.bkp/
+accesssystem_api.conf
+accesssystem_api_local.conf
+accesssystem_dev.conf
+accesssystem.conf
+keys.conf
+
+# Keep example configs
+!*.conf.example
+
+# Build artifacts
+Makefile
+META.yml
+MYMETA.*
+pm_to_blib
+blib/
+inc/
+
+# Editor/OS files
+*~
+*.bak
+.DS_Store
+*.swp
+
+# OFX bank files
+ofx/
+*.ofx
+
+# Test output
+test_db.db

.github/workflows/build-dev-image.yaml

@@ -70,7 +70,7 @@ jobs:
       with:
         context: .
         file: .devcontainer/Dockerfile
-        target: base
+        target: deps
         push: true
         tags: ${{ steps.meta.outputs.tags }}
         labels: ${{ steps.meta.outputs.labels }}

.github/workflows/ci.yaml

@@ -0,0 +1,99 @@
+name: CI - Test and Build
+
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - master
+  workflow_dispatch:
+
+env:
+  CONTAINER_REGISTRY: ghcr.io
+  IMAGE_NAME: access-system
+
+jobs:
+  test:
+    name: 🧪 Run Tests
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: 📦 Checkout code
+      uses: actions/checkout@v6
+
+    - name: 🛠️ Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: 🏗️ Build test image
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        file: ./Dockerfile
+        target: test
+        load: true
+        tags: accesssystem-test:latest
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+
+    - name: 🧪 Run tests
+      run: |
+        docker run --rm accesssystem-test:latest
+
+  build-production:
+    name: 🚀 Build Production Image
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/'))
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: 📦 Checkout code
+      uses: actions/checkout@v6
+
+    - name: 🏷️ Generate Docker metadata
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: |
+          ${{ env.CONTAINER_REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
+        tags: |
+          type=ref,event=branch,priority=610
+          type=semver,pattern={{raw}}
+          type=semver,pattern={{version}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{major}}
+          type=sha,format=long
+          type=raw,value=latest,enable={{is_default_branch}}
+        annotations: |
+          runnumber=${{ github.run_id }}
+          sha=${{ github.sha }}
+          ref=${{ github.ref }}
+          org.opencontainers.image.description="Production Container for Swindon Makerspace Access System"
+
+    - name: 🔐 Log in to GitHub Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.CONTAINER_REGISTRY }}
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: 🛠️ Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: 🚀 Build and push production image
+      uses: docker/build-push-action@v6
+      with:
+        context: .
+        file: ./Dockerfile
+        target: production
+        push: true
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        annotations: ${{ steps.meta.outputs.annotations }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max