Fix RTC ppcle_linux build (#211)

* Add container suplimentary groups support

* Add diagnostic gathering

* Fix incorrect userid group searching

* one last tiny fix

* one last tiny fix

Dockerfile-server

@@ -21,12 +21,11 @@ ARG BUILDER_IMAGE=mq-golang-sdk:9.0.5.0-x86_64-ubuntu-16.04
 FROM $BUILDER_IMAGE as builder
 WORKDIR /go/src/github.com/ibm-messaging/mq-container/
 ARG IMAGE_REVISION="Not specified"
-ARG IMAGE_CREATED="Not specified"
 ARG IMAGE_SOURCE="Not specified"
 COPY cmd/ ./cmd
 COPY internal/ ./internal
 COPY vendor/ ./vendor
-RUN go build -ldflags "-X \"main.ImageCreated=$IMAGE_CREATED\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\"" ./cmd/runmqserver/
+RUN go build -ldflags "-X \"main.ImageCreated=$(date --iso-8601=seconds)\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\"" ./cmd/runmqserver/
 RUN go build ./cmd/chkmqready/
 RUN go build ./cmd/chkmqhealthy/
 # Run all unit tests

Makefile

@@ -1,4 +1,4 @@
-# © Copyright IBM Corporation 2017, 2018
+# © Copyright IBM Corporation 2018
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,290 +13,149 @@
 # limitations under the License.
 
 ###############################################################################
-# Conditional variables - you can override the values of these variables from
+# Variables
-# the command line
 ###############################################################################
-# BASE_IMAGE is the base image to use for MQ, for example "ubuntu" or "rhel"
+GO_PKG_DIRS = ./cmd ./internal ./test
-BASE_IMAGE ?= ubuntu:16.04
-# MQ_VERSION is the fully qualified MQ version number to build
-MQ_VERSION ?= 9.1.0.0
-# MQ_ARCHIVE is the name of the file, under the downloads directory, from which MQ Advanced can
-# be installed. The default value is derived from MQ_VERSION, BASE_IMAGE and architecture
-# Does not apply to MQ Advanced for Developers.
-MQ_ARCHIVE ?= IBM_MQ_$(MQ_VERSION)_$(MQ_ARCHIVE_TYPE)_$(MQ_ARCHIVE_ARCH).tar.gz
-# MQ_ARCHIVE_DEV is the name of the file, under the downloads directory, from which MQ Advanced
-# for Developers can be installed
-MQ_ARCHIVE_DEV ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
-# MQ_SDK_ARCHIVE specifies the archive to use for building the golang programs.  Defaults vary on developer or advanced.
-MQ_SDK_ARCHIVE ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
-# Options to `go test` for the Docker tests
-TEST_OPTS_DOCKER ?=
-# MQ_IMAGE_ADVANCEDSERVER is the name and tag of the built MQ Advanced image
-MQ_IMAGE_ADVANCEDSERVER ?=mqadvanced-server:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
-# MQ_IMAGE_DEVSERVER is the name and tag of the built MQ Advanced for Developers image
-MQ_IMAGE_DEVSERVER ?=mqadvanced-server-dev:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
-# MQ_IMAGE_SDK is the name and tag of the built MQ Advanced for Developers SDK image
-MQ_IMAGE_SDK ?=mq-sdk:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
-# MQ_IMAGE_GOLANG_SDK is the name and tag of the built MQ Advanced for Developers SDK image, plus Go tools
-MQ_IMAGE_GOLANG_SDK ?=mq-golang-sdk:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
-# DOCKER is the Docker command to run
-DOCKER ?= docker
-# MQ_PACKAGES specifies the MQ packages (.deb or .rpm) to install.  Defaults vary on base image.
-MQ_PACKAGES ?=
 
-###############################################################################
+BASE_OS = $(shell cat /etc/*-release | grep ID=)
-# Other variables
+ifeq "$(findstring ubuntu,$(BASE_OS))" "ubuntu"
-###############################################################################
+	BASE_OS=UBUNTU
-# ARCH is the platform architecture (e.g. x86_64, ppc64le or s390x)
+else ifeq "$(findstring rhel,$(BASE_OS))" "rhel"
-ARCH = $(shell uname -m)
+	BASE_OS=RHEL
-# BUILD_SERVER_CONTAINER is the name of the web server container used at build time
-BUILD_SERVER_CONTAINER=build-server
-# NUM_CPU is the number of CPUs available to Docker.  Used to control how many
-# test run in parallel
-NUM_CPU = $(or $(shell docker info --format "{{ .NCPU }}"),2)
-# BASE_IMAGE_TAG is a normalized version of BASE_IMAGE, suitable for use in a Docker tag
-BASE_IMAGE_TAG=$(subst /,-,$(subst :,-,$(BASE_IMAGE)))
-MQ_IMAGE_DEVSERVER_BASE=mqadvanced-server-dev-base:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
-# Docker image name to use for JMS tests
-DEV_JMS_IMAGE=mq-dev-jms-test
-# Variables for versioning
-IMAGE_REVISION=$(shell git rev-parse HEAD)
-IMAGE_SOURCE=$(shell git config --get remote.origin.url)
-IMAGE_CREATED=$(shell date -u +%Y-%m-%dT%H:%M:%S%:z)
-
-
-ifneq (,$(findstring Microsoft,$(shell uname -r)))
-	DOWNLOADS_DIR=$(patsubst /mnt/c%,C:%,$(realpath ./downloads/))
 else
-	DOWNLOADS_DIR=$(realpath ./downloads/)
+	BASE_OS=UNKNOWN
 endif
 
-# Try to figure out which archive to use from the BASE_IMAGE
+
-ifeq "$(findstring ubuntu,$(BASE_IMAGE))" "ubuntu"
-	MQ_ARCHIVE_TYPE=UBUNTU
-	MQ_ARCHIVE_DEV_PLATFORM=ubuntu
-else
-	MQ_ARCHIVE_TYPE=LINUX
-	MQ_ARCHIVE_DEV_PLATFORM=linux
-endif
-# Try to figure out which archive to use from the architecture
-ifeq "$(ARCH)" "x86_64"
-	MQ_ARCHIVE_ARCH=X86-64
-	MQ_DEV_ARCH=x86-64
-else ifeq "$(ARCH)" "ppc64le"
-	MQ_ARCHIVE_ARCH=LE_POWER
-	MQ_DEV_ARCH=ppcle
-else ifeq "$(ARCH)" "s390x"
-	MQ_ARCHIVE_ARCH=SYSTEM_Z
-	MQ_DEV_ARCH=s390x
-endif
-# Archive names for IBM MQ Advanced for Developers
-MQ_ARCHIVE_DEV_9.0.5.0=mqadv_dev905_$(MQ_ARCHIVE_DEV_PLATFORM)_x86-64.tar.gz
-MQ_ARCHIVE_DEV_9.1.0.0=mqadv_dev910_$(MQ_ARCHIVE_DEV_PLATFORM)_$(MQ_DEV_ARCH).tar.gz
 
 ###############################################################################
 # Build targets
 ###############################################################################
-.PHONY: vars
-vars:
-#ifeq "$(findstring ubuntu,$(BASE_IMAGE))","ubuntu"
-	@echo $(MQ_ARCHIVE_ARCH)
-	@echo $(MQ_ARCHIVE_TYPE)
-	@echo $(MQ_ARCHIVE)
 
-.PHONY: default
+# default to building UBUNTU as this was the default for the previous Makefile
-default: build-devserver test
+.PHONY: build-devserver
+ifeq ($(BASE_OS),UBUNTU)
+build-devserver: build-devserver-ubuntu
+else ifeq ($(BASE_OS),RHEL)
+build-devserver: build-devserver-rhel
+else
+build-devserver: unknownos
+endif
 
-# Build all components (except incubating ones)
+.PHONY: build-advancedserver
-.PHONY: all
+ifeq ($(BASE_OS),UBUNTU)
-all: build-devserver build-advancedserver
+build-advancedserver: build-advancedserver-ubuntu
+else ifeq ($(BASE_OS),RHEL)
+build-advancedserver: build-advancedserver-rhel
+else
+build-advancedserver: unknownos
+endif
 
-.PHONY: test-all
-test-all: test-devserver test-advancedserver
 
-.PHONY: precommit
+.PHONY: test-devserver
-precommit: fmt lint all test-all
+ifeq ($(BASE_OS),UBUNTU)
+test-devserver: test-devserver-ubuntu
+else ifeq ($(BASE_OS),RHEL)
+test-devserver: test-devserver-rhel
+else
+test-devserver: unknownos
+endif
 
-.PHONY: devserver
+.PHONY: test-advancedserver
-devserver: build-devserver test-devserver
+ifeq ($(BASE_OS),UBUNTU)
+test-advancedserver: test-advancedserver-ubuntu
+else ifeq ($(BASE_OS),RHEL)
+test-advancedserver: test-advancedserver-rhel
+else
+test-advancedserver: unknownos
+endif
 
-# Build incubating components
+.PHONY: build-devjmstest
-.PHONY: incubating
+ifeq ($(BASE_OS),UBUNTU)
-incubating: build-explorer
+build-devjmstest: build-devjmstest-ubuntu
+else ifeq ($(BASE_OS),RHEL)
+build-devjmstest: build-devjmstest-rhel
+else
+build-devjmstest: unknownos
+endif
 
+# UBUNTU building targets
+.PHONY: build-devserver-ubuntu
+build-devserver-ubuntu: 
+	$(MAKE) -f Makefile-UBUNTU build-devserver
+
+.PHONY: test-devserver-ubuntu
+test-devserver-ubuntu: 
+	$(MAKE) -f Makefile-UBUNTU test-devserver
+
+.PHONY: build-devjmstest-ubuntu
+	$(MAKE) -f Makefile-UBUNTU build-devjmstest
+
+.PHONY: build-advancedserver-ubuntu
+build-advancedserver-ubuntu: 
+	$(MAKE) -f Makefile-UBUNTU build-advancedserver
+
+.PHONY: test-advancedserver-ubuntu
+test-advancedserver-ubuntu: 
+	$(MAKE) -f Makefile-UBUNTU test-advancedserver
+
+.PHONY: build-devjmstest-ubuntu
+build-devjmstest-ubuntu:
+	$(MAKE) -f Makefile-UBUNTU build-devjmstest
+
+# RHEL building targets
+.PHONY: build-devserver-rhel
+build-devserver-rhel: 
+	$(MAKE) -f Makefile-RHEL build-devserver
+
+.PHONY: test-devserver-rhel
+test-devserver-rhel: 
+	$(MAKE) -f Makefile-RHEL test-devserver
+
+.PHONY: build-advancedserver-rhel
+build-advancedserver-rhel: 
+	$(MAKE) -f Makefile-RHEL build-advancedserver
+
+.PHONY: test-advancedserver-rhel
+test-advancedserver-rhel: 
+	$(MAKE) -f Makefile-RHEL test-advancedserver
+
+.PHONY: build-devjmstest-rhel
+build-devjmstest-rhel:
+	$(MAKE) -f Makefile-RHEL build-devjmstest
+
+# Common targets
 .PHONY: clean
 clean:
 	rm -rf ./coverage
 	rm -rf ./build
 	rm -rf ./deps
 
-downloads/$(MQ_ARCHIVE_DEV):
-	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced for Developers "$(MQ_VERSION)$(END)))
-	mkdir -p downloads
-	cd downloads; curl -LO https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_ARCHIVE_DEV)
-
-downloads/$(MQ_SDK_ARCHIVE):
-	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced for Developers "$(MQ_VERSION)$(END)))
-	mkdir -p downloads
-	cd downloads; curl -LO https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_SDK_ARCHIVE) 
-
-.PHONY: downloads
-downloads: downloads/$(MQ_ARCHIVE_DEV) downloads/$(MQ_SDK_ARCHIVE)
-
 .PHONY: deps
 deps:
 	glide install --strip-vendor
 
-# Vendor Go dependencies for the Docker tests
-test/docker/vendor:
-	cd test/docker && dep ensure -vendor-only
-
 .PHONY: build-cov
 build-cov:
 	mkdir -p build
 	cd build; go test -c -covermode=count ../cmd/runmqserver
 
-# Shortcut to just run the unit tests
+.PHONY: precommit
-.PHONY: test-unit
+precommit: fmt lint
-test-unit:
-	docker build --target builder --file Dockerfile-server .
-
-.PHONY: test-advancedserver
-test-advancedserver: test/docker/vendor
-	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER) on $(shell docker --version)"$(END)))
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) EXPECTED_LICENSE=Production go test -parallel $(NUM_CPU) $(TEST_OPTS_DOCKER)
-
-.PHONY: build-devjmstest
-build-devjmstest:
-	$(info $(SPACER)$(shell printf $(TITLE)"Build JMS tests for developer config"$(END)))
-	cd test/messaging && docker build --tag $(DEV_JMS_IMAGE) .
-
-.PHONY: test-devserver
-test-devserver: test/docker/vendor
-	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_DEVSERVER) on $(shell docker --version)"$(END)))
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) go test -parallel $(NUM_CPU) -tags mqdev $(TEST_OPTS_DOCKER)
-
-coverage:
-	mkdir coverage
-
-.PHONY: test-advancedserver-cover
-test-advancedserver-cover: test/docker/vendor coverage
-	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER) with code coverage on $(shell docker --version)"$(END)))
-	rm -f ./coverage/unit*.cov
-	# Run unit tests with coverage, for each package under 'internal'
-	go list -f '{{.Name}}' ./internal/... | xargs -I {} go test -cover -covermode count -coverprofile ./coverage/unit-{}.cov ./internal/{}
-#	ls -1 ./cmd | xargs -I {} go test -cover -covermode count -coverprofile ./coverage/unit-{}.cov ./cmd/{}/...
-	echo 'mode: count' > ./coverage/unit.cov
-	tail -q -n +2 ./coverage/unit-*.cov >> ./coverage/unit.cov
-	go tool cover -html=./coverage/unit.cov -o ./coverage/unit.html
-
-	rm -f ./test/docker/coverage/*.cov
-	rm -f ./coverage/docker.*
-	mkdir -p ./test/docker/coverage/
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER)-cover TEST_COVER=true go test $(TEST_OPTS_DOCKER)
-	echo 'mode: count' > ./coverage/docker.cov
-	tail -q -n +2 ./test/docker/coverage/*.cov >> ./coverage/docker.cov
-	go tool cover -html=./coverage/docker.cov -o ./coverage/docker.html
-
-	echo 'mode: count' > ./coverage/combined.cov
-	tail -q -n +2 ./coverage/unit.cov ./coverage/docker.cov  >> ./coverage/combined.cov
-	go tool cover -html=./coverage/combined.cov -o ./coverage/combined.html
-
-define docker-build-mq
-	# Create a temporary network to use for the build
-	$(DOCKER) network create build
-	# Start a web server to host the MQ downloadable (tar.gz) file
-	$(DOCKER) run \
-	  --rm \
-	  --name $(BUILD_SERVER_CONTAINER) \
-	  --network build \
-	  --network-alias build \
-	  --volume $(DOWNLOADS_DIR):/usr/share/nginx/html:ro \
-	  --detach \
-	  nginx:alpine
-	# Build the new image
-	$(DOCKER) build \
-	  --tag $1 \
-	  --file $2 \
-	  --network build \
-	  --build-arg MQ_URL=http://build:80/$3 \
-	  --build-arg BASE_IMAGE=$(BASE_IMAGE) \
-	  --build-arg BUILDER_IMAGE=$(MQ_IMAGE_GOLANG_SDK) \
-	  --build-arg IMAGE_REVISION="$(IMAGE_REVISION)" \
-	  --build-arg IMAGE_CREATED="$(IMAGE_CREATED)" \
-	  --build-arg IMAGE_SOURCE="$(IMAGE_SOURCE)" \
-	  --label IBM_PRODUCT_ID=$4 \
-	  --label IBM_PRODUCT_NAME=$5 \
-	  --label IBM_PRODUCT_VERSION=$6 \
-	  --build-arg MQ_PACKAGES="$(MQ_PACKAGES)" \
-	  . ; $(DOCKER) kill $(BUILD_SERVER_CONTAINER) && $(DOCKER) network rm build
-endef
-
-DOCKER_SERVER_VERSION=$(shell docker version --format "{{ .Server.Version }}")
-DOCKER_CLIENT_VERSION=$(shell docker version --format "{{ .Client.Version }}")
-.PHONY: docker-version
-docker-version:
-	@test "$(word 1,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker client 17.05 or greater is required" && exit 1)
-	@test "$(word 1,$(subst ., ,$(DOCKER_SERVER_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(DOCKER_SERVER_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker server 17.05 or greater is required" && exit 1)
-
-.PHONY: build-advancedserver
-build-advancedserver: MQ_SDK_ARCHIVE=$(MQ_ARCHIVE)
-build-advancedserver: downloads/$(MQ_ARCHIVE) docker-version build-golang-sdk-ex
-	$(info $(SPACER)$(shell printf $(TITLE)"Build $(MQ_IMAGE_ADVANCEDSERVER)"$(END)))
-	$(call docker-build-mq,$(MQ_IMAGE_ADVANCEDSERVER),Dockerfile-server,$(MQ_ARCHIVE),"4486e8c4cc9146fd9b3ce1f14a2dfc5b","IBM MQ Advanced",$(MQ_VERSION))
-
-.PHONY: build-devserver
-# Target-specific variable to add web server into devserver image
-ifeq "$(findstring ubuntu,$(BASE_IMAGE))" "ubuntu"
-build-devserver: MQ_PACKAGES=ibmmq-server ibmmq-java ibmmq-jre ibmmq-gskit ibmmq-msg-.* ibmmq-samples ibmmq-ams ibmmq-web
-else 
-build-devserver: MQ_PACKAGES=MQSeriesRuntime-*.rpm MQSeriesServer-*.rpm MQSeriesJava*.rpm MQSeriesJRE*.rpm MQSeriesGSKit*.rpm MQSeriesMsg*.rpm MQSeriesSamples*.rpm MQSeriesAMS-*.rpm MQSeriesWeb-*.rpm
-endif
-build-devserver: MQ_SDK_ARCHIVE=$(MQ_ARCHIVE_DEV)
-build-devserver: downloads/$(MQ_ARCHIVE_DEV) docker-version build-golang-sdk-ex
-	$(info $(shell printf $(TITLE)"Build $(MQ_IMAGE_DEVSERVER_BASE)"$(END)))
-	$(call docker-build-mq,$(MQ_IMAGE_DEVSERVER_BASE),Dockerfile-server,$(MQ_ARCHIVE_DEV),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers (Non-Warranted)",$(MQ_VERSION))
-	$(DOCKER) build --tag $(MQ_IMAGE_DEVSERVER) --build-arg IMAGE_SOURCE="$(IMAGE_SOURCE)" --build-arg IMAGE_REVISION="$(IMAGE_REVISION)" --build-arg IMAGE_CREATED="$(IMAGE_CREATED)" --build-arg BASE_IMAGE=$(MQ_IMAGE_DEVSERVER_BASE) --build-arg BUILDER_IMAGE=$(MQ_IMAGE_GOLANG_SDK) --file incubating/mqadvanced-server-dev/Dockerfile .
-
-.PHONY: build-advancedserver-cover
-build-advancedserver-cover: docker-version
-	$(DOCKER) build --build-arg BASE_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) -t $(MQ_IMAGE_ADVANCEDSERVER)-cover -f Dockerfile-server.cover .
-
-.PHONY: build-explorer docker-pull
-build-explorer: downloads/$(MQ_ARCHIVE_DEV)
-	$(call docker-build-mq,mq-explorer:latest-$(ARCH),incubating/mq-explorer/Dockerfile-mq-explorer,$(MQ_ARCHIVE_DEV),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers (Non-Warranted)",$(MQ_VERSION))
-
-.PHONY: build-sdk
-build-sdk: downloads/$(MQ_SDK_ARCHIVE) build-sdk-ex
-
-.PHONY: build-sdk-ex
-ifeq "$(findstring ubuntu,$(BASE_IMAGE))" "ubuntu"
-build-sdk-ex: MQ_PACKAGES=ibmmq-sdk ibmmq-samples build-essential
-else 
-build-sdk-ex: MQ_PACKAGES=MQSeriesRuntime-*.rpm MQSeriesSDK-*.rpm MQSeriesSamples*.rpm
-endif
-build-sdk-ex: docker-version docker-pull
-	$(call docker-build-mq,$(MQ_IMAGE_SDK),incubating/mq-sdk/Dockerfile,$(MQ_SDK_ARCHIVE),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers SDK (Non-Warranted)",$(MQ_VERSION))
-
-.PHONY: build-golang-sdk
-build-golang-sdk: downloads/$(MQ_SDK_ARCHIVE) build-golang-sdk-ex
-
-.PHONY: build-golang-sdk-ex
-build-golang-sdk-ex: docker-version build-sdk-ex
-	$(DOCKER) build --build-arg BASE_IMAGE=$(MQ_IMAGE_SDK) -t $(MQ_IMAGE_GOLANG_SDK) -f incubating/mq-golang-sdk/Dockerfile .
-#	$(call docker-build-mq,$(MQ_IMAGE_GOLANG_SDK),incubating/mq-golang-sdk/Dockerfile,$(MQ_IMAGE_SDK),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers SDK (Non-Warranted)",$(MQ_VERSION))
-
-docker-pull:
-	$(DOCKER) pull $(BASE_IMAGE)
-
-GO_PKG_DIRS = ./cmd ./internal ./test
 
+.PHONY: fmt
 fmt: $(addsuffix /$(wildcard *.go), $(GO_PKG_DIRS))
 	go fmt $(addsuffix /..., $(GO_PKG_DIRS))
 
+.PHONY: lint
 lint: $(addsuffix /$(wildcard *.go), $(GO_PKG_DIRS))
 	@# This expression is necessary because /... includes the vendor directory in golint
 	@# As of 11/04/2018 there is an open issue to fix it: https://github.com/golang/lint/issues/320
 	golint -set_exit_status $(sort $(dir $(wildcard $(addsuffix /*/*.go, $(GO_PKG_DIRS)))))
 
+.PHONY: unknownos
+unknownos:
+	$(info $(SPACER)$(shell printf "ERROR: Unknown OS ("$(BASE_OS)") please run specific make targets"$(END)))
+	exit 1
+
 include formatting.mk

Makefile-RHEL

@@ -0,0 +1,162 @@
+# © Copyright IBM Corporation 2018
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+###############################################################################
+# Conditional variables - you can override the values of these variables from
+# the command line
+###############################################################################
+# BASE_IMAGE is the base image to use for MQ, for example "ubuntu" or "rhel"
+BASE_IMAGE ?= rhel
+# MQ_VERSION is the fully qualified MQ version number to build
+MQ_VERSION ?= 9.1.0.0
+# MQ_ARCHIVE is the name of the file, under the downloads directory, from which MQ Advanced can
+# be installed. The default value is derived from MQ_VERSION, BASE_IMAGE and architecture
+# Does not apply to MQ Advanced for Developers.
+MQ_ARCHIVE ?= IBM_MQ_$(MQ_VERSION)_LINUX_$(MQ_ARCHIVE_ARCH).tar.gz
+# MQ_ARCHIVE_DEV is the name of the file, under the downloads directory, from which MQ Advanced
+# for Developers can be installed
+MQ_ARCHIVE_DEV ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
+# MQ_SDK_ARCHIVE specifies the archive to use for building the golang programs.  Defaults vary on developer or advanced.
+MQ_SDK_ARCHIVE ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
+# Options to `go test` for the Docker tests
+TEST_OPTS_DOCKER ?=
+# MQ_IMAGE_ADVANCEDSERVER is the name and tag of the built MQ Advanced image
+MQ_IMAGE_ADVANCEDSERVER ?=mqadvanced-server:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_IMAGE_DEVSERVER is the name and tag of the built MQ Advanced for Developers image
+MQ_IMAGE_DEVSERVER ?=mqadvanced-server-dev:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_IMAGE_SDK is the name and tag of the built MQ Advanced for Developers SDK image
+MQ_IMAGE_SDK ?=mq-sdk:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_IMAGE_GOLANG_SDK is the name and tag of the built MQ Advanced for Developers SDK image, plus Go tools
+MQ_IMAGE_GOLANG_SDK ?=mq-golang-sdk:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_PACKAGES specifies the MQ packages to install.  Defaults vary on base image.
+MQ_PACKAGES ?= MQSeriesRuntime-*.rpm MQSeriesServer-*.rpm MQSeriesJava*.rpm MQSeriesJRE*.rpm MQSeriesGSKit*.rpm MQSeriesMsg*.rpm MQSeriesSamples*.rpm MQSeriesAMS-*.rpm
+
+###############################################################################
+# Other variables
+###############################################################################
+# ARCH is the platform architecture (e.g. x86_64, ppc64le or s390x)
+ARCH = $(shell uname -m)
+# BASE_IMAGE_TAG is a normalized version of BASE_IMAGE, suitable for use in a Docker tag
+BASE_IMAGE_TAG=$(subst /,-,$(subst :,-,$(BASE_IMAGE)))
+MQ_IMAGE_DEVSERVER_BASE=mqadvanced-server-dev-base:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# Docker image name to use for JMS tests
+DEV_JMS_IMAGE=mq-dev-jms-test:latest
+# Variables for versioning
+IMAGE_REVISION=$(shell git rev-parse HEAD)
+IMAGE_SOURCE=$(shell git config --get remote.origin.url)
+MQDEV=
+
+
+ifneq (,$(findstring Microsoft,$(shell uname -r)))
+    DOWNLOADS_DIR=$(patsubst /mnt/c%,C:%,$(realpath ./downloads/))
+else
+    DOWNLOADS_DIR=$(realpath ./downloads/)
+endif
+
+# Try to figure out which archive to use from the architecture
+ifeq "$(ARCH)" "x86_64"
+    MQ_ARCHIVE_ARCH=X86-64
+    MQ_DEV_ARCH=x86-64
+else ifeq "$(ARCH)" "ppc64le"
+    MQ_ARCHIVE_ARCH=LE_POWER
+    MQ_DEV_ARCH=ppcle
+else ifeq "$(ARCH)" "s390x"
+    MQ_ARCHIVE_ARCH=SYSTEM_Z
+    MQ_DEV_ARCH=s390x
+endif
+# Archive names for IBM MQ Advanced for Developers
+MQ_ARCHIVE_DEV_9.0.5.0=mqadv_dev905_linux_x86-64.tar.gz
+MQ_ARCHIVE_DEV_9.1.0.0=mqadv_dev910_linux_$(MQ_DEV_ARCH).tar.gz
+
+###############################################################################
+# Build targets
+###############################################################################
+
+# Vendor Go dependencies for the Docker tests
+test/docker/vendor:
+	cd test/docker && dep ensure -vendor-only
+
+downloads/$(MQ_ARCHIVE_DEV):
+	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced for Developers "$(MQ_VERSION)$(END)))
+	mkdir -p downloads
+	cd downloads; curl -LO https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_ARCHIVE_DEV)
+
+.PHONY: downloads
+downloads: downloads/$(MQ_ARCHIVE_DEV)
+
+.PHONY: check-prereqs
+check-prereqs:
+	$(info $(SPACER)$(shell printf $(TITLE)"Checking for prereqs"$(END)))
+	which buildah || (echo "Missing required program buildah" && exit 1)
+	which podman || (echo "Missing required program podman" && exit 1)
+	yum list | grep yum-utils || (echo "Missing required package yum-utils" && exit 1)
+
+.PHONY: check-test-prereqs
+check-prereqs:
+	$(info $(SPACER)$(shell printf $(TITLE)"Checking for prereqs"$(END)))
+	which buildah || (echo "Missing required program buildah" && exit 1)
+	which docker || (echo "Missing required program docker" && exit 1)
+
+.PHONY: test-advancedserver
+test-advancedserver: check-test-prereqs test/docker/vendor
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER) on $(shell docker --version)"$(END)))
+	buildah push $(MQ_IMAGE_ADVANCEDSERVER) docker-daemon:$(MQ_IMAGE_ADVANCEDSERVER)
+	docker tag docker.io/$(MQ_IMAGE_ADVANCEDSERVER) $(MQ_IMAGE_ADVANCEDSERVER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) EXPECTED_LICENSE=Production go test $(TEST_OPTS_DOCKER)
+
+
+.PHONY: test-devserver
+test-devserver: check-test-prereqs test/docker/vendor
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_DEVSERVER) on $(shell docker --version)"$(END)))
+	buildah push $(MQ_IMAGE_DEVSERVER) docker-daemon:$(MQ_IMAGE_DEVSERVER)
+	docker tag docker.io/$(MQ_IMAGE_DEVSERVER) $(MQ_IMAGE_DEVSERVER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) go test -tags mqdev $(TEST_OPTS_DOCKER)
+
+
+.PHONY: build-advancedserver
+build-advancedserver: MQ_SDK_ARCHIVE=$(MQ_ARCHIVE)
+build-advancedserver: check-prereqs downloads/$(MQ_ARCHIVE) build-go-programs
+	$(info $(SPACER)$(shell printf $(TITLE)"Build $(MQ_IMAGE_ADVANCEDSERVER)"$(END)))
+	mq-advanced-server-rhel/mq-buildah.sh "$(MQ_ARCHIVE)" "$(MQ_PACKAGES)" "$(MQ_IMAGE_ADVANCEDSERVER)" "$(MQ_VERSION)" "$(MQDEV)"
+
+
+.PHONY: build-devserver
+build-devserver: MQ_SDK_ARCHIVE=$(MQ_ARCHIVE_DEV)
+build-devserver: MQDEV=TRUE
+build-devserver: MQ_PACKAGES=MQSeriesRuntime-*.rpm MQSeriesServer-*.rpm MQSeriesJava*.rpm MQSeriesJRE*.rpm MQSeriesGSKit*.rpm MQSeriesMsg*.rpm MQSeriesSamples*.rpm MQSeriesAMS-*.rpm MQSeriesWeb-*.rpm
+build-devserver: check-prereqs downloads/$(MQ_ARCHIVE_DEV) build-go-programs
+	$(info $(SPACER)$(shell printf $(TITLE)"Build $(MQ_IMAGE_DEVSERVER)"$(END)))
+	mq-advanced-server-rhel/mq-buildah.sh "$(MQ_ARCHIVE_DEV)" "$(MQ_PACKAGES)" "$(MQ_IMAGE_DEVSERVER_BASE)" "$(MQ_VERSION)" "$(MQDEV)"
+	mq-advanced-server-rhel/mqdev-buildah.sh "$(MQ_IMAGE_DEVSERVER_BASE)" "$(MQ_IMAGE_DEVSERVER)" "$(MQ_VERSION)"
+
+
+.PHONY: build-mqgolang-sdk
+build-mqgolang-sdk: check-prereqs downloads/$(MQ_SDK_ARCHIVE)
+	$(info $(SPACER)$(shell printf $(TITLE)"Build mq-golang SDK"$(END)))
+	mq-advanced-server-rhel/mq-golang-sdk-buildah.sh "$(MQ_SDK_ARCHIVE)" "$(MQ_IMAGE_GOLANG_SDK)"
+
+
+.PHONY: build-go-programs
+build-go-programs: check-prereqs build-mqgolang-sdk
+	$(info $(SPACER)$(shell printf $(TITLE)"Build go programs"$(END)))
+	IMAGE_REVISION=$(IMAGE_REVISION) IMAGE_SOURCE=$(IMAGE_SOURCE) mq-advanced-server-rhel/go-buildah.sh "$(MQ_IMAGE_GOLANG_SDK)" "$(MQDEV)"
+
+.PHONY: build-devjmstest
+build-devjmstest: check-test-prereqs
+	$(info $(SPACER)$(shell printf $(TITLE)"Build JMS tests for developer config"$(END)))
+	cd test/messaging && ./buildah.sh $(DEV_JMS_IMAGE)
+	buildah push $(DEV_JMS_IMAGE) docker-daemon:$(DEV_JMS_IMAGE)
+	docker tag docker.io/$(DEV_JMS_IMAGE) $(DEV_JMS_IMAGE)
+
+include formatting.mk

Makefile-UBUNTU

@@ -0,0 +1,272 @@
+# © Copyright IBM Corporation 2017, 2018
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+###############################################################################
+# Conditional variables - you can override the values of these variables from
+# the command line
+###############################################################################
+# BASE_IMAGE is the base image to use for MQ, for example "ubuntu" or "rhel"
+BASE_IMAGE ?= ubuntu:16.04
+# MQ_VERSION is the fully qualified MQ version number to build
+MQ_VERSION ?= 9.1.0.0
+# MQ_ARCHIVE is the name of the file, under the downloads directory, from which MQ Advanced can
+# be installed. The default value is derived from MQ_VERSION, BASE_IMAGE and architecture
+# Does not apply to MQ Advanced for Developers.
+MQ_ARCHIVE ?= IBM_MQ_$(MQ_VERSION)_$(MQ_ARCHIVE_TYPE)_$(MQ_ARCHIVE_ARCH).tar.gz
+# MQ_ARCHIVE_DEV is the name of the file, under the downloads directory, from which MQ Advanced
+# for Developers can be installed
+MQ_ARCHIVE_DEV ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
+# MQ_SDK_ARCHIVE specifies the archive to use for building the golang programs.  Defaults vary on developer or advanced.
+MQ_SDK_ARCHIVE ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
+# Options to `go test` for the Docker tests
+TEST_OPTS_DOCKER ?=
+# MQ_IMAGE_ADVANCEDSERVER is the name and tag of the built MQ Advanced image
+MQ_IMAGE_ADVANCEDSERVER ?=mqadvanced-server:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_IMAGE_DEVSERVER is the name and tag of the built MQ Advanced for Developers image
+MQ_IMAGE_DEVSERVER ?=mqadvanced-server-dev:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_IMAGE_SDK is the name and tag of the built MQ Advanced for Developers SDK image
+MQ_IMAGE_SDK ?=mq-sdk:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# MQ_IMAGE_GOLANG_SDK is the name and tag of the built MQ Advanced for Developers SDK image, plus Go tools
+MQ_IMAGE_GOLANG_SDK ?=mq-golang-sdk:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# DOCKER is the Docker command to run
+DOCKER ?= docker
+# MQ_PACKAGES specifies the MQ packages (.deb or .rpm) to install.  Defaults vary on base image.
+MQ_PACKAGES ?=
+
+###############################################################################
+# Other variables
+###############################################################################
+# ARCH is the platform architecture (e.g. x86_64, ppc64le or s390x)
+ARCH = $(shell uname -m)
+# BUILD_SERVER_CONTAINER is the name of the web server container used at build time
+BUILD_SERVER_CONTAINER=build-server
+# NUM_CPU is the number of CPUs available to Docker.  Used to control how many
+# test run in parallel
+NUM_CPU = $(or $(shell docker info --format "{{ .NCPU }}"),2)
+# BASE_IMAGE_TAG is a normalized version of BASE_IMAGE, suitable for use in a Docker tag
+BASE_IMAGE_TAG=$(subst /,-,$(subst :,-,$(BASE_IMAGE)))
+MQ_IMAGE_DEVSERVER_BASE=mqadvanced-server-dev-base:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
+# Docker image name to use for JMS tests
+DEV_JMS_IMAGE=mq-dev-jms-test
+# Variables for versioning
+IMAGE_REVISION=$(shell git rev-parse HEAD)
+IMAGE_SOURCE=$(shell git config --get remote.origin.url)
+
+ifneq (,$(findstring Microsoft,$(shell uname -r)))
+	DOWNLOADS_DIR=$(patsubst /mnt/c%,C:%,$(realpath ./downloads/))
+else
+	DOWNLOADS_DIR=$(realpath ./downloads/)
+endif
+
+# Try to figure out which archive to use from the BASE_IMAGE
+ifeq "$(findstring ubuntu,$(BASE_IMAGE))" "ubuntu"
+	MQ_ARCHIVE_TYPE=UBUNTU
+	MQ_ARCHIVE_DEV_PLATFORM=ubuntu
+else
+	MQ_ARCHIVE_TYPE=LINUX
+	MQ_ARCHIVE_DEV_PLATFORM=linux
+endif
+# Try to figure out which archive to use from the architecture
+ifeq "$(ARCH)" "x86_64"
+	MQ_ARCHIVE_ARCH=X86-64
+	MQ_DEV_ARCH=x86-64
+else ifeq "$(ARCH)" "ppc64le"
+	MQ_ARCHIVE_ARCH=LE_POWER
+	MQ_DEV_ARCH=ppcle
+else ifeq "$(ARCH)" "s390x"
+	MQ_ARCHIVE_ARCH=SYSTEM_Z
+	MQ_DEV_ARCH=s390x
+endif
+# Archive names for IBM MQ Advanced for Developers
+MQ_ARCHIVE_DEV_9.0.5.0=mqadv_dev905_$(MQ_ARCHIVE_DEV_PLATFORM)_x86-64.tar.gz
+MQ_ARCHIVE_DEV_9.1.0.0=mqadv_dev910_$(MQ_ARCHIVE_DEV_PLATFORM)_$(MQ_DEV_ARCH).tar.gz
+
+###############################################################################
+# Build targets
+###############################################################################
+.PHONY: vars
+vars:
+#ifeq "$(findstring ubuntu,$(BASE_IMAGE))","ubuntu"
+	@echo $(MQ_ARCHIVE_ARCH)
+	@echo $(MQ_ARCHIVE_TYPE)
+	@echo $(MQ_ARCHIVE)
+
+.PHONY: default
+default: build-devserver test
+
+# Build all components (except incubating ones)
+.PHONY: all
+all: build-devserver build-advancedserver
+
+.PHONY: test-all
+test-all: build-devjmstest test-devserver test-advancedserver
+
+.PHONY: devserver
+devserver: build-devserver build-devjmstest test-devserver
+
+# Build incubating components
+.PHONY: incubating
+incubating: build-explorer
+
+downloads/$(MQ_ARCHIVE_DEV):
+	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced for Developers "$(MQ_VERSION)$(END)))
+	mkdir -p downloads
+	cd downloads; curl -LO https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_ARCHIVE_DEV)
+
+downloads/$(MQ_SDK_ARCHIVE):
+	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced for Developers "$(MQ_VERSION)$(END)))
+	mkdir -p downloads
+	cd downloads; curl -LO https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_SDK_ARCHIVE) 
+
+.PHONY: downloads
+downloads: downloads/$(MQ_ARCHIVE_DEV) downloads/$(MQ_SDK_ARCHIVE)
+
+# Vendor Go dependencies for the Docker tests
+test/docker/vendor:
+	cd test/docker && dep ensure -vendor-only
+
+# Shortcut to just run the unit tests
+.PHONY: test-unit
+test-unit:
+	docker build --target builder --file Dockerfile-server .
+
+.PHONY: test-advancedserver
+test-advancedserver: test/docker/vendor
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER) on $(shell docker --version)"$(END)))
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) EXPECTED_LICENSE=Production go test -parallel $(NUM_CPU) $(TEST_OPTS_DOCKER)
+
+.PHONY: build-devjmstest
+build-devjmstest:
+	$(info $(SPACER)$(shell printf $(TITLE)"Build JMS tests for developer config"$(END)))
+	cd test/messaging && docker build --tag $(DEV_JMS_IMAGE) .
+
+.PHONY: test-devserver
+test-devserver: test/docker/vendor
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_DEVSERVER) on $(shell docker --version)"$(END)))
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) IBMJRE=true go test -parallel $(NUM_CPU) -tags mqdev $(TEST_OPTS_DOCKER)
+
+coverage:
+	mkdir coverage
+
+.PHONY: test-advancedserver-cover
+test-advancedserver-cover: test/docker/vendor coverage
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER) with code coverage on $(shell docker --version)"$(END)))
+	rm -f ./coverage/unit*.cov
+	# Run unit tests with coverage, for each package under 'internal'
+	go list -f '{{.Name}}' ./internal/... | xargs -I {} go test -cover -covermode count -coverprofile ./coverage/unit-{}.cov ./internal/{}
+#	ls -1 ./cmd | xargs -I {} go test -cover -covermode count -coverprofile ./coverage/unit-{}.cov ./cmd/{}/...
+	echo 'mode: count' > ./coverage/unit.cov
+	tail -q -n +2 ./coverage/unit-*.cov >> ./coverage/unit.cov
+	go tool cover -html=./coverage/unit.cov -o ./coverage/unit.html
+
+	rm -f ./test/docker/coverage/*.cov
+	rm -f ./coverage/docker.*
+	mkdir -p ./test/docker/coverage/
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER)-cover TEST_COVER=true go test $(TEST_OPTS_DOCKER)
+	echo 'mode: count' > ./coverage/docker.cov
+	tail -q -n +2 ./test/docker/coverage/*.cov >> ./coverage/docker.cov
+	go tool cover -html=./coverage/docker.cov -o ./coverage/docker.html
+
+	echo 'mode: count' > ./coverage/combined.cov
+	tail -q -n +2 ./coverage/unit.cov ./coverage/docker.cov  >> ./coverage/combined.cov
+	go tool cover -html=./coverage/combined.cov -o ./coverage/combined.html
+
+define docker-build-mq
+	# Create a temporary network to use for the build
+	$(DOCKER) network create build
+	# Start a web server to host the MQ downloadable (tar.gz) file
+	$(DOCKER) run \
+	  --rm \
+	  --name $(BUILD_SERVER_CONTAINER) \
+	  --network build \
+	  --network-alias build \
+	  --volume $(DOWNLOADS_DIR):/usr/share/nginx/html:ro \
+	  --detach \
+	  nginx:alpine
+	# Build the new image
+	$(DOCKER) build \
+	  --tag $1 \
+	  --file $2 \
+	  --network build \
+	  --build-arg MQ_URL=http://build:80/$3 \
+	  --build-arg BASE_IMAGE=$(BASE_IMAGE) \
+	  --build-arg BUILDER_IMAGE=$(MQ_IMAGE_GOLANG_SDK) \
+	  --build-arg IMAGE_REVISION="$(IMAGE_REVISION)" \
+	  --build-arg IMAGE_SOURCE="$(IMAGE_SOURCE)" \
+	  --label IBM_PRODUCT_ID=$4 \
+	  --label IBM_PRODUCT_NAME=$5 \
+	  --label IBM_PRODUCT_VERSION=$6 \
+	  --build-arg MQ_PACKAGES="$(MQ_PACKAGES)" \
+	  . ; $(DOCKER) kill $(BUILD_SERVER_CONTAINER) && $(DOCKER) network rm build
+endef
+
+DOCKER_SERVER_VERSION=$(shell docker version --format "{{ .Server.Version }}")
+DOCKER_CLIENT_VERSION=$(shell docker version --format "{{ .Client.Version }}")
+.PHONY: docker-version
+docker-version:
+	@test "$(word 1,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker client 17.05 or greater is required" && exit 1)
+	@test "$(word 1,$(subst ., ,$(DOCKER_SERVER_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(DOCKER_SERVER_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker server 17.05 or greater is required" && exit 1)
+
+.PHONY: build-advancedserver
+build-advancedserver: MQ_SDK_ARCHIVE=$(MQ_ARCHIVE)
+build-advancedserver: downloads/$(MQ_ARCHIVE) docker-version build-golang-sdk-ex
+	$(info $(SPACER)$(shell printf $(TITLE)"Build $(MQ_IMAGE_ADVANCEDSERVER)"$(END)))
+	$(call docker-build-mq,$(MQ_IMAGE_ADVANCEDSERVER),Dockerfile-server,$(MQ_ARCHIVE),"4486e8c4cc9146fd9b3ce1f14a2dfc5b","IBM MQ Advanced",$(MQ_VERSION))
+
+.PHONY: build-devserver
+# Target-specific variable to add web server into devserver image
+ifeq "$(findstring ubuntu,$(BASE_IMAGE))" "ubuntu"
+build-devserver: MQ_PACKAGES=ibmmq-server ibmmq-java ibmmq-jre ibmmq-gskit ibmmq-msg-.* ibmmq-samples ibmmq-ams ibmmq-web
+else 
+build-devserver: MQ_PACKAGES=MQSeriesRuntime-*.rpm MQSeriesServer-*.rpm MQSeriesJava*.rpm MQSeriesJRE*.rpm MQSeriesGSKit*.rpm MQSeriesMsg*.rpm MQSeriesSamples*.rpm MQSeriesAMS-*.rpm MQSeriesWeb-*.rpm
+endif
+build-devserver: MQ_SDK_ARCHIVE=$(MQ_ARCHIVE_DEV)
+build-devserver: downloads/$(MQ_ARCHIVE_DEV) docker-version build-golang-sdk-ex
+	$(info $(shell printf $(TITLE)"Build $(MQ_IMAGE_DEVSERVER_BASE)"$(END)))
+	$(call docker-build-mq,$(MQ_IMAGE_DEVSERVER_BASE),Dockerfile-server,$(MQ_ARCHIVE_DEV),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers (Non-Warranted)",$(MQ_VERSION))
+	$(DOCKER) build --tag $(MQ_IMAGE_DEVSERVER) --build-arg IMAGE_SOURCE="$(IMAGE_SOURCE)" --build-arg IMAGE_REVISION="$(IMAGE_REVISION)" --build-arg BASE_IMAGE=$(MQ_IMAGE_DEVSERVER_BASE) --build-arg BUILDER_IMAGE=$(MQ_IMAGE_GOLANG_SDK) --file incubating/mqadvanced-server-dev/Dockerfile .
+
+.PHONY: build-advancedserver-cover
+build-advancedserver-cover: docker-version
+	$(DOCKER) build --build-arg BASE_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) -t $(MQ_IMAGE_ADVANCEDSERVER)-cover -f Dockerfile-server.cover .
+
+.PHONY: build-explorer 
+build-explorer: downloads/$(MQ_ARCHIVE_DEV) docker-pull
+	$(call docker-build-mq,mq-explorer:latest-$(ARCH),incubating/mq-explorer/Dockerfile-mq-explorer,$(MQ_ARCHIVE_DEV),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers (Non-Warranted)",$(MQ_VERSION))
+
+.PHONY: build-sdk
+build-sdk: downloads/$(MQ_SDK_ARCHIVE) build-sdk-ex
+
+.PHONY: build-sdk-ex
+ifeq "$(findstring ubuntu,$(BASE_IMAGE))" "ubuntu"
+build-sdk-ex: MQ_PACKAGES=ibmmq-sdk ibmmq-samples build-essential
+else 
+build-sdk-ex: MQ_PACKAGES=MQSeriesRuntime-*.rpm MQSeriesSDK-*.rpm MQSeriesSamples*.rpm
+endif
+build-sdk-ex: docker-version docker-pull
+	$(call docker-build-mq,$(MQ_IMAGE_SDK),incubating/mq-sdk/Dockerfile,$(MQ_SDK_ARCHIVE),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers SDK (Non-Warranted)",$(MQ_VERSION))
+
+.PHONY: build-golang-sdk
+build-golang-sdk: downloads/$(MQ_SDK_ARCHIVE) build-golang-sdk-ex
+
+.PHONY: build-golang-sdk-ex
+build-golang-sdk-ex: docker-version build-sdk-ex
+	$(DOCKER) build --build-arg BASE_IMAGE=$(MQ_IMAGE_SDK) -t $(MQ_IMAGE_GOLANG_SDK) -f incubating/mq-golang-sdk/Dockerfile .
+#	$(call docker-build-mq,$(MQ_IMAGE_GOLANG_SDK),incubating/mq-golang-sdk/Dockerfile,$(MQ_IMAGE_SDK),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers SDK (Non-Warranted)",$(MQ_VERSION))
+
+.PHONY: docker-pull
+docker-pull:
+	$(DOCKER) pull $(BASE_IMAGE)
+
+include formatting.mk

README.md

@@ -1,26 +1,29 @@
-![IBM MQ logo](https://developer.ibm.com/messaging/wp-content/uploads/sites/18/2017/07/IBM-MQ-Square-200.png)
+# IBM MQ container
 
-# Overview
+[![Build Status](https://travis-ci.org/ibm-messaging/mq-container.svg?branch=master)](https://travis-ci.org/ibm-messaging/mq-container)
+
+**Note**: The `master` branch may be in an *unstable or even broken state* during development.
+To get a stable version, please use the correct [branch](https://github.com/ibm-messaging/mq-container/branches) for your MQ version, instead of the `master` branch.
+
+<img src="https://raw.githubusercontent.com/IBM/charts/master/logo/ibm-mq-icon.svg?sanitize=true" width="100" alt="IBM MQ logo" />
+
+## Overview
 
 Run [IBM® MQ](http://www-03.ibm.com/software/products/en/ibm-mq) in a container.
 
 You can build an image containing either IBM MQ Advanced, or IBM MQ Advanced for Developers.  The developer image includes a [default developer configuration](docs/developer-config.md), to make it easier to get started.  There is also an [incubating](incubating) folder for additional images for other MQ components, which you might find useful.
 
-# Current status
+## Build
-
-MQ Advanced for Developers image [![Build Status](https://travis-ci.org/ibm-messaging/mq-container.svg?branch=master)](https://travis-ci.org/ibm-messaging/mq-container)
-
-# Build
 
 After extracting the code from this repository, you can follow the [build documentation](docs/building.md) to build an image.
 
-# Usage
+## Usage
 
 See the [usage documentation](docs/usage.md) for details on how to run a container.
 
 Note that in order to use the image, it is necessary to accept the terms of the [IBM MQ license](#license).
 
-## Environment variables supported by this image
+### Environment variables supported by this image
 
 - **LICENSE** - Set this to `accept` to agree to the MQ Advanced for Developers license. If you wish to see the license you can set this to `view`.
 - **LANG** - Set this to the language you would like the license to be printed in.
@@ -30,15 +33,15 @@ Note that in order to use the image, it is necessary to accept the terms of the
 
 See the [default developer configuration docs](docs/developer-config.md) for the extra environment variables supported by the MQ Advanced for Developers image.
 
-## Kubernetes
+### Kubernetes
 
 If you want to use IBM MQ in [Kubernetes](https://kubernetes.io), you can find an example [Helm](https://helm.sh/) chart here: [IBM charts](https://github.com/IBM/charts).  This can be used to run the container on a cluster, such as [IBM Cloud Private](https://www.ibm.com/cloud-computing/products/ibm-cloud-private/) or the [IBM Cloud Kubernetes Service](https://www.ibm.com/cloud/container-service).
 
-# Issues and contributions
+## Issues and contributions
 
 For issues relating specifically to the container image or Helm chart, please use the [GitHub issue tracker](https://github.com/ibm-messaging/mq-container/issues). If you do submit a Pull Request related to this Docker image, please indicate in the Pull Request that you accept and agree to be bound by the terms of the [IBM Contributor License Agreement](CLA.md).
 
-# License
+## License
 
 The Dockerfiles and associated code and scripts are licensed under the [Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).
 Licenses for the products installed within the images are as follows:
@@ -49,6 +52,6 @@ Licenses for the products installed within the images are as follows:
 
 Note: The IBM MQ Advanced for Developers license does not permit further distribution and the terms restrict usage to a developer machine.
 
-# Copyright
+## Copyright
 
 © Copyright IBM Corporation 2015, 2018

cmd/runmqserver/logging.go

@@ -21,9 +21,11 @@ import (
 	"fmt"
 	"io/ioutil"
 	"os"
+	"os/exec"
 	"path/filepath"
 	"sync"
 
+	"github.com/ibm-messaging/mq-container/internal/command"
 	"github.com/ibm-messaging/mq-container/internal/logger"
 	"github.com/ibm-messaging/mq-container/internal/mqini"
 )
@@ -31,6 +33,8 @@ import (
 // var debug = false
 var log *logger.Logger
 
+var collectDiagOnFail bool = false
+
 func logTerminationf(format string, args ...interface{}) {
 	logTermination(fmt.Sprintf(format, args))
 }
@@ -45,6 +49,10 @@ func logTermination(args ...interface{}) {
 		log.Debug(err)
 	}
 	log.Error(msg)
+
+	if collectDiagOnFail {
+		logDiagnostics()
+	}
 }
 
 func getLogFormat() string {
@@ -111,3 +119,27 @@ func configureLogger(name string) (mirrorFunc, error) {
 		return nil, fmt.Errorf("invalid value for LOG_FORMAT: %v", f)
 	}
 }
+
+func logDiagnostics() {
+	log.Debug("--- Start Diagnostics ---")
+
+	// show the directory ownership/permissions
+	out, _, _ := command.Run("ls", "-l", "/mnt/")
+	log.Debugf("/mnt/:\n%s", out)
+	out, _, _ = command.Run("ls", "-l", "/mnt/mqm")
+	log.Debugf("/mnt/mqm:\n%s", out)
+	out, _, _ = command.Run("ls", "-l", "/mnt/mqm/data")
+	log.Debugf("/mnt/mqm/data:\n%s", out)
+	out, _, _ = command.Run("ls", "-l", "/var/mqm")
+	log.Debugf("/var/mqm:\n%s", out)
+	out, _, _ = command.Run("ls", "-l", "/var/mqm/errors")
+	log.Debugf("/var/mqm/errors:\n%s", out)
+
+	// Print out summary of any FDCs
+	cmd := exec.Command("/opt/mqm/bin/ffstsummary")
+	cmd.Dir = "/var/mqm/errors"
+	outB, _ := cmd.CombinedOutput()
+	log.Debugf("ffstsummary:\n%s", string(outB))
+
+	log.Debug("---  End Diagnostics  ---")
+}

cmd/runmqserver/main.go

@@ -58,12 +58,21 @@ func doMain() error {
 
 	// Start signal handler
 	signalControl := signalHandler(name)
+	// Enable diagnostic collecting on failure
+	collectDiagOnFail = true
+
+	err = verifyCurrentUser()
+	if err != nil {
+		logTermination(err)
+		return err
+	}
 
 	err = logConfig()
 	if err != nil {
 		logTermination(err)
 		return err
 	}
+
 	err = createVolume("/mnt/mqm")
 	if err != nil {
 		logTermination(err)

cmd/runmqserver/mirror.go

@@ -44,7 +44,6 @@ func waitForFile(ctx context.Context, path string) (os.FileInfo, error) {
 					return nil, fmt.Errorf("mirror: unable to get info on file %v", path)
 				}
 			}
-			log.Debugf("File exists: %v, %v", path, fi.Size())
 			return fi, nil
 		}
 	}
@@ -121,6 +120,7 @@ func mirrorLog(ctx context.Context, wg *sync.WaitGroup, path string, fromStart b
 			if fi == nil {
 				return
 			}
+			log.Debugf("File exists: %v, %v", path, fi.Size())
 			f, err = os.OpenFile(path, os.O_RDONLY, 0)
 			if err != nil {
 				log.Error(err)

cmd/runmqserver/mqconfig.go

@@ -18,7 +18,6 @@ package main
 import (
 	"fmt"
 	"io/ioutil"
-	"os/user"
 	"runtime"
 	"strings"
 
@@ -52,25 +51,6 @@ func logBaseImage() error {
 	return nil
 }
 
-func logUser() {
-	u, err := user.Current()
-	if err == nil {
-		g, err := u.GroupIds()
-		if err != nil {
-			log.Printf("Running as user ID %v (%v) with primary group %v", u.Uid, u.Name, u.Gid)
-		} else {
-			// Look for the primary group in the list of group IDs
-			for i, v := range g {
-				if v == u.Gid {
-					// Remove the element from the slice
-					g = append(g[:i], g[i+1:]...)
-				}
-			}
-			log.Printf("Running as user ID %v (%v) with primary group %v, and supplemental groups %v", u.Uid, u.Name, u.Gid, strings.Join(g, ","))
-		}
-	}
-}
-
 // logCapabilities logs the Linux capabilities (e.g. setuid, setgid).  See https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities
 func logCapabilities() error {
 	caps, err := container.Capabilities()

cmd/runmqserver/user.go

@@ -0,0 +1,137 @@
+/*
+© Copyright IBM Corporation 2018
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+package main
+
+import (
+	"fmt"
+	"os/user"
+	"strings"
+
+	"github.com/ibm-messaging/mq-container/internal/command"
+)
+
+const groupName string = "supplgrp"
+
+func verifyCurrentUser() error {
+	log.Debug("Verifying current user information")
+	curUser, err := user.Current()
+	if err != nil {
+		return err
+	}
+	log.Debugf("Detected current user as: %v+", curUser)
+	if curUser.Username == "mqm" {
+		// Not supported yet
+		return fmt.Errorf("Container is running as mqm user which is not supported. Please run this container as root")
+	} else if curUser.Username == "root" {
+		// We're running as root so need to check for supplementary groups.
+		// We can't use the golang User.GroupIDs as it doesn't seem to detect container supplementary groups..
+		groups, err := getCurrentUserGroups()
+		for _, e := range groups {
+			_, _, testGroup := command.Run("getent", "group", e)
+			if testGroup != nil {
+				log.Printf("Group %s does not exist on the system... Adding to system and MQM user", e)
+				_, _, err = command.Run("groupadd", "-g", e, groupName)
+				if err != nil {
+					log.Errorf("Failed to create group %s as %s", e, groupName)
+					return err
+				}
+				_, _, err = command.Run("usermod", "-aG", groupName, "mqm")
+				if err != nil {
+					log.Errorf("Failed to add group %s(%s) to the mqm user.", groupName, e)
+					return err
+				}
+			}
+		}
+	} else {
+		// We're running as an unknown user...
+		return fmt.Errorf("Container is running as %s user which is not supported. Please run this container as root", curUser.Username)
+	}
+
+	return nil
+}
+
+func logUser() {
+	u, usererr := user.Current()
+	if usererr == nil {
+		g, err := getCurrentUserGroups()
+		if err != nil && len(g) == 0 {
+			log.Printf("Running as user ID %v (%v) with primary group %v", u.Uid, u.Name, u.Gid)
+		} else {
+			// Look for the primary group in the list of group IDs
+			for i, v := range g {
+				if v == u.Gid {
+					// Remove the element from the slice
+					g = append(g[:i], g[i+1:]...)
+				}
+			}
+			log.Printf("Running as user ID %v (%v) with primary group %v, and supplementary groups %v", u.Uid, u.Name, u.Gid, strings.Join(g, ","))
+		}
+	}
+
+	if usererr == nil && u.Username != "mqm" {
+		mqm, err := user.Lookup("mqm")
+		// Need to print out mqm user details as well.
+		g, err := getUserGroups(mqm)
+		if err != nil && len(g) == 0 {
+			log.Printf("MQM user ID %v (%v) has primary group %v", mqm.Uid, "mqm", mqm.Gid)
+		} else {
+			// Look for the primary group in the list of group IDs
+			for i, v := range g {
+				if v == mqm.Gid {
+					// Remove the element from the slice
+					g = append(g[:i], g[i+1:]...)
+				}
+			}
+			log.Printf("MQM user ID %v (%v) has primary group %v, and supplementary groups %v", mqm.Uid, "mqm", mqm.Gid, strings.Join(g, ","))
+		}
+	}
+}
+
+func getCurrentUserGroups() ([]string, error) {
+	var nilArray []string
+	out, _, err := command.Run("id", "--groups")
+	if err != nil {
+		log.Debug("Unable to get current user groups")
+		return nilArray, err
+	}
+
+	out = strings.TrimSpace(out)
+	if out == "" {
+		// we don't have any groups?
+		return nilArray, fmt.Errorf("Unable to determine groups for current user")
+	}
+
+	groups := strings.Split(out, " ")
+	return groups, nil
+}
+
+func getUserGroups(usr *user.User) ([]string, error) {
+	var nilArray []string
+	out, _, err := command.Run("id", "--groups", usr.Uid)
+	if err != nil {
+		log.Debugf("Unable to get user %s groups", usr.Uid)
+		return nilArray, err
+	}
+
+	out = strings.TrimSpace(out)
+	if out == "" {
+		// we don't have any groups?
+		return nilArray, fmt.Errorf("Unable to determine groups for user %s", usr.Uid)
+	}
+
+	groups := strings.Split(out, " ")
+	return groups, nil
+}

cmd/runmqserver/version.go

@@ -23,9 +23,12 @@ import (
 )
 
 var (
-	ImageCreated  = "Not specified"
+	// ImageCreated is the date the image was built
+	ImageCreated = "Not specified"
+	// ImageRevision is the source control revision identifier
 	ImageRevision = "Not specified"
-	ImageSource   = "Not specified"
+	// ImageSource is the URL to get source code for building the image
+	ImageSource = "Not specified"
 )
 
 func logDateStamp() {

cmd/runmqserver/webserver.go

@@ -21,7 +21,9 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"os/exec"
 	"path/filepath"
+	"syscall"
 
 	"github.com/ibm-messaging/mq-container/internal/command"
 )
@@ -33,7 +35,20 @@ func startWebServer() error {
 		return nil
 	}
 	log.Println("Starting web server")
-	out, rc, err := command.RunAsMQM("strmqweb")
+	cmd := exec.Command("strmqweb")
+	// Set a default app password for the web server, if one isn't already set
+	_, set := os.LookupEnv("MQ_APP_PASSWORD")
+	if !set {
+		// Take all current environment variables, and add the app password
+		cmd.Env = append(os.Environ(), "MQ_APP_PASSWORD=passw0rd")
+	}
+	cmd.SysProcAttr = &syscall.SysProcAttr{}
+	uid, gid, err := command.LookupMQM()
+	if err != nil {
+		return err
+	}
+	cmd.SysProcAttr.Credential = &syscall.Credential{Uid: uint32(uid), Gid: uint32(gid)}
+	out, rc, err := command.RunCmd(cmd)
 	if err != nil {
 		log.Printf("Error %v starting web server: %v", rc, string(out))
 		return err

incubating/mq-advanced-server-rhel/ansible/.gitignore

@@ -1 +0,0 @@
-hosts

incubating/mq-advanced-server-rhel/ansible/rhel-build.yaml

@@ -1,62 +0,0 @@
-# © Copyright IBM Corporation 2018
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-# Sets up a server for building the Red Hat image.
-- hosts: rhbuild
-  become: true
-  any_errors_fatal: true
-  tasks:
-    - name: install buildah
-      package:
-        name: buildah
-        state: present
-      when: ansible_distribution == "RedHat"
-    - name: install podman
-      package:
-        name: buildah
-        state: present
-      when: ansible_distribution == "RedHat"
-    - name: install golang
-      package:
-        name: golang
-        state: absent
-    - name: install make
-      package:
-        name: make
-        state: present
-    - name: install git
-      package:
-        name: git
-        state: present
-    - name: install golang 1.10 from TAR
-      unarchive:
-        src: "https://dl.google.com/go/go1.10.3.linux-amd64.tar.gz"
-        dest: "/usr/local"
-        remote_src: yes
-        # TODO: Re-factor to use get_url first, so we can use the checksum
-        #checksum: sha256:fa1b0e45d3b647c252f51f5e1204aba049cde4af177ef9f2181f43004f901035
-        creates: /usr/local/go/doc/go1.10.html
-    - name: add golang to PATH
-      copy:
-        dest: "/etc/profile.d/golang.sh"
-        content: |
-          PATH=$PATH:/usr/local/go/bin
-    - name: install dep from GitHub
-      get_url:
-        url: https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64
-        dest: /usr/local/bin/dep
-        mode: 0755
-        checksum: sha256:31144e465e52ffbc0035248a10ddea61a09bf28b00784fd3fdd9882c8cbb2315
-      when: ansible_architecture == "x86_64"
-    # TODO: Install MQ SDK

incubating/mq-advanced-server-rhel/buildah.sh

@@ -1,141 +0,0 @@
-#!/bin/bash
-# -*- mode: sh -*-
-# © Copyright IBM Corporation 2018
-#
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Build a RHEL image, using the buildah tool
-
-set -x
-set -e
-
-MQ_ARCHIVE=downloads/mqadv_dev905_linux_x86-64.tar.gz
-MQ_PACKAGES="MQSeriesRuntime-*.rpm MQSeriesServer-*.rpm MQSeriesJava*.rpm MQSeriesJRE*.rpm MQSeriesGSKit*.rpm MQSeriesMsg*.rpm MQSeriesSamples*.rpm MQSeriesAMS-*.rpm"
-
-# Use a "scratch" container, so the resulting image has minimal files
-# Resulting image won't have yum, for example
-ctr=$(buildah from scratch)
-scratchmnt=$(buildah mount $ctr)
-
-# Initialize yum for use with the scratch container
-rpm --root $scratchmnt --initdb
-yum install yum-utils
-yumdownloader --destdir=/tmp redhat-release-server
-rpm --root $scratchmnt -ihv /tmp/redhat-release-server*.rpm
-
-# Install the packages required by MQ
-yum install -y --installroot=$scratchmnt \
-  bash \
-  bc \
-  coreutils \
-  file \
-  findutils \
-  gawk \
-  glibc-common \
-  grep \
-  passwd \
-  procps-ng \
-  sed \
-  tar \
-  util-linux
-
-# Clean up cached files
-yum clean all --installroot=$scratchmnt
-rm -rf $scratchmnt/var/cache/yum/*
-
-groupadd --root $scratchmnt --system --gid 888 mqm
-useradd --root $scratchmnt --system --uid 888 --gid mqm mqm
-usermod --root $scratchmnt -G root mqm
-
-DIR_EXTRACT=$scratchmnt/tmp/extract
-mkdir -p $scratchmnt/tmp/extract
-tar -zxvf ${MQ_ARCHIVE} -C ${DIR_EXTRACT}
-DIR_RPM=$(find ${DIR_EXTRACT} -name "*.rpm" -printf "%h\n" | sort -u | head -1)
-DIR_RPM=${DIR_RPM#$scratchmnt}
-#DIR_RPM=$(buildah run $ctr -- find ${DIR_EXTRACT} -name "*.rpm" -printf "%h\n" | sort -u | head -1)
-# Find location of mqlicense.sh
-#MQLICENSE=$(buildah run $ctr -- find ${DIR_EXTRACT} -name "mqlicense.sh")
-MQLICENSE=$(find ${DIR_EXTRACT} -name "mqlicense.sh")
-MQLICENSE=${MQLICENSE#$scratchmnt}
-
-# Accept the MQ license
-buildah run $ctr -- ${MQLICENSE} -text_only -accept
-
-buildah run $ctr -- bash -c "cd $DIR_RPM && rpm -ivh $MQ_PACKAGES"
-rm -rf ${DIR_EXTRACT}
-
-# Remove 32-bit libraries from 64-bit container
-find $scratchmnt/opt/mqm $scratchmnt/var/mqm -type f -exec file {} \; | awk -F: '/ELF 32-bit/{print $1}' | xargs --no-run-if-empty rm -f
-
-# Remove tar.gz files unpacked by RPM postinst scripts
-find $scratchmnt/opt/mqm -name '*.tar.gz' -delete
-
-# Recommended: Set the default MQ installation (makes the MQ commands available on the PATH)
-buildah run $ctr -- /opt/mqm/bin/setmqinst -p /opt/mqm -i
-
-# Remove the directory structure under /var/mqm which was created by the installer
-rm -rf $scratchmnt/var/mqm
-
-# Create the mount point for volumes
-mkdir -p $scratchmnt/mnt/mqm
-
-# Create the directory for MQ configuration files
-mkdir -p $scratchmnt/etc/mqm
-
-# Create a symlink for /var/mqm -> /mnt/mqm/data
-buildah run $ctr ln -s /mnt/mqm/data /var/mqm
-
-# Optional: Set these values for the Bluemix Vulnerability Report
-sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' $scratchmnt/etc/login.defs
-sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' $scratchmnt/etc/login.defs
-sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' $scratchmnt/etc/pam.d/password-auth
-
-# Build and test the Go code
-go build ./cmd/runmqserver/
-go build ./cmd/chkmqready/
-go build ./cmd/chkmqhealthy/
-go test -v ./cmd/runmqserver/
-go test -v ./cmd/chkmqready/
-go test -v ./cmd/chkmqhealthy/
-go test -v ./internal/...
-go vet ./cmd/... ./internal/...
-# Install the Go binaries into the image
-cp runmqserver $scratchmnt/usr/local/bin/
-cp chkmq* $scratchmnt/usr/local/bin/
-cp NOTICES.txt $scratchmnt/opt/mqm/licenses/notices-container.txt
-chmod ug+x $scratchmnt/usr/local/bin/runmqserver
-chown mqm:mqm $scratchmnt/usr/local/bin/*mq*
-chmod ug+xs $scratchmnt/usr/local/bin/chkmq*
-
-buildah config \
-  --port 1414/tcp \
-  --port 9157/tcp \
-  --os linux \
-  --label architecture=x86_64 \
-  --label io.openshift.tags="mq messaging" \
-  --label io.k8s.display-name="IBM MQ Advanced Server" \
-  --label io.k8s.description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
-  --label name="mqadvanced-server" \
-  --label vendor="IBM" \
-  --label version="9.0.5.0" \
-  --env AMQ_ADDITIONAL_JSON_LOG=1 \
-  --env LANG=en_US.UTF-8 \
-  --env LOG_FORMAT=basic \
-  --entrypoint runmqserver \
-  --user 888 \
-  $ctr
-buildah unmount $ctr
-buildah commit $ctr mymq
-
-# TODO: Leaves the working container lying around.  Good for dev.

incubating/mqadvanced-server-dev/Dockerfile

@@ -20,14 +20,13 @@ ARG BUILDER_IMAGE=mq-golang-sdk:9.0.5.0-x86_64-ubuntu-16.04
 ###############################################################################
 FROM $BUILDER_IMAGE as builder
 ARG IMAGE_REVISION="Not specified"
-ARG IMAGE_CREATED="Not specified"
 ARG IMAGE_SOURCE="Not specified"
 WORKDIR /go/src/github.com/ibm-messaging/mq-container/
 COPY cmd/ ./cmd
 COPY internal/ ./internal
 COPY vendor/ ./vendor
 # Re-build runmqserver, with code tagged with 'mqdev' enabled
-RUN go build -ldflags "-X \"main.ImageCreated=$IMAGE_CREATED\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\"" --tags 'mqdev'  ./cmd/runmqserver
+RUN go build -ldflags "-X \"main.ImageCreated=$(date --iso-8601=seconds)\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\"" --tags 'mqdev'  ./cmd/runmqserver
 RUN go build ./cmd/runmqdevserver/
 # Run all unit tests
 RUN go test -v ./cmd/runmqdevserver/...

incubating/mqadvanced-server-dev/web/installations/Installation1/servers/mqweb/mqwebuser.xml

@@ -16,13 +16,23 @@
             <security-role name="MQWebAdmin">
                 <group name="MQWebUI" realm="defaultRealm"/>
             </security-role>
+            <security-role name="MQWebUser">
+                <group name="MQWebMessaging" realm="defaultRealm"/>
+            </security-role>
         </application-bnd>
     </enterpriseApplication>
     <basicRegistry id="basic" realm="defaultRealm">
         <user name="admin" password="${env.MQ_ADMIN_PASSWORD}"/>
+        <!-- The app user will always get a default password of "passw0rd",
+             even if you don't set the environment variable.
+             See `webserver.go` -->
+        <user name="app" password="${env.MQ_APP_PASSWORD}"/>
         <group name="MQWebUI">
             <member name="admin"/>
         </group>
+        <group name="MQWebMessaging">
+            <member name="app"/>
+        </group>
     </basicRegistry>
     <variable name="httpHost" value="*"/>
     <include location="tls.xml"/>

mq-advanced-server-rhel/go-build.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+# -*- mode: sh -*-
+# © Copyright IBM Corporation 2018
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Builds and tests the golang programs used by the MQ image.
+
+set -e
+
+cd $GOPATH/src/github.com/ibm-messaging/mq-container/
+
+# Build and test the Go code
+mkdir -p build
+cd build
+
+rm -f chkmqready chkmqhealthy runmqserver runmqdevserver
+
+if [ "$MQDEV" = "TRUE" ]; then 
+    # Build and test the Go code
+    go build -ldflags "-X \"main.ImageCreated=$(date --iso-8601=seconds)\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\"" --tags 'mqdev' ../cmd/runmqserver/
+    go build ../cmd/runmqdevserver/
+else 
+    go build -ldflags "-X \"main.ImageCreated=$(date --iso-8601=seconds)\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\"" ../cmd/runmqserver/
+fi
+
+go build ../cmd/chkmqready/
+go build ../cmd/chkmqhealthy/
+go test -v ../cmd/runmqserver/
+go test -v ../cmd/chkmqready/
+go test -v ../cmd/chkmqhealthy/
+if [ "$MQDEV" = "TRUE" ]; then 
+    go test -v ../cmd/runmqdevserver
+fi
+go test -v ../internal/...
+go vet ../cmd/... ../internal/...

mq-advanced-server-rhel/go-buildah.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+# -*- mode: sh -*-
+# © Copyright IBM Corporation 2018
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Run the Go build script inside the Go container, mounting the source
+# directory in
+
+readonly tag=$1
+readonly dev=$2
+
+IMAGE_REVISION=${IMAGE_REVISION:="Not Applicable"}
+IMAGE_SOURCE=${IMAGE_SOURCE:="Not Applicable"}
+
+podman run \
+  --volume ${PWD}:/go/src/github.com/ibm-messaging/mq-container/ \
+  --env GOPATH=/go \
+  --env IMAGE_REVISION="$IMAGE_REVISION" \
+  --env IMAGE_SOURCE="$IMAGE_SOURCE" \
+  --env MQDEV=${dev} \
+  --rm \
+  ${tag} \
+  bash -c "cd /go/src/github.com/ibm-messaging/mq-container/ && ./mq-advanced-server-rhel/go-build.sh"

mq-advanced-server-rhel/install-mq-rhel.sh

@@ -0,0 +1,71 @@
+#!/bin/bash
+# -*- mode: sh -*-
+# © Copyright IBM Corporation 2018
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Install one or more MQ components into a buildah container
+
+set -ex
+
+readonly ctr_mq=$1
+readonly mnt_mq=$2
+readonly archive=$3
+readonly mq_packages=$4
+readonly dir_extract=/tmp/extract
+
+if [ ! -d ${dir_extract}/MQServer ]; then
+  mkdir -p ${dir_extract}
+  echo Extracting $archive
+  tar -zxf $archive -C ${dir_extract}
+  echo Extracting finished
+fi
+
+# If MQ_PACKAGES isn't specifically set, then choose a valid set of defaults
+
+
+# Accept the MQ license
+buildah run --volume ${dir_extract}:/mnt/mq-download $ctr_mq -- /mnt/mq-download/MQServer/mqlicense.sh -text_only -accept
+
+buildah run --volume ${dir_extract}:/mnt/mq-download $ctr_mq -- bash -c "cd /mnt/mq-download/MQServer && rpm -ivh $mq_packages"
+
+rm -rf ${dir_extract}/MQServer
+
+# Remove 32-bit libraries from 64-bit container
+find $mnt_mq/opt/mqm $mnt_mq/var/mqm -type f -exec file {} \; | awk -F: '/ELF 32-bit/{print $1}' | xargs --no-run-if-empty rm -f
+
+# Remove tar.gz files unpacked by RPM postinst scripts
+find $mnt_mq/opt/mqm -name '*.tar.gz' -delete
+
+# Recommended: Set the default MQ installation (makes the MQ commands available on the PATH)
+buildah run $ctr_mq -- /opt/mqm/bin/setmqinst -p /opt/mqm -i
+
+mkdir -p $mnt_mq/run/runmqserver
+chown 888:888 $mnt_mq/run/runmqserver
+
+# Remove the directory structure under /var/mqm which was created by the installer
+rm -rf $mnt_mq/var/mqm
+
+# Create the mount point for volumes
+mkdir -p $mnt_mq/mnt/mqm
+
+# Create a symlink for /var/mqm -> /mnt/mqm/data
+buildah run $ctr_mq -- ln -s /mnt/mqm/data /var/mqm
+
+# Optional: Set these values for the IBM Cloud Vulnerability Report
+sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' $mnt_mq/etc/login.defs
+sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' $mnt_mq/etc/login.defs
+sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' $mnt_mq/etc/pam.d/password-auth
+
+buildah run $ctr_mq -- cp -rs /opt/mqm/licenses/ /

mq-advanced-server-rhel/mq-buildah.sh

@@ -0,0 +1,114 @@
+#!/bin/bash
+# -*- mode: sh -*-
+# © Copyright IBM Corporation 2018
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Build a RHEL image, using the buildah tool
+# Usage
+# mq-buildah.sh ARCHIVEFILE PACKAGES
+
+set -x
+set -e
+
+###############################################################################
+# Setup MQ server working container
+###############################################################################
+
+readonly ctr_mq=$(buildah from rhel7)
+readonly mnt_mq=$(buildah mount $ctr_mq)
+readonly archive=downloads/$1
+readonly packages=$2
+readonly tag=$3
+readonly version=$4
+readonly mqdev=$5
+
+###############################################################################
+# Install MQ server
+###############################################################################
+
+groupadd --root ${mnt_mq} --system --gid 888 mqm
+useradd --root ${mnt_mq} --system --uid 888 --gid mqm mqm
+usermod --root ${mnt_mq} -aG root mqm
+usermod --root ${mnt_mq} -aG mqm root
+
+# Install the packages required by MQ
+buildah run $ctr_mq -- yum install -y --setopt install_weak_deps=false --setopt=tsflags=nodocs --setopt=override_install_langs=en_US.utf8 \
+  bash \
+  bc \
+  coreutils \
+  file \
+  findutils \
+  gawk \
+  glibc-common \
+  grep \
+  passwd \
+  procps-ng \
+  sed \
+  tar \
+  util-linux
+
+# Clean up cached files
+buildah run $ctr_mq -- yum clean all
+rm -rf ${mnt_mq}/var/cache/yum/*
+
+# Install MQ server packages into the MQ builder image
+./mq-advanced-server-rhel/install-mq-rhel.sh ${ctr_mq} "${mnt_mq}" "${archive}" "${packages}"
+
+# Create the directory for MQ configuration files
+mkdir -p ${mnt_mq}/etc/mqm
+chown 888:888 ${mnt_mq}/etc/mqm
+
+# Install the Go binaries into the image
+install --mode 0750 --owner 888 --group 888 ./build/runmqserver ${mnt_mq}/usr/local/bin/
+install --mode 6750 --owner 888 --group 888 ./build/chk* ${mnt_mq}/usr/local/bin/
+install --mode 0750 --owner 888 --group 888 ./NOTICES.txt ${mnt_mq}/opt/mqm/licenses/notices-container.txt
+
+###############################################################################
+# Final Buildah commands
+###############################################################################
+
+if [ "$mqdev" = "TRUE" ]; then
+  OSTAG="mq messaging developer"
+  DISNAME="IBM MQ Advanced Server Developer Edition"
+else
+  OSTAG="mq messaging"
+  DISNAME="IBM MQ Advanced Server"
+fi
+
+buildah config \
+  --port 1414/tcp \
+  --port 9157/tcp \
+  --os linux \
+  --label architecture=x86_64 \
+  --label io.openshift.tags="$OSTAG" \
+  --label io.k8s.display-name="$DISNAME" \
+  --label io.k8s.description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
+  --label name="${tag%:*}" \
+  --label vendor="IBM" \
+  --label version="$version" \
+  --label release="1" \
+  --label run="docker run -d -e LICENSE=accept --name ibm-mq ${tag%:*}" \
+  --label summary="$DISNAME" \
+  --label description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
+  --env AMQ_ADDITIONAL_JSON_LOG=1 \
+  --env LANG=en_US.UTF-8 \
+  --env LOG_FORMAT=basic \
+  --entrypoint runmqserver \
+  --user root \
+  $ctr_mq
+buildah unmount $ctr_mq
+buildah commit $ctr_mq $tag
+
+buildah rm $ctr_mq

mq-advanced-server-rhel/mq-golang-sdk-buildah.sh

@@ -0,0 +1,54 @@
+#!/bin/bash
+# -*- mode: sh -*-
+# © Copyright IBM Corporation 2018
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Build a RHEL image for building Go programs which use MQ
+
+set -ex
+readonly mq_archive=downloads/$1
+readonly tag=$2
+# Use plain RHEL 7 container
+# Note: Red Hat's devtools/go-toolset-7-rhel7 image doesn't allow use of 'root'
+# user required for installing the MQ SDK
+readonly ctr_mq=$(buildah from rhel7)
+readonly mnt_mq=$(buildah mount $ctr_mq)
+
+# Add mqm user
+groupadd --root $mnt_mq --system --gid 888 mqm
+useradd --root $mnt_mq --system --uid 888 --gid mqm mqm
+usermod --root $mnt_mq -aG root mqm
+usermod --root $mnt_mq -aG mqm root
+
+# Enable Yum repository for "optional" RPMs, which is needed for "golang"
+buildah run ${ctr_mq} -- yum-config-manager --enable rhel-7-server-optional-rpms
+# Install Go compiler
+buildah run ${ctr_mq} -- yum install -y golang git gcc
+
+# Install the MQ SDK into the Go builder image
+./mq-advanced-server-rhel/install-mq-rhel.sh ${ctr_mq} "${mnt_mq}" "${mq_archive}" "MQSeriesRuntime-*.rpm MQSeriesSDK-*.rpm MQSeriesSamples*.rpm"
+# Clean up Yum files
+buildah run ${ctr_mq} -- yum clean all --releasever 7
+rm -rf ${mnt_mq}/var/cache/yum/*
+buildah unmount ${ctr_mq}
+# Set environment variables for MQ/Go compilation
+buildah config \
+  --os linux \
+  --env CGO_CFLAGS="-I/opt/mqm/inc/" \
+  --env CGO_LDFLAGS_ALLOW="-Wl,-rpath.*" \
+  ${ctr_mq}
+buildah commit ${ctr_mq} ${tag}
+
+buildah rm ${ctr_mq}

mq-advanced-server-rhel/mqdev-buildah.sh

@@ -0,0 +1,88 @@
+#!/bin/bash
+# -*- mode: sh -*-
+# © Copyright IBM Corporation 2018
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Build a RHEL image, using the buildah tool
+# Usage
+# mq-buildah.sh ARCHIVEFILE PACKAGES
+
+set -x
+set -e
+
+###############################################################################
+# Setup MQ server working container
+###############################################################################
+
+# Use a "scratch" container, so the resulting image has minimal files
+# Resulting image won't have yum, for example
+readonly basetag=$1
+readonly ctr_mq=$(buildah from $basetag)
+readonly mnt_mq=$(buildah mount $ctr_mq)
+readonly tag=$2
+readonly version=$3
+
+
+useradd --root $mnt_mq --gid mqm admin
+groupadd --root $mnt_mq --system mqclient
+useradd --root $mnt_mq --gid mqclient app
+
+buildah run $ctr_mq -- id admin
+buildah run $ctr_mq -- sh -c "echo admin:passw0rd | chpasswd"
+
+mkdir -p $mnt_mq/run/runmqdevserver
+chown 888:888 $mnt_mq/run/runmqdevserver
+
+# Copy runmqdevserver program
+install --mode 0750 --owner 888 --group 888 ./build/runmqdevserver ${mnt_mq}/usr/local/bin/
+
+# Copy template files
+cp incubating/mqadvanced-server-dev/*.tpl ${mnt_mq}/etc/mqm/
+
+# Copy web XML files for default developer configuration
+cp -R incubating/mqadvanced-server-dev/web ${mnt_mq}/etc/mqm/web
+
+###############################################################################
+# Final Buildah commands
+###############################################################################
+
+buildah config \
+  --port 1414/tcp \
+  --port 9157/tcp \
+  --port 9443/tcp \
+  --os linux \
+  --label architecture=x86_64 \
+  --label io.openshift.tags="mq messaging developer" \
+  --label io.k8s.display-name="IBM MQ Advanced Server Developer Edition" \
+  --label io.k8s.description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
+  --label name="${tag%:*}" \
+  --label vendor="IBM" \
+  --label version="$version" \
+  --label release="1" \
+  --label run="docker run -d -e LICENSE=accept --name ibm-mq-dev ${tag%:*}" \
+  --label summary="IBM MQ Advanced Server Developer Edition" \
+  --label description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
+  --env AMQ_ADDITIONAL_JSON_LOG=1 \
+  --env LANG=en_US.UTF-8 \
+  --env LOG_FORMAT=basic \
+  --env MQ_ADMIN_PASSWORD=passw0rd \
+  --env MQ_DEV=true \
+  --entrypoint runmqdevserver \
+  --user root \
+  $ctr_mq
+buildah unmount $ctr_mq
+buildah commit $ctr_mq $tag
+
+buildah rm $ctr_mq

test/docker/devconfig_test.go

@@ -37,10 +37,11 @@ func TestDevGoldenPath(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
+	qm := "qm1"
 	containerConfig := container.Config{
 		Env: []string{
 			"LICENSE=accept",
-			"MQ_QMGR_NAME=qm1",
+			"MQ_QMGR_NAME=" + qm,
 		},
 	}
 	id := runContainerWithPorts(t, cli, &containerConfig, []int{9443})
@@ -49,7 +50,13 @@ func TestDevGoldenPath(t *testing.T) {
 	waitForWebReady(t, cli, id, insecureTLSConfig)
 	t.Run("JMS", func(t *testing.T) {
 		// Run the JMS tests, with no password specified
-		runJMSTests(t, cli, id, false, "app", "")
+		runJMSTests(t, cli, id, false, "app", defaultAppPasswordOS)
+	})
+	t.Run("REST admin", func(t *testing.T) {
+		testRESTAdmin(t, cli, id, insecureTLSConfig)
+	})
+	t.Run("REST messaging", func(t *testing.T) {
+		testRESTMessaging(t, cli, id, insecureTLSConfig, qm, "app", defaultAppPasswordWeb)
 	})
 	// Stop the container cleanly
 	stopContainer(t, cli, id)
@@ -63,12 +70,15 @@ func TestDevSecure(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
+
 	const tlsPassPhrase string = "passw0rd"
+	qm := "qm1"
+	appPassword := "differentPassw0rd"
 	containerConfig := container.Config{
 		Env: []string{
 			"LICENSE=accept",
-			"MQ_QMGR_NAME=qm1",
+			"MQ_QMGR_NAME=" + qm,
-			"MQ_APP_PASSWORD=" + devAppPassword,
+			"MQ_APP_PASSWORD=" + appPassword,
 			"MQ_TLS_KEYSTORE=/var/tls/server.p12",
 			"MQ_TLS_PASSPHRASE=" + tlsPassPhrase,
 			"DEBUG=1",
@@ -100,7 +110,17 @@ func TestDevSecure(t *testing.T) {
 	waitForReady(t, cli, ctr.ID)
 	cert := filepath.Join(tlsDir(t, true), "server.crt")
 	waitForWebReady(t, cli, ctr.ID, createTLSConfig(t, cert, tlsPassPhrase))
-	runJMSTests(t, cli, ctr.ID, true, "app", devAppPassword)
+
+	t.Run("JMS", func(t *testing.T) {
+		runJMSTests(t, cli, ctr.ID, true, "app", appPassword)
+	})
+	t.Run("REST admin", func(t *testing.T) {
+		testRESTAdmin(t, cli, ctr.ID, insecureTLSConfig)
+	})
+	t.Run("REST messaging", func(t *testing.T) {
+		testRESTMessaging(t, cli, ctr.ID, insecureTLSConfig, qm, "app", appPassword)
+	})
+
 	// Stop the container cleanly
 	stopContainer(t, cli, ctr.ID)
 }
@@ -129,7 +149,7 @@ func TestDevWebDisabled(t *testing.T) {
 	})
 	t.Run("JMS", func(t *testing.T) {
 		// Run the JMS tests, with no password specified
-		runJMSTests(t, cli, id, false, "app", "")
+		runJMSTests(t, cli, id, false, "app", defaultAppPasswordOS)
 	})
 	// Stop the container cleanly
 	stopContainer(t, cli, id)

test/docker/devconfig_test_util.go

@@ -18,12 +18,15 @@ limitations under the License.
 package main
 
 import (
+	"bytes"
 	"context"
 	"crypto/tls"
 	"crypto/x509"
 	"fmt"
 	"io/ioutil"
 	"net/http"
+	"net/http/httputil"
+	"os"
 	"path/filepath"
 	"strings"
 	"testing"
@@ -34,8 +37,9 @@ import (
 	"github.com/docker/docker/client"
 )
 
-const devAdminPassword string = "passw0rd"
+const defaultAdminPassword string = "passw0rd"
-const devAppPassword string = "passw0rd"
+const defaultAppPasswordOS string = ""
+const defaultAppPasswordWeb string = "passw0rd"
 
 // Disable TLS verification (server uses a self-signed certificate by default,
 // so verification isn't useful anyway)
@@ -58,7 +62,7 @@ func waitForWebReady(t *testing.T, cli *client.Client, ID string, tlsConfig *tls
 		select {
 		case <-time.After(1 * time.Second):
 			req, err := http.NewRequest("GET", url, nil)
-			req.SetBasicAuth("admin", devAdminPassword)
+			req.SetBasicAuth("admin", defaultAdminPassword)
 			resp, err := httpClient.Do(req.WithContext(ctx))
 			if err == nil && resp.StatusCode == http.StatusOK {
 				t.Log("MQ web server is ready")
@@ -83,6 +87,7 @@ func runJMSTests(t *testing.T, cli *client.Client, ID string, tls bool, user, pa
 			"MQ_PORT_1414_TCP_ADDR=" + getIPAddress(t, cli, ID),
 			"MQ_USERNAME=" + user,
 			"MQ_CHANNEL=DEV.APP.SVRCONN",
+			"IBMJRE=" + os.Getenv("IBMJRE"),
 		},
 		Image: imageNameDevJMS(),
 	}
@@ -140,17 +145,16 @@ func createTLSConfig(t *testing.T, certFile, password string) *tls.Config {
 	}
 }
 
-func testREST(t *testing.T, cli *client.Client, ID string, tlsConfig *tls.Config) {
+func testRESTAdmin(t *testing.T, cli *client.Client, ID string, tlsConfig *tls.Config) {
 	httpClient := http.Client{
 		Timeout: time.Duration(30 * time.Second),
 		Transport: &http.Transport{
 			TLSClientConfig: tlsConfig,
 		},
 	}
-
 	url := fmt.Sprintf("https://localhost:%s/ibmmq/rest/v1/admin/installation", getPort(t, cli, ID, 9443))
 	req, err := http.NewRequest("GET", url, nil)
-	req.SetBasicAuth("admin", devAdminPassword)
+	req.SetBasicAuth("admin", defaultAdminPassword)
 	resp, err := httpClient.Do(req)
 	if err != nil {
 		t.Fatal(err)
@@ -159,3 +163,70 @@ func testREST(t *testing.T, cli *client.Client, ID string, tlsConfig *tls.Config
 		t.Errorf("Expected HTTP status code %v from 'GET installation'; got %v", http.StatusOK, resp.StatusCode)
 	}
 }
+
+// curl -i -k https://localhost:1234/ibmmq/rest/v1/messaging/qmgr/qm1/queue/DEV.QUEUE.1/message -X POST -u app -H “ibm-mq-rest-csrf-token: N/A” -H “Content-Type: text/plain;charset=utf-8" -d “Hello World”
+
+func logHTTPRequest(t *testing.T, req *http.Request) {
+	d, err := httputil.DumpRequestOut(req, true)
+	if err != nil {
+		t.Error(err)
+	}
+	t.Logf("HTTP request: %v", string(d))
+}
+
+func logHTTPResponse(t *testing.T, resp *http.Response) {
+	d, err := httputil.DumpResponse(resp, true)
+	if err != nil {
+		t.Error(err)
+	}
+	t.Logf("HTTP response: %v", string(d))
+}
+
+func testRESTMessaging(t *testing.T, cli *client.Client, ID string, tlsConfig *tls.Config, qmName string, user string, password string) {
+	httpClient := http.Client{
+		Timeout: time.Duration(30 * time.Second),
+		Transport: &http.Transport{
+			TLSClientConfig: tlsConfig,
+		},
+	}
+	q := "DEV.QUEUE.1"
+	url := fmt.Sprintf("https://localhost:%s/ibmmq/rest/v1/messaging/qmgr/%s/queue/%s/message", getPort(t, cli, ID, 9443), qmName, q)
+	putMessage := []byte("Hello")
+	req, err := http.NewRequest("POST", url, bytes.NewBuffer(putMessage))
+	req.SetBasicAuth(user, password)
+	req.Header.Add("ibm-mq-rest-csrf-token", "n/a")
+	req.Header.Add("Content-Type", "text/plain;charset=utf-8")
+	logHTTPRequest(t, req)
+	resp, err := httpClient.Do(req)
+	if err != nil {
+		t.Fatal(err)
+	}
+	logHTTPResponse(t, resp)
+	if resp.StatusCode != http.StatusCreated {
+		t.Errorf("Expected HTTP status code %v from 'POST to queue'; got %v", http.StatusOK, resp.StatusCode)
+		t.Logf("HTTP response: %+v", resp)
+		t.Fail()
+	}
+
+	req, err = http.NewRequest("DELETE", url, nil)
+	req.Header.Add("ibm-mq-rest-csrf-token", "n/a")
+	req.SetBasicAuth(user, password)
+	logHTTPRequest(t, req)
+	resp, err = httpClient.Do(req)
+	if err != nil {
+		t.Fatal(err)
+	}
+	logHTTPResponse(t, resp)
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("Expected HTTP status code %v from 'DELETE from queue'; got %v", http.StatusOK, resp.StatusCode)
+		t.Logf("HTTP response: %+v", resp)
+		t.Fail()
+	}
+	gotMessage, err := ioutil.ReadAll(resp.Body)
+	//gotMessage := string(b)
+	if string(gotMessage) != string(putMessage) {
+		t.Errorf("Expected payload to be \"%s\"; got \"%s\"", putMessage, gotMessage)
+	}
+}

test/docker/docker_api_test.go

@@ -684,10 +684,11 @@ func TestVersioning(t *testing.T) {
 			dataAr := strings.Split(line, " ")
 			data := dataAr[len(dataAr)-1]
 
-			// Verify created
+			// Verify created is in a known timestamp format
 			_, err := time.Parse(time.RFC3339, data)
-			if err != nil {
+			_, err2 := time.Parse("2006-01-02T15:04:05-0700", data)
-				t.Errorf("Failed to validate Image created (%v) - %v", data, err)
+			if err != nil && err2 != nil {
+				t.Errorf("Failed to validate Image created stamp (%v) - %v or %v", data, time.RFC3339, "2006-01-02T15:04:05-0700")
 			}
 		}
 

test/messaging/Dockerfile

@@ -30,7 +30,7 @@ RUN find /usr/src/mymaven
 ###############################################################################
 # Application runtime (JRE only, no build environment)
 ###############################################################################
-FROM ibmjava:sfj
+FROM ibmjava:8-jre
 COPY --from=builder /usr/src/mymaven/target/*.jar /opt/app/
 COPY --from=builder /usr/src/mymaven/target/lib/*.jar /opt/app/
 ENTRYPOINT ["java", "-classpath", "/opt/app/*", "org.junit.platform.console.ConsoleLauncher", "-p", "com.ibm.mqcontainer.test", "--details", "verbose"]

test/messaging/buildah.sh

@@ -0,0 +1,77 @@
+#!/bin/bash
+# © Copyright IBM Corporation 2018
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -x
+set -e
+
+###############################################################################
+# Setup MQ JMS Test container
+###############################################################################
+
+# Use a "scratch" container, so the resulting image has minimal files
+# Resulting image won't have yum, for example
+readonly ctr_mq=$(buildah from rhel7)
+readonly mnt_mq=$(buildah mount $ctr_mq)
+readonly imagename=$1
+
+buildah run $ctr_mq -- yum install -y \
+    java-1.7.0-openjdk-devel \
+    java \
+    which \
+    wget
+
+buildah run $ctr_mq -- sh -c "cd /tmp && wget http://mirror.olnevhost.net/pub/apache/maven/binaries/apache-maven-3.2.2-bin.tar.gz"
+tar xvf $mnt_mq/tmp/apache-maven-3.2.2-bin.tar.gz -C $mnt_mq/tmp/
+
+mkdir -p $mnt_mq/usr/src/mymaven
+cp pom.xml $mnt_mq/usr/src/mymaven/
+cp -R src $mnt_mq/usr/src/mymaven/src
+
+buildah run $ctr_mq -- sh -c "cd /usr/src/mymaven && export M2_HOME=/tmp/apache-maven-3.2.2 && export M2=\$M2_HOME/bin && export PATH=\$M2:\$PATH && mvn --version && mvn dependency:go-offline install && mvn --offline install"
+
+mkdir -p $mnt_mq/opt/app
+
+cp $mnt_mq/usr/src/mymaven/target/*.jar $mnt_mq/opt/app/
+cp $mnt_mq/usr/src/mymaven/target/lib/*.jar $mnt_mq/opt/app/
+
+###############################################################################
+# Post install tidy up
+###############################################################################
+
+rm -rf $mnt_mq/tmp/*
+rm -rf $mnt_mq/usr/src/mymaven
+
+# We can't uninstall tar or gzip because they are required
+buildah run $ctr_mq -- yum remove -y \
+    wget
+
+# Clean up cached files
+buildah run $ctr_mq -- yum clean all
+rm -rf ${mnt_mq}/var/cache/yum/*
+
+###############################################################################
+# Contain image finalization
+###############################################################################
+
+buildah config \
+  --os linux \
+  --label architecture=x86_64 \
+  --label name="${imagename%:*}" \
+  --entrypoint '["java", "-classpath", "/opt/app/*", "org.junit.platform.console.ConsoleLauncher", "-p", "com.ibm.mqcontainer.test", "--details", "verbose"]' \
+  $ctr_mq
+buildah unmount $ctr_mq
+buildah commit $ctr_mq $imagename
+
+buildah rm $ctr_mq

test/messaging/src/main/java/com/ibm/mqcontainer/test/JMSTests.java

@@ -73,6 +73,10 @@ class JMSTests {
         factory.setTransportType(WMQConstants.WMQ_CM_CLIENT);
         factory.setChannel(channel);
         factory.setConnectionNameList(String.format("%s(1414)", addr));
+        // If a password is set, make sure it gets sent to the queue manager for authentication
+        if (password != null) {
+            factory.setBooleanProperty(WMQConstants.USER_AUTHENTICATION_MQCSP, true);
+        }
         // factory.setClientReconnectOptions(WMQConstants.WMQ_CLIENT_RECONNECT);
         if (TRUSTSTORE == null) {
             LOGGER.info("Not using TLS");
@@ -80,9 +84,15 @@ class JMSTests {
         else {
             LOGGER.info(String.format("Using TLS.  Trust store=%s", TRUSTSTORE));
             SSLSocketFactory ssl = createSSLSocketFactory();
-            factory.setSSLSocketFactory(ssl);
+            factory.setSSLSocketFactory(ssl); 
-            factory.setSSLCipherSuite("SSL_RSA_WITH_AES_128_CBC_SHA256");
+            boolean ibmjre = System.getenv("IBMJRE").equals("true");
-            // LOGGER.info(Arrays.toString(ssl.getSupportedCipherSuites()));
+            if (ibmjre){
+                System.setProperty("com.ibm.mq.cfg.useIBMCipherMappings", "true");
+                factory.setSSLCipherSuite("SSL_RSA_WITH_AES_128_CBC_SHA256");
+            } else {
+                 System.setProperty("com.ibm.mq.cfg.useIBMCipherMappings", "false");
+                 factory.setSSLCipherSuite("TLS_RSA_WITH_AES_128_CBC_SHA256");
+            }
         }
         // Give up if unable to reconnect for 10 minutes
         // factory.setClientReconnectTimeout(600);