Create GitHub workflow for stale issues and PRs

V9.2.3

.github/workflows/stale.yaml

@@ -0,0 +1,22 @@
+name: Close inactive issues and PRs
+on:
+  schedule:
+    - cron: "30 1 * * *"
+
+jobs:
+  close-issues:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/stale@v3
+        with:
+          days-before-stale: 90
+          days-before-close: 30
+          stale-issue-label: "stale"
+          stale-pr-label: "stale"
+          stale-issue-message: "This issue is stale because it has been open for 90 days with no activity."
+          close-issue-message: "This issue was closed because it has been inactive for 30 days since being marked as stale."
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          exempt-issue-labels: "bug,enhancement,documentation"

.travis.yml

@@ -25,7 +25,7 @@ services:
 
 env:
   global:
-    - MAIN_BRANCH=v9.2.2
+    - MAIN_BRANCH=v9.2.3
     - MQ_LTS_VERSION=9.2.0.1
     - TAGCACHE_FILE=tagcache
     - RELEASE=r1
@@ -40,50 +40,50 @@ go_import_path: "github.com/ibm-messaging/mq-container"
 jobs:
   include:
     - stage: basic-build
-      if: branch != v9.2.2 AND tag IS blank
+      if: branch != v9.2.3 AND tag IS blank
       name: "Basic AMD64 build"
       os: linux
       env:
-        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_922_ARCHIVE_REPOSITORY_DEV_AMD64
+        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_923_ARCHIVE_REPOSITORY_DEV_AMD64
       script: bash -e travis-build-scripts/run.sh
 
     # CD Build
 
     - stage: global-tag
-      if: branch = v9.2.2 AND type != pull_request OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 AND type != pull_request OR tag =~ ^release-candidate*
       name: "Generate Global Tag"
       os: linux
       script: bash -e travis-build-scripts/global-tag.sh
     - stage: build
-      if: branch = v9.2.2 OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 OR tag =~ ^release-candidate*
       name: "Multi-Arch AMD64 build"
       os: linux
       env:
         - BUILD_ALL=true
-        - MQ_ARCHIVE_REPOSITORY=$MQ_922_ARCHIVE_REPOSITORY_AMD64
+        - MQ_ARCHIVE_REPOSITORY=$MQ_923_ARCHIVE_REPOSITORY_AMD64
-        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_922_ARCHIVE_REPOSITORY_DEV_AMD64
+        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_923_ARCHIVE_REPOSITORY_DEV_AMD64
       script: bash -e travis-build-scripts/run.sh
-    # - if: branch = v9.2.2 OR tag =~ ^release-candidate*
+    # - if: branch = v9.2.3 OR tag =~ ^release-candidate*
     #   name: "Multi-Arch PPC64LE build"
     #   os: linux-ppc64le
     #   env:
     #     - BUILD_ALL=true
     #     - TEST_OPTS_DOCKER="-run TestGoldenPathWithMetrics"
-    #     # - MQ_ARCHIVE_REPOSITORY=$MQ_922_ARCHIVE_REPOSITORY_PPC64LE
+    #     # - MQ_ARCHIVE_REPOSITORY=$MQ_923_ARCHIVE_REPOSITORY_PPC64LE
-    #     - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_922_ARCHIVE_REPOSITORY_DEV_PPC64LE
+    #     - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_923_ARCHIVE_REPOSITORY_DEV_PPC64LE
     #   script: bash -e travis-build-scripts/run.sh
     - stage: build
-      if: branch = v9.2.2 OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 OR tag =~ ^release-candidate*
       name: "Multi-Arch S390X build"
       os: linux-s390
       env:
         - BUILD_ALL=true
         - TEST_OPTS_DOCKER="-run TestGoldenPathWithMetrics"
-        - MQ_ARCHIVE_REPOSITORY=$MQ_922_ARCHIVE_REPOSITORY_S390X
+        - MQ_ARCHIVE_REPOSITORY=$MQ_923_ARCHIVE_REPOSITORY_S390X
-        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_922_ARCHIVE_REPOSITORY_DEV_S390X
+        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_923_ARCHIVE_REPOSITORY_DEV_S390X
       script: bash -e travis-build-scripts/run.sh
     - stage: push-manifest
-      if: branch = v9.2.2 AND type != pull_request OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 AND type != pull_request OR tag =~ ^release-candidate*
       name: "Push Manifest-list to registry"
       env:
         - PUSH_MANIFEST_ONLY=true
@@ -92,7 +92,7 @@ jobs:
       # LTS Build
 
     - stage: global-tag
-      if: branch = v9.2.2 AND type != pull_request OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 AND type != pull_request OR tag =~ ^release-candidate*
       name: "Generate Global Tag"
       os: linux
       env:
@@ -102,7 +102,7 @@ jobs:
         - RELEASE=$RELEASE_LTS
       script: bash -e travis-build-scripts/global-tag.sh
     - stage: build
-      if: branch = v9.2.2 OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 OR tag =~ ^release-candidate*
       name: "Multi-Arch AMD64 build"
       os: linux
       env:
@@ -113,7 +113,7 @@ jobs:
         - RELEASE=$RELEASE_LTS
       script: bash -e travis-build-scripts/run.sh
     - stage: build
-      if: branch = v9.2.2 OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 OR tag =~ ^release-candidate*
       name: "Multi-Arch S390X build"
       os: linux-s390
       env:
@@ -125,7 +125,7 @@ jobs:
         - RELEASE=$RELEASE_LTS
       script: bash -e travis-build-scripts/run.sh
     - stage: push-manifest
-      if: branch = v9.2.2 AND type != pull_request OR tag =~ ^release-candidate*
+      if: branch = v9.2.3 AND type != pull_request OR tag =~ ^release-candidate*
       name: "Push Manifest-list to registry"
       env:
         - LTS=true

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Change log
 
+## 9.2.3.0 (2021-07-22)
+
+* Updated to MQ version 9.2.3.0
+
 ## 9.2.2.0 (2021-03-26)
 
 * Updated to MQ version 9.2.2.0

Dockerfile-server

@@ -13,13 +13,13 @@
 # limitations under the License.
 
 ARG BASE_IMAGE=registry.redhat.io/ubi8/ubi-minimal
-ARG BASE_TAG=8.3-291
+ARG BASE_TAG=8.4-205
-ARG GO_WORKDIR=/go/src/github.com/ibm-messaging/mq-container
+ARG GO_WORKDIR=/opt/app-root/src/go/src/github.com/ibm-messaging/mq-container
-ARG MQ_URL="https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/9.2.2.0-IBM-MQ-Advanced-for-Developers-Non-Install-LinuxX64.tar.gz"
+ARG MQ_URL="https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/9.2.3.0-IBM-MQ-Advanced-for-Developers-Non-Install-LinuxX64.tar.gz"
 ###############################################################################
 # Build stage to build Go code
 ###############################################################################
-FROM docker.io/golang:1.14.15 as builder
+FROM registry.redhat.io/ubi8/go-toolset:1.15.13-4 as builder
 # The URL to download the MQ installer from in tar.gz format
 # This assumes an archive containing the MQ Non-Install packages
 ARG MQ_URL

Makefile

@@ -258,7 +258,7 @@ test-advancedserver: test/docker/vendor
 	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) EXPECTED_LICENSE=Production go test -parallel $(NUM_CPU) -timeout $(TEST_TIMEOUT_DOCKER) $(TEST_OPTS_DOCKER)
 
 .PHONY: build-devjmstest
-build-devjmstest:
+build-devjmstest: registry-login
 	$(info $(SPACER)$(shell printf $(TITLE)"Build JMS tests for developer config"$(END)))
 	cd test/messaging && docker build --tag $(DEV_JMS_IMAGE) .
 

README.md

@@ -44,8 +44,8 @@ For issues relating specifically to the container image or Helm chart, please us
 The Dockerfiles and associated code and scripts are licensed under the [Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).
 Licenses for the products installed within the images are as follows:
 
-- [IBM MQ Advanced for Developers](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-BMKG5H) (International License Agreement for Non-Warranted Programs). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
+- [IBM MQ Advanced for Developers](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-BYHCL7) (International License Agreement for Non-Warranted Programs). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
-- [IBM MQ Advanced](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-BVJJB3) (International Program License Agreement). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
+- [IBM MQ Advanced](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-BZDDDY) (International Program License Agreement). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
 
 Note: The IBM MQ Advanced for Developers license does not permit further distribution and the terms restrict usage to a developer machine.
 

cmd/chkmqstarted/main.go

@@ -43,20 +43,6 @@ func queueManagerStarted() (bool, error) {
 	if !strings.Contains(string(out), "(RUNNING)") && !strings.Contains(string(out), "(RUNNING AS STANDBY)") && !strings.Contains(string(out), "(STARTING)") && !strings.Contains(string(out), "(REPLICA)") {
 		return false, nil
 	}
-	if os.Getenv("MQ_NATIVE_HA") == "true" {
-		// Specify the queue manager name, just in case someone's created a second queue manager
-		// #nosec G204
-		cmd = exec.Command("dspmq", "-n", "-o", "nativeha", "-m", name)
-		// Run the command and wait for completion
-		out, err = cmd.CombinedOutput()
-		if err != nil {
-			fmt.Println(err)
-			return false, err
-		}
-		if !strings.Contains(string(out), "INSYNC(YES)") {
-			return false, nil
-		}
-	}
 	return true, nil
 }
 

config.env

@@ -1,6 +1,6 @@
 ###########################################################################################################################################################
 
 # MQ_VERSION is the fully qualified MQ version number to build
-MQ_VERSION ?= 9.2.2.0
+MQ_VERSION ?= 9.2.3.0
 
 ###########################################################################################################################################################

docs/building.md

@@ -20,7 +20,7 @@ From MQ 9.2.X, the MQ container adds support for MQ Long Term Support (LTS) **pr
 This procedure works for building the MQ Continuous Delivery release, on `amd64`, `ppc64le` and `s390x` architectures.
 
 1. Create a `downloads` directory in the root of this repository
-2. Download MQ from [IBM Passport Advantage](https://www.ibm.com/software/passportadvantage/) or [IBM Fix Central](https://www.ibm.com/support/fixcentral), and place the downloaded file (for example, `IBM_MQ_9.2.2_LINUX_X86-64_NOINST.tar.gz`) in the `downloads` directory
+2. Download MQ from [IBM Passport Advantage](https://www.ibm.com/software/passportadvantage/) or [IBM Fix Central](https://www.ibm.com/support/fixcentral), and place the downloaded file (for example, `IBM_MQ_9.2.3_LINUX_X86-64_NOINST.tar.gz`) in the `downloads` directory
 3. Login to the Red Hat Registry: `docker login registry.redhat.io` using your Customer Portal credentials.
 4. Run `make build-advancedserver`
 

docs/security.md

@@ -16,5 +16,5 @@ docker run \
   --env LICENSE=accept \
   --env MQ_QMGR_NAME=QM1 \
   --detach \
-  ibm-mqadvanced-server:9.2.2.0-amd64
+  ibm-mqadvanced-server:9.2.3.0-amd64
 ```

docs/testing.md

@@ -25,7 +25,7 @@ make advancedserver
 You can specify the image to use directly by using the `MQ_IMAGE_ADVANCEDSERVER` or `MQ_IMAGE_DEVSERVER` variables, for example:
 
 ```
-MQ_IMAGE_ADVANCEDSERVER=ibm-mqadvanced-server:9.2.2.0-amd64 make test-advancedserver
+MQ_IMAGE_ADVANCEDSERVER=ibm-mqadvanced-server:9.2.3.0-amd64 make test-advancedserver
 ```
 
 You can pass parameters to `go test` with an environment variable.  For example, to run the "TestGoldenPath" test, run the following command:

go.mod

@@ -1,6 +1,6 @@
 module github.com/ibm-messaging/mq-container
 
-go 1.14
+go 1.15
 
 require (
 	github.com/genuinetools/amicontained v0.4.0

internal/ha/ha.go

@@ -41,7 +41,7 @@ func ConfigureNativeHA(log *logger.Logger) error {
 	templateMap["NativeHAInstance2_ReplicationAddress"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_2_REPLICATION_ADDRESS")
 
 	if os.Getenv("MQ_NATIVE_HA_TLS") == "true" {
-		keyLabel, _, err := tls.ConfigureHATLSKeystore()
+		keyLabel, _, _, err := tls.ConfigureHATLSKeystore()
 		if err != nil {
 			return err
 		}

internal/tls/tls.go

@@ -76,23 +76,22 @@ type TLSStore struct {
 	Truststore KeyStoreData
 }
 
-// ConfigureDefaultTLSKeystores configures the CMS Keystore & PKCS#12 Truststore
+func configureTLSKeystores(keystoreDir, keyDir, trustDir string, p12TruststoreRequired bool) (string, KeyStoreData, KeyStoreData, error) {
-func ConfigureDefaultTLSKeystores() (string, KeyStoreData, KeyStoreData, error) {
 
-	// Create the CMS Keystore & PKCS#12 Truststore
+	// Create the CMS Keystore & PKCS#12 Truststore (if required)
-	tlsStore, err := generateAllDefaultKeystores()
+	tlsStore, err := generateAllKeystores(keystoreDir, p12TruststoreRequired)
 	if err != nil {
 		return "", tlsStore.Keystore, tlsStore.Truststore, err
 	}
 
 	// Process all keys - add them to the CMS KeyStore
-	keyLabel, err := processKeys(&tlsStore, keystoreDirDefault, keyDirDefault)
+	keyLabel, err := processKeys(&tlsStore, keystoreDir, keyDir)
 	if err != nil {
 		return "", tlsStore.Keystore, tlsStore.Truststore, err
 	}
 
-	// Process all trust certificates - add them to the CMS KeyStore & PKCS#12 Truststore
+	// Process all trust certificates - add them to the CMS KeyStore & PKCS#12 Truststore (if required)
-	err = processTrustCertificates(&tlsStore, trustDirDefault)
+	err = processTrustCertificates(&tlsStore, trustDir)
 	if err != nil {
 		return "", tlsStore.Keystore, tlsStore.Truststore, err
 	}
@@ -100,22 +99,15 @@ func ConfigureDefaultTLSKeystores() (string, KeyStoreData, KeyStoreData, error)
 	return keyLabel, tlsStore.Keystore, tlsStore.Truststore, err
 }
 
+// ConfigureDefaultTLSKeystores configures the CMS Keystore & PKCS#12 Truststore
+func ConfigureDefaultTLSKeystores() (string, KeyStoreData, KeyStoreData, error) {
+	return configureTLSKeystores(keystoreDirDefault, keyDirDefault, trustDirDefault, true)
+}
+
 // ConfigureHATLSKeystore configures the CMS Keystore & PKCS#12 Truststore
-func ConfigureHATLSKeystore() (string, KeyStoreData, error) {
+func ConfigureHATLSKeystore() (string, KeyStoreData, KeyStoreData, error) {
-
+	// *.crt files mounted to the HA TLS dir keyDirHA will be processed as trusted in the CMS keystore
-	// Create a CMS Keystore only
+	return configureTLSKeystores(keystoreDirHA, keyDirHA, keyDirHA, false)
-	tlsStore, err := generateHAKeystore()
-	if err != nil {
-		return "", tlsStore.Keystore, err
-	}
-
-	// Process all keys - add them to the CMS KeyStore
-	keyLabel, err := processKeys(&tlsStore, keystoreDirHA, keyDirHA)
-	if err != nil {
-		return "", tlsStore.Keystore, err
-	}
-
-	return keyLabel, tlsStore.Keystore, err
 }
 
 // ConfigureTLS configures TLS for the queue manager
@@ -166,8 +158,8 @@ func configureTLSDev(log *logger.Logger) error {
 	return nil
 }
 
-// generateAllDefaultKeystores creates the CMS Keystore & PKCS#12 Truststore
+// generateAllKeystores creates the CMS Keystore & PKCS#12 Truststore (if required)
-func generateAllDefaultKeystores() (TLSStore, error) {
+func generateAllKeystores(keystoreDir string, p12TruststoreRequired bool) (TLSStore, error) {
 
 	var cmsKeystore, p12Truststore KeyStoreData
 
@@ -178,52 +170,30 @@ func generateAllDefaultKeystores() (TLSStore, error) {
 
 	// Create the Keystore directory - if it does not already exist
 	// #nosec G301 - write group permissions are required
-	err := os.MkdirAll(keystoreDirDefault, 0770)
+	err := os.MkdirAll(keystoreDir, 0770)
 	if err != nil {
 		return TLSStore{cmsKeystore, p12Truststore}, fmt.Errorf("Failed to create Keystore directory: %v", err)
 	}
 
 	// Create the CMS Keystore
-	cmsKeystore.Keystore = keystore.NewCMSKeyStore(filepath.Join(keystoreDirDefault, cmsKeystoreName), cmsKeystore.Password)
+	cmsKeystore.Keystore = keystore.NewCMSKeyStore(filepath.Join(keystoreDir, cmsKeystoreName), cmsKeystore.Password)
 	err = cmsKeystore.Keystore.Create()
 	if err != nil {
 		return TLSStore{cmsKeystore, p12Truststore}, fmt.Errorf("Failed to create CMS Keystore: %v", err)
 	}
 
-	// Create the PKCS#12 Truststore
+	// Create the PKCS#12 Truststore (if required)
-	p12Truststore.Keystore = keystore.NewPKCS12KeyStore(filepath.Join(keystoreDirDefault, p12TruststoreName), p12Truststore.Password)
+	if p12TruststoreRequired {
+		p12Truststore.Keystore = keystore.NewPKCS12KeyStore(filepath.Join(keystoreDir, p12TruststoreName), p12Truststore.Password)
 		err = p12Truststore.Keystore.Create()
 		if err != nil {
 			return TLSStore{cmsKeystore, p12Truststore}, fmt.Errorf("Failed to create PKCS#12 Truststore: %v", err)
 		}
+	}
+
 	return TLSStore{cmsKeystore, p12Truststore}, nil
 }
 
-// generateHAKeystore creates the CMS Keystore for Native HA replication
-func generateHAKeystore() (TLSStore, error) {
-	var cmsKeystore KeyStoreData
-
-	// Generate a pasword for use with the CMS Keystore
-	pw := generateRandomPassword()
-	cmsKeystore.Password = pw
-
-	// Create the Keystore directory - if it does not already exist
-	// #nosec G301 - write group permissions are required
-	err := os.MkdirAll(keystoreDirHA, 0770)
-	if err != nil {
-		return TLSStore{Keystore: cmsKeystore}, fmt.Errorf("Failed to create HA Keystore directory: %v", err)
-	}
-
-	// Create the CMS Keystore
-	cmsKeystore.Keystore = keystore.NewCMSKeyStore(filepath.Join(keystoreDirHA, cmsKeystoreName), cmsKeystore.Password)
-	err = cmsKeystore.Keystore.Create()
-	if err != nil {
-		return TLSStore{Keystore: cmsKeystore}, fmt.Errorf("Failed to create CMS Keystore: %v", err)
-	}
-
-	return TLSStore{Keystore: cmsKeystore}, nil
-}
-
 // processKeys processes all keys - adding them to the CMS KeyStore
 func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string, error) {
 
@@ -273,7 +243,7 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 			// Import the new PKCS#12 Keystore into the CMS Keystore
 			err = tlsStore.Keystore.Keystore.Import(filepath.Join(keystoreDir, keySet.Name()+".p12"), tlsStore.Keystore.Password)
 			if err != nil {
-				return "", fmt.Errorf("Failed tp import keys from %s into CMS Keystore: %v", filepath.Join(keystoreDir, keySet.Name()+".p12"), err)
+				return "", fmt.Errorf("Failed to import keys from %s into CMS Keystore: %v", filepath.Join(keystoreDir, keySet.Name()+".p12"), err)
 			}
 
 			// Relabel the certificate in the CMS Keystore
@@ -292,7 +262,7 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 	return keyLabel, nil
 }
 
-// processTrustCertificates processes all trust certificates - adding them to the CMS KeyStore & PKCS#12 Truststore
+// processTrustCertificates processes all trust certificates - adding them to the CMS KeyStore & PKCS#12 Truststore (if required)
 func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
 
 	// Process all trust certiifcates
@@ -324,6 +294,7 @@ func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
 							return fmt.Errorf("Failed to add to know certificates for CMS Keystore")
 						}
 
+						if tlsStore.Truststore.Keystore != nil {
 							// Add to known certificates for the PKCS#12 Truststore
 							err = addToKnownCertificates(block, &tlsStore.Truststore, true)
 							if err != nil {
@@ -334,9 +305,10 @@ func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
 				}
 			}
 		}
+	}
 
-	// Add all trust certificates to PKCS#12 Truststore
+	// Add all trust certificates to PKCS#12 Truststore (if required)
-	if len(tlsStore.Truststore.TrustedCerts) > 0 {
+	if tlsStore.Truststore.Keystore != nil && len(tlsStore.Truststore.TrustedCerts) > 0 {
 		err = addCertificatesToTruststore(&tlsStore.Truststore)
 		if err != nil {
 			return err
@@ -438,7 +410,7 @@ func processCertificates(keyDir string, keySetName, keyPrefix string, keys []os.
 					return nil, nil, fmt.Errorf("Failed to add to know certificates for CMS Keystore")
 				}
 
-				if p12Truststore != nil {
+				if p12Truststore.Keystore != nil {
 					// Add to known certificates for the PKCS#12 Truststore
 					err = addToKnownCertificates(block, p12Truststore, true)
 					if err != nil {

test/docker/go.mod

@@ -1,6 +1,6 @@
 module github.com/ibm-messaging/mq-container/test/docker
 
-go 1.14
+go 1.15
 
 require (
 	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect

test/messaging/Dockerfile

@@ -15,23 +15,24 @@
 ###############################################################################
 # Application build environment (Maven)
 ###############################################################################
-FROM docker.io/maven:3-ibmjava as builder
+FROM registry.redhat.io/ubi8/openjdk-8 as builder
-COPY pom.xml /usr/src/mymaven/
+COPY pom.xml .
-WORKDIR /usr/src/mymaven
+#WORKDIR /usr/src/mymaven
 # Download dependencies separately, so Docker caches them
 RUN mvn dependency:go-offline install
 # Copy source
-COPY src /usr/src/mymaven/src
+COPY src .
 # Run the main build
 RUN mvn --offline install
 # Print a list of all the files (useful for debugging)
-RUN find /usr/src/mymaven
+RUN find .
 
 ###############################################################################
 # Application runtime (JRE only, no build environment)
 ###############################################################################
-FROM docker.io/ibmjava:8-jre
+# OpenJDK is not technically supported with the MQ client, but is good enough for these tests
-COPY --from=builder /usr/src/mymaven/target/*.jar /opt/app/
+FROM registry.redhat.io/ubi8/openjdk-8-runtime
-COPY --from=builder /usr/src/mymaven/target/lib/*.jar /opt/app/
+COPY --from=builder /home/jboss/target/*.jar /opt/app/
+COPY --from=builder /home/jboss/target/lib/*.jar /opt/app/
 USER 1001
 ENTRYPOINT ["java", "-classpath", "/opt/app/*", "org.junit.platform.console.ConsoleLauncher", "-p", "com.ibm.mqcontainer.test", "--details", "verbose"]

travis-build-scripts/run.sh

@@ -18,6 +18,9 @@ set -e
 
 if [ "$(uname -m)" = "x86_64" ] ; then export ARCH="amd64" ; else export ARCH=$(uname -m) ; fi
 
+# if DOCKER_USER is set, authenticate with docker.io to mitigate rate limit (https://www.docker.com/increase-rate-limits)
+if [ -n "$DOCKER_USER" ] ; then echo 'Authenticating with docker.io...' && docker login -u $DOCKER_USER -p $DOCKER_PASS docker.io ; fi
+
 if [ "$PUSH_MANIFEST_ONLY" = true ] ; then
   echo 'Retrieving remote tagcache' && echo -en 'travis_fold:start:retrieve-tag-cache\\r'
   ./travis-build-scripts/artifact-util.sh -c ${CACHE_PATH} -u ${REPOSITORY_USER} -p ${REPOSITORY_CREDENTIAL} -f cache/${TAGCACHE_FILE} -l ./.tagcache --get