MQ container 9.2.0.0-r2

Updated to latest UBI version
Updated to go 1.13.15, switched to community goloang image
2020-09-28 10:49:36 +01:00 · 2020-09-28 10:49:36 +01:00 · 2020-09-28 10:49:36 +01:00 · 2020-09-28 10:49:36 +01:00 · 2020-09-28 10:49:36 +01:00 · 2020-09-28 10:49:36 +01:00
1433 changed files with 268058 additions and 130803 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -13,10 +13,3 @@ vendor/github.com/prometheus/client_model/.project
 vendor/github.com/prometheus/client_model/.settings*
 gosec_results.json
 internal/qmgrauth/qmgroam/patch
 .tagcache
 # Nix
 *.nix
 .envrc
 .direnv
 result
--- a/.travis.yml
+++ b/.travis.yml
@@ -12,82 +12,69 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
-dist: bionic
+# Temporarily removing dist tag as not supported by power build
-group: beta
+# dist: xenial
 sudo: required
 language: go
 go:
-  - "1.17.12"
+  - "1.13.15"
 services:
  - docker
 env:
  global:
    - MAIN_BRANCH=v9.3.1
    - TAGCACHE_FILE=tagcache
    - RELEASE=r1
 go_import_path: "github.com/ibm-messaging/mq-container"
 # cache:
 #   directories:
 #     - downloads
 env:
  global:
    - RELEASE="r2"
 jobs:
  include:
    - stage: basic-build
-      if: branch != v9.3.1 AND tag IS blank
+      if: branch != private-master AND tag IS blank
      name: "Basic AMD64 build"
      os: linux
      env:
-        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_931_ARCHIVE_REPOSITORY_DEV_AMD64
+        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_920_ARCHIVE_REPOSITORY_DEV_AMD64
      script: bash -e travis-build-scripts/run.sh
    # CD Build
    - stage: global-tag
      if: branch = v9.3.1 AND type != pull_request OR tag =~ ^release-candidate*
      name: "Generate Global Tag"
      os: linux
      script: bash -e travis-build-scripts/global-tag.sh
    - stage: build
-      if: branch = v9.3.1 OR tag =~ ^release-candidate*
+      if: branch = private-master OR tag =~ ^release-candidate*
      name: "Multi-Arch AMD64 build"
      os: linux
      env:
        - BUILD_ALL=true
-        - MQ_ARCHIVE_REPOSITORY=$MQ_931_ARCHIVE_REPOSITORY_AMD64
+        - MQ_ARCHIVE_REPOSITORY=$MQ_920_ARCHIVE_REPOSITORY_AMD64
-        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_931_ARCHIVE_REPOSITORY_DEV_AMD64
+        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_920_ARCHIVE_REPOSITORY_DEV_AMD64
      script: bash -e travis-build-scripts/run.sh
    # - if: branch = private-master OR tag =~ ^release-candidate*
    #   name: "Multi-Arch PPC64LE build"
    #   os: linux-ppc64le
    #   env:
    #     - BUILD_ALL=true
    #     - TEST_OPTS_DOCKER="-run TestGoldenPathWithMetrics"
    #     # - MQ_ARCHIVE_REPOSITORY=$MQ_920_ARCHIVE_REPOSITORY_PPC64LE
    #     - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_920_ARCHIVE_REPOSITORY_DEV_PPC64LE
    #   script: bash -e travis-build-scripts/run.sh
    - stage: build
-      if: branch = v9.3.1 OR tag =~ ^release-candidate*
+      if: branch = private-master OR tag =~ ^release-candidate*
      name: "Multi-Arch S390X build"
      os: linux-s390
      env:
        - BUILD_ALL=true
        - TEST_OPTS_DOCKER="-run TestGoldenPathWithMetrics"
-        - MQ_ARCHIVE_REPOSITORY=$MQ_931_ARCHIVE_REPOSITORY_S390X
+        - MQ_ARCHIVE_REPOSITORY=$MQ_920_ARCHIVE_REPOSITORY_S390X
-        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_931_ARCHIVE_REPOSITORY_DEV_S390X
+        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_920_ARCHIVE_REPOSITORY_DEV_S390X
      script: bash -e travis-build-scripts/run.sh
    - stage: build
      if: branch = v9.3.1 OR tag =~ ^release-candidate*
      name: "Multi-Arch PPC64LE build"
      os: linux-ppc64le
      env:
        - BUILD_ALL=true
        - TEST_OPTS_DOCKER="-run TestGoldenPathWithMetrics"
        - MQ_ARCHIVE_REPOSITORY=$MQ_931_ARCHIVE_REPOSITORY_PPC64LE
        - MQ_ARCHIVE_REPOSITORY_DEV=$MQ_931_ARCHIVE_REPOSITORY_DEV_PPC64LE
      script: bash -e travis-build-scripts/run.sh
    - stage: push-manifest
-      if: branch = v9.3.1 AND type != pull_request OR tag =~ ^release-candidate*
+      if: branch = private-master OR tag =~ ^release-candidate*
      name: "Push Manifest-list to registry"
-      env:
+      script: make push-manifest
        - PUSH_MANIFEST_ONLY=true
      script: bash -e travis-build-scripts/run.sh
 before_install:
  - make install-build-deps
  - make install-credential-helper
--- a/.whitesource
+++ b/.whitesource
@@ -1,9 +0,0 @@
 {
  "settingsInheritedFrom": "whitesource-config/whitesource-config@master",
  "scanSettings": {
      "baseBranches": ["private-master", "v9.2.0.x-eus", "v9.3.0.x"]
  },
  "issueSettings": {
      "issueRepoName": "whitesource-scan-issues"
    }
 }
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,52 +1,5 @@
 # Change log
 ## 9.3.1.1 (2023-01)
 * Updated to MQ version 9.3.1.1
 ## 9.3.1.0-r2 (2022-11)
 * Queue manager attribute SSLKEYR is now set to blank instead of '/run/runmqserver/tls/key' if key and certificate are not supplied.
 ## 9.3.1.0 (2022-10)
 * Updated to MQ version 9.3.1.0
 ## 9.3.0.0 (2022-06)
 * Updated to MQ version 9.3.0.0
 * Use `registry.access.redhat.com` instead of `registry.redhat.io`, so that you don't need to login with a Red Hat account.
 * Updated default developer config to use TLS cipher `ANY_TLS12_OR_HIGHER` instead of `ANY_TLS12`
 * Added default `jvm.options` file fix issue with missing preferences file causing an error in the web server log.
 * Updated to allow building image from Podman on macOS (requires Podman 4.1)
 * Container builds are now faster
 * Updated signal handling to use a buffer, as recommended by the Go 1.17 vetting tool
 ## 9.2.5.0 (2022-03)
 * Updated to MQ version 9.2.5.0
 ## 9.2.4.0 (2021-11)
 * Updated to MQ version 9.2.4.0
 ## 9.2.3.0 (2021-07-22)
 * Updated to MQ version 9.2.3.0
 ## 9.2.2.0 (2021-03-26)
 * Updated to MQ version 9.2.2.0
 ## 9.2.1.0 (2020-02-18)
 * Updated to MQ version 9.2.1.0
 ## 9.2.0.1-LTS (2020-12-04)
 * Added support for MQ Long Term Support (production licensed only) in the mq-container
 ## 9.2.0.0 (2020-07-23)
 * Updated to [MQ version 9.2.0.0](https://www.ibm.com/support/knowledgecenter/SSFKSJ_9.2.0/com.ibm.mq.pro.doc/q113110_.htm)
@@ -62,7 +15,7 @@
 * Updated to MQ version 9.1.4.0
 * Updated to use UBI8 as base image
 * Added required security settings to self signed certificates to align with macOS Catalina requirements
-
+  
 ## 9.1.3.0 (2019-07-19)
 * Updated to MQ version 9.1.3.0
@@ -83,7 +36,7 @@
 * Security fixes
 * Web console added to production image
 * Container built on RedHat host
-
+  
 ## 9.1.2.0 (2019-03-21)
 * Updated to MQ version 9.1.2.0
--- a/138
+++ b/138
@@ -1,4 +1,4 @@
-# © Copyright IBM Corporation 2015, 2022
+# © Copyright IBM Corporation 2015, 2020
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,16 +12,14 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
-ARG BASE_IMAGE=registry.access.redhat.com/ubi8/ubi-minimal
+ARG BASE_IMAGE=registry.redhat.io/ubi8/ubi-minimal
-ARG BASE_TAG=8.7-1031
+ARG BASE_TAG=8.2-349
-ARG BUILDER_IMAGE=registry.access.redhat.com/ubi8/go-toolset
+ARG GO_WORKDIR=/go/src/github.com/ibm-messaging/mq-container
-ARG BUILDER_TAG=1.17.12-11
+ARG MQ_URL="https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/9.2.0.0-IBM-MQ-Advanced-for-Developers-Non-Install-LinuxX64.tar.gz"
 ARG GO_WORKDIR=/opt/app-root/src/go/src/github.com/ibm-messaging/mq-container
 ARG MQ_URL="https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/9.3.1.1-IBM-MQ-Advanced-for-Developers-Non-Install-LinuxX64.tar.gz"
 ###############################################################################
 # Build stage to build Go code
 ###############################################################################
-FROM $BUILDER_IMAGE:$BUILDER_TAG as builder
+FROM golang:1.13.15 as builder
 # The URL to download the MQ installer from in tar.gz format
 # This assumes an archive containing the MQ Non-Install packages
 ARG MQ_URL
@@ -30,33 +28,31 @@ ARG IMAGE_SOURCE="Not specified"
 ARG IMAGE_TAG="Not specified"
 ARG GO_WORKDIR
 USER 0
-WORKDIR /opt/mqm
+COPY install-mq.sh /usr/local/bin/
-# Download and extract MQ files, to get the MQ client needed to compile.
+RUN mkdir /opt/mqm \
-# Only extract certain MQ files to make the build quicker
+  && chmod a+x /usr/local/bin/install-mq.sh \
-RUN curl --fail --location $MQ_URL | tar --extract --gunzip \
+  && sleep 1 \
  && INSTALL_SDK=1 install-mq.sh \
  && chown -R 1001:root /opt/mqm/*
 WORKDIR $GO_WORKDIR/
 COPY go.mod go.sum ./
 COPY cmd/ ./cmd
 COPY internal/ ./internal
 COPY pkg/ ./pkg
 COPY vendor/ ./vendor
 ENV CGO_CFLAGS="-I/opt/mqm/inc/" \
-    CGO_LDFLAGS_ALLOW="-Wl,-rpath.*" \
+    CGO_LDFLAGS_ALLOW="-Wl,-rpath.*"
-    PATH="${PATH}:/opt/mqm/bin"
+RUN go build -ldflags "-X \"main.ImageCreated=$(date --iso-8601=seconds)\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\" -X \"main.ImageTag=$IMAGE_TAG\"" ./cmd/runmqserver/
-RUN go build -ldflags "-X \"main.ImageCreated=$(date --iso-8601=seconds)\" -X \"main.ImageRevision=$IMAGE_REVISION\" -X \"main.ImageSource=$IMAGE_SOURCE\" -X \"main.ImageTag=$IMAGE_TAG\"" ./cmd/runmqserver/ \
+RUN go build ./cmd/chkmqready/
-  && go build ./cmd/chkmqready/ \
+RUN go build ./cmd/chkmqhealthy/
-  && go build ./cmd/chkmqhealthy/ \
+RUN go build ./cmd/runmqdevserver/
-  && go build ./cmd/chkmqstarted/ \
+RUN go build -buildmode=c-shared -o amqpasdev.so ./internal/qmgrauth/pas.go
-  && go build ./cmd/runmqdevserver/ \
+RUN go test -v ./cmd/runmqdevserver/...
-  && go test -v ./cmd/runmqdevserver/... \
+RUN go test -v ./cmd/runmqserver/
-  && go test -v ./cmd/runmqserver/ \
+RUN go test -v ./cmd/chkmqready/
-  && go test -v ./cmd/chkmqready/ \
+RUN go test -v ./cmd/chkmqhealthy/
-  && go test -v ./cmd/chkmqhealthy/ \
+RUN go test -v ./pkg/...
-  && go test -v ./cmd/chkmqstarted/ \
+RUN go test -v ./internal/...
-  && go test -v ./pkg/... \
+RUN go vet ./cmd/... ./internal/...
  && go test -v ./internal/... \
  && go vet ./cmd/... ./internal/...
 ###############################################################################
 # Main build stage, to build MQ image
@@ -67,18 +63,18 @@ ARG MQ_URL
 ARG BASE_IMAGE
 ARG BASE_TAG
 ARG GO_WORKDIR
-LABEL summary="IBM MQ Advanced Server" \
+LABEL summary="IBM MQ Advanced Server"
-      description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises" \
+LABEL description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises"
-      vendor="IBM" \
+LABEL vendor="IBM"
-      maintainer="IBM" \
+LABEL maintainer="IBM"
-      distribution-scope="private" \
+LABEL distribution-scope="private"
-      authoritative-source-url="https://www.ibm.com/software/passportadvantage/" \
+LABEL authoritative-source-url="https://www.ibm.com/software/passportadvantage/"
-      url="https://www.ibm.com/products/mq/advanced" \
+LABEL url="https://www.ibm.com/products/mq/advanced"
-      io.openshift.tags="mq messaging" \
+LABEL io.openshift.tags="mq messaging"
-      io.k8s.display-name="IBM MQ Advanced Server" \
+LABEL io.k8s.display-name="IBM MQ Advanced Server"
-      io.k8s.description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises" \
+LABEL io.k8s.description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises"
-      base-image=$BASE_IMAGE \
+LABEL base-image=$BASE_IMAGE
-      base-image-release=$BASE_TAG
+LABEL base-image-release=$BASE_TAG
 COPY install-mq.sh /usr/local/bin/
 COPY install-mq-server-prereqs.sh /usr/local/bin/
 # Install MQ.  To avoid a "text file busy" error here, we sleep before installing.
@@ -90,16 +86,18 @@ RUN env \
  && install-mq.sh \
  && /opt/mqm/bin/security/amqpamcf \
  && chown -R 1001:root /opt/mqm/*
 # Create a directory for runtime data from runmqserver
 RUN mkdir -p /run/runmqserver \
  && chown 1001:root /run/runmqserver
 COPY --from=builder $GO_WORKDIR/runmqserver /usr/local/bin/
 COPY --from=builder $GO_WORKDIR/chkmq* /usr/local/bin/
 COPY NOTICES.txt /opt/mqm/licenses/notices-container.txt
 COPY ha/native-ha.ini.tpl /etc/mqm/native-ha.ini.tpl
 # Copy web XML files
 COPY web /etc/mqm/web
 COPY etc/mqm/*.tpl /etc/mqm/
 RUN chmod ug+x /usr/local/bin/runmqserver \
  && chown 1001:root /usr/local/bin/*mq* \
-  && chmod ug+x /usr/local/bin/chkmq* \
+  && chmod ug+xs /usr/local/bin/chkmq* \
  && chown -R 1001:root /etc/mqm/* \
  && install --directory --mode 2775 --owner 1001 --group root /run/runmqserver \
  && touch /run/termination-log \
@@ -116,21 +114,6 @@ USER 1001
 ENV MQ_CONNAUTH_USE_HTP=false
 ENTRYPOINT ["runmqserver"]
 ###############################################################################
 # Build stage to build C code for custom authorization service (developer-only)
 ###############################################################################
 # Use the Go toolset image, which already includes gcc and the MQ SDK
 FROM builder as cbuilder
 # The URL to download the MQ installer from in tar.gz format
 # This assumes an archive containing the MQ Non-Install packages
 ARG MQ_URL
 USER 0
 # Install the Apache Portable Runtime code (used for htpasswd hash checking)
 RUN yum --assumeyes --disableplugin=subscription-manager install apr-devel apr-util-openssl apr-util-devel
 COPY authservice/ /opt/app-root/src/authservice/
 WORKDIR /opt/app-root/src/authservice/mqhtpass
 RUN make all
 ###############################################################################
 # Add default developer config
 ###############################################################################
@@ -138,25 +121,31 @@ FROM mq-server AS mq-dev-server
 ARG BASE_IMAGE
 ARG BASE_TAG
 ARG GO_WORKDIR
-LABEL summary="IBM MQ Advanced for Developers Server" \
+# Enable MQ developer default configuration
-      description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises" \
+ENV MQ_DEV=true
-      vendor="IBM" \
+LABEL summary="IBM MQ Advanced for Developers Server"
-      distribution-scope="private" \
+LABEL description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises"
-      authoritative-source-url="https://www.ibm.com/software/passportadvantage/" \
+LABEL vendor="IBM"
-      url="https://www.ibm.com/products/mq/advanced" \
+LABEL distribution-scope="private"
-      io.openshift.tags="mq messaging" \
+LABEL authoritative-source-url="https://www.ibm.com/software/passportadvantage/"
-      io.k8s.display-name="IBM MQ Advanced for Developers Server" \
+LABEL url="https://www.ibm.com/products/mq/advanced"
-      io.k8s.description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises" \
+LABEL io.openshift.tags="mq messaging"
-      base-image=$BASE_IMAGE \
+LABEL io.k8s.display-name="IBM MQ Advanced for Developers Server"
-      base-image-release=$BASE_TAG
+LABEL io.k8s.description="Simplify, accelerate and facilitate the reliable exchange of data with a security-rich messaging solution — trusted by the world’s most successful enterprises"
 LABEL base-image=$BASE_IMAGE
 LABEL base-image-release=$BASE_TAG
 USER 0
-COPY --from=cbuilder /opt/app-root/src/authservice/mqhtpass/build/mqhtpass.so /opt/mqm/lib64/
+COPY --from=builder $GO_WORKDIR/amqpas* /opt/mqm/lib64/
 COPY etc/mqm/*.ini /etc/mqm/
 COPY etc/mqm/mq.htpasswd /etc/mqm/
 RUN chmod 0660 /etc/mqm/mq.htpasswd
 COPY incubating/mqadvanced-server-dev/install-extra-packages.sh /usr/local/bin/
 RUN chmod u+x /usr/local/bin/install-extra-packages.sh \
  && sleep 1 \
  && install-extra-packages.sh
 # Create a directory for runtime data from runmqserver
 RUN mkdir -p /run/runmqdevserver \
  && chown 1001:root /run/runmqdevserver
 COPY --from=builder $GO_WORKDIR/runmqdevserver /usr/local/bin/
 # Copy template files
 COPY incubating/mqadvanced-server-dev/*.tpl /etc/mqm/
@@ -165,13 +154,10 @@ COPY incubating/mqadvanced-server-dev/web /etc/mqm/web
 RUN chown -R 1001:root /etc/mqm/* \
  && chmod -R g+w /etc/mqm/web \
  && chmod +x /usr/local/bin/runmq* \
  && chmod 0660 /etc/mqm/mq.htpasswd \
  && install --directory --mode 2775 --owner 1001 --group root /run/runmqdevserver
-ENV MQ_DEV=true \
+ENV MQ_ENABLE_EMBEDDED_WEB_SERVER=1 MQ_GENERATE_CERTIFICATE_HOSTNAME=localhost
-    MQ_ENABLE_EMBEDDED_WEB_SERVER=1 \
+ENV LD_LIBRARY_PATH=/opt/mqm/lib64
-    MQ_GENERATE_CERTIFICATE_HOSTNAME=localhost \
+ENV MQS_PERMIT_UNKNOWN_ID=true
-    LD_LIBRARY_PATH=/opt/mqm/lib64 \
+ENV MQ_CONNAUTH_USE_HTP=true
    MQ_CONNAUTH_USE_HTP=true \
    MQS_PERMIT_UNKNOWN_ID=true
 USER 1001
 ENTRYPOINT ["runmqdevserver"]
--- a/366
+++ b/366
@@ -1,4 +1,4 @@
-# © Copyright IBM Corporation 2017, 2022
+# © Copyright IBM Corporation 2017, 2020
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,19 +16,10 @@
 # Conditional variables - you can override the values of these variables from
 # the command line
 ###############################################################################
 include config.env
 include source-branch.env
 # arch_uname is the platform architecture according to the uname program.  Can be differ by OS, e.g. `arm64` on macOS, but `aarch64` on Linux.
 arch_uname := $(shell uname -m)
 # arch_go is the platform architecture in Go-style (e.g. amd64, ppc64le, s390x or arm64).
 arch_go := $(if $(findstring x86_64,$(arch_uname)),amd64,$(if $(findstring aarch64,$(arch_uname)),arm64,$(arch_uname)))
 # ARCH is the platform architecture in Go-style (e.g. amd64, ppc64le, s390x or arm64).
 # Override this to build an image for a different architecture.  Note that RUN instructions will not be able to succeed without the help of emulation provided by packages like qemu-user-static.
 ARCH ?= $(arch_go)
 # RELEASE shows what release of the container code has been built
 RELEASE ?=
 # MQ_VERSION is the fully qualified MQ version number to build
 MQ_VERSION ?= 9.2.0.0
 # MQ_ARCHIVE_REPOSITORY is a remote repository from which to pull the MQ_ARCHIVE (if required)
 MQ_ARCHIVE_REPOSITORY ?=
 # MQ_ARCHIVE_REPOSITORY_DEV is a remote repository from which to pull the MQ_ARCHIVE_DEV (if required)
@@ -47,16 +38,12 @@ MQ_ARCHIVE_DEV ?= $(MQ_VERSION)-IBM-MQ-Advanced-for-Developers-Non-Install-$(MQ_
 MQ_SDK_ARCHIVE ?= $(MQ_ARCHIVE_DEV_$(MQ_VERSION))
 # Options to `go test` for the Docker tests
 TEST_OPTS_DOCKER ?=
 # Timeout for the Docker tests
 TEST_TIMEOUT_DOCKER ?= 30m
 # MQ_IMAGE_ADVANCEDSERVER is the name of the built MQ Advanced image
 MQ_IMAGE_ADVANCEDSERVER ?=ibm-mqadvanced-server
 # MQ_IMAGE_DEVSERVER is the name of the built MQ Advanced for Developers image
 MQ_IMAGE_DEVSERVER ?=ibm-mqadvanced-server-dev
 # MQ_MANIFEST_TAG is the tag to use for fat-manifest
 MQ_MANIFEST_TAG ?= $(MQ_VERSION)$(RELEASE_TAG)$(LTS_TAG)$(MQ_MANIFEST_TAG_SUFFIX)
 # MQ_TAG is the tag of the built MQ Advanced image & MQ Advanced for Developers image
-MQ_TAG ?= $(MQ_MANIFEST_TAG)-$(ARCH)
+MQ_TAG ?=$(MQ_VERSION)-$(ARCH)
 # COMMAND is the container command to run.  "podman" or "docker"
 COMMAND ?=$(shell type -p podman 2>&1 >/dev/null && echo podman || echo docker)
 # MQ_DELIVERY_REGISTRY_HOSTNAME is a remote registry to push the MQ Image to (if required)
@@ -67,28 +54,26 @@ MQ_DELIVERY_REGISTRY_NAMESPACE ?=
 MQ_DELIVERY_REGISTRY_USER ?=
 # MQ_DELIVERY_REGISTRY_CREDENTIAL is the password/API key for the remote registry (if required)
 MQ_DELIVERY_REGISTRY_CREDENTIAL ?=
-# LTS is a boolean value to enable/disable LTS container build
+# REGISTRY_USER is the username used to login to the Red Hat registry
-LTS ?= false
+REGISTRY_USER ?=
-# VOLUME_MOUNT_OPTIONS is used when bind-mounting files from the "downloads" directory into the container.  By default, SELinux labels are automatically re-written, but this doesn't work on some filesystems with extended attributes (xattrs).  You can turn off the label re-writing by setting this variable to be blank.
+# REGISTRY_PASS is the password used to login to the Red Hat registry
-VOLUME_MOUNT_OPTIONS ?= :Z
+REGISTRY_PASS ?=
 # ARCH is the platform architecture (e.g. amd64, ppc64le or s390x)
 ARCH ?= $(if $(findstring x86_64,$(shell uname -m)),amd64,$(shell uname -m))
 # Tag to use for fat-manifest 
 MQ_MANIFEST_TAG=$(MQ_VERSION)
 ###############################################################################
 # Other variables
 ###############################################################################
 # Build doesn't work if BuildKit is enabled
 DOCKER_BUILDKIT=0
 # Lock Docker API version for compatibility with Podman and with the Docker version in Travis' Ubuntu Bionic
 DOCKER_API_VERSION=1.40
 GO_PKG_DIRS = ./cmd ./internal ./test
 MQ_ARCHIVE_TYPE=LINUX
 MQ_ARCHIVE_DEV_TYPE=Linux
 # BUILD_SERVER_CONTAINER is the name of the web server container used at build time
 BUILD_SERVER_CONTAINER=build-server
 # BUILD_SERVER_NETWORK is the name of the network to use for the web server container used at build time
 BUILD_SERVER_NETWORK=build
 # NUM_CPU is the number of CPUs available to Docker.  Used to control how many
 # test run in parallel
-NUM_CPU ?= $(or $(shell $(COMMAND) info --format "{{ .NCPU }}"),2)
+NUM_CPU = $(or $(shell docker info --format "{{ .NCPU }}"),2)
 # BASE_IMAGE_TAG is a normalized version of BASE_IMAGE, suitable for use in a Docker tag
 BASE_IMAGE_TAG=$(lastword $(subst /, ,$(subst :,-,$(BASE_IMAGE))))
 #BASE_IMAGE_TAG=$(subst /,-,$(subst :,-,$(BASE_IMAGE)))
@@ -113,38 +98,12 @@ endif
 # Try to figure out which archive to use from the architecture
 ifeq "$(ARCH)" "amd64"
-	MQ_ARCHIVE_ARCH:=X86-64
+	MQ_ARCHIVE_ARCH=X86-64
-	MQ_ARCHIVE_DEV_ARCH:=X64
+	MQ_ARCHIVE_DEV_ARCH=X64
 else ifeq "$(ARCH)" "ppc64le"
-	MQ_ARCHIVE_ARCH:=PPC64LE
+	MQ_ARCHIVE_ARCH=PPC64LE
 	MQ_ARCHIVE_DEV_ARCH:=PPC64LE
 else ifeq "$(ARCH)" "s390x"
-	MQ_ARCHIVE_ARCH:=S390X
+	MQ_ARCHIVE_ARCH=S390X
 	MQ_ARCHIVE_DEV_ARCH:=S390X
 else ifeq "$(ARCH)" "arm64"
 	MQ_ARCHIVE_ARCH:=ARM64
 	MQ_ARCHIVE_DEV_ARCH:=ARM64
 endif
 # If this is a fake master build, push images to alternative location (pipeline wont consider these images GA candidates)
 ifeq ($(shell [ "$(TRAVIS)" = "true" ] && [ -n "$(MAIN_BRANCH)" ] && [ -n "$(SOURCE_BRANCH)" ] && [ "$(MAIN_BRANCH)" != "$(SOURCE_BRANCH)" ] && echo "true"), true)
 	MQ_DELIVERY_REGISTRY_NAMESPACE="master-fake"
 endif
 # LTS_TAG is the tag modifier for an LTS container build
 LTS_TAG=
 ifeq "$(LTS)" "true"
 ifneq "$(LTS_TAG_OVERRIDE)" "$(EMPTY)"
 	LTS_TAG=$(LTS_TAG_OVERRIDE)
 else
 	LTS_TAG=-lts
 endif
 	MQ_ARCHIVE:=$(MQ_VERSION)-IBM-MQ-Advanced-Non-Install-Linux$(MQ_ARCHIVE_ARCH).tar.gz
 	MQ_DELIVERY_REGISTRY_NAMESPACE:=$(MQ_DELIVERY_REGISTRY_NAMESPACE)$(LTS_TAG)
 endif
 ifneq (,$(findstring release-candidate,$(TRAVIS_TAG)))
    MQ_DELIVERY_REGISTRY_NAMESPACE=release-candidates
 endif
 ifneq "$(MQ_DELIVERY_REGISTRY_NAMESPACE)" "$(EMPTY)"
@@ -153,63 +112,21 @@ else
 	MQ_DELIVERY_REGISTRY_FULL_PATH=$(MQ_DELIVERY_REGISTRY_HOSTNAME)
 endif
 # image tagging
 ifneq "$(RELEASE)" "$(EMPTY)"
-	EXTRA_LABELS_RELEASE=--label "release=$(RELEASE)"
+	MQ_TAG=$(MQ_VERSION)-$(RELEASE)-$(ARCH)
-	RELEASE_TAG="-$(RELEASE)"
+	EXTRA_LABELS=--label release=$(RELEASE)
 	MQ_MANIFEST_TAG=$(MQ_VERSION)-$(RELEASE)
 endif
 ifneq "$(MQ_ARCHIVE_LEVEL)" "$(EMPTY)"
 	EXTRA_LABELS_LEVEL=--label "mq-build=$(MQ_ARCHIVE_LEVEL)"
 endif
 EXTRA_LABELS=$(EXTRA_LABELS_RELEASE) $(EXTRA_LABELS_LEVEL)
 ifeq "$(TIMESTAMPFLAT)" "$(EMPTY)"
 	TIMESTAMPFLAT=$(shell date "+%Y%m%d%H%M%S")
 endif
 ifeq "$(GIT_COMMIT)" "$(EMPTY)"
 	GIT_COMMIT=$(shell git rev-parse --short HEAD)
 endif
 ifeq ($(shell [ ! -z $(TRAVIS) ] && [ "$(TRAVIS_PULL_REQUEST)" = "false" ] && [ "$(TRAVIS_BRANCH)" = "$(MAIN_BRANCH)" ] && echo true), true)
 	MQ_MANIFEST_TAG_SUFFIX=.$(TIMESTAMPFLAT).$(GIT_COMMIT)
 endif
 # Make sure we don't use VOLUME_MOUNT_OPTIONS for Podman on macOS
 ifeq "$(COMMAND)" "podman"
 	ifeq "$(shell uname -s)" "Darwin"
 		VOLUME_MOUNT_OPTIONS:=
 	endif
 endif
 PATH_TO_MQ_TAG_CACHE=$(TRAVIS_BUILD_DIR)/.tagcache
 ifneq "$(TRAVIS)" "$(EMPTY)"
 ifneq ("$(wildcard $(PATH_TO_MQ_TAG_CACHE))","")
 include $(PATH_TO_MQ_TAG_CACHE)
 endif
 endif
 MQ_AMD64_TAG=$(MQ_MANIFEST_TAG)-amd64
 MQ_S390X_TAG?=$(MQ_MANIFEST_TAG)-s390x
 MQ_PPC64LE_TAG?=$(MQ_MANIFEST_TAG)-ppc64le
 # end image tagging
 MQ_IMAGE_FULL_RELEASE_NAME=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)
 MQ_IMAGE_DEV_FULL_RELEASE_NAME=$(MQ_IMAGE_DEVSERVER):$(MQ_TAG)
 #setup variables for fat-manifests
 MQ_IMAGE_DEVSERVER_MANIFEST=$(MQ_IMAGE_DEVSERVER):$(MQ_MANIFEST_TAG)
 MQ_IMAGE_ADVANCEDSERVER_MANIFEST=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_MANIFEST_TAG)
-MQ_IMAGE_DEVSERVER_AMD64=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_DEVSERVER):$(MQ_AMD64_TAG)
+MQ_IMAGE_DEVSERVER_AMD64=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_DEVSERVER):$(MQ_MANIFEST_TAG)-amd64
-MQ_IMAGE_DEVSERVER_S390X=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_DEVSERVER):$(MQ_S390X_TAG)
+MQ_IMAGE_DEVSERVER_S390X=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_DEVSERVER):$(MQ_MANIFEST_TAG)-s390x
-MQ_IMAGE_DEVSERVER_PPC64LE=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_DEVSERVER):$(MQ_PPC64LE_TAG)
+MQ_IMAGE_ADVANCEDSERVER_AMD64=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_MANIFEST_TAG)-amd64
-MQ_IMAGE_ADVANCEDSERVER_AMD64=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_AMD64_TAG)
+MQ_IMAGE_ADVANCEDSERVER_S390X=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_MANIFEST_TAG)-s390x
 MQ_IMAGE_ADVANCEDSERVER_S390X=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_S390X_TAG)
 MQ_IMAGE_ADVANCEDSERVER_PPC64LE=$(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_PPC64LE_TAG)
 ###############################################################################
 # Build targets
@@ -237,63 +154,36 @@ incubating: build-explorer
 downloads/$(MQ_ARCHIVE_DEV):
 	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced for Developers "$(MQ_VERSION)$(END)))
 	mkdir -p downloads
 ifneq "$(BUILD_RSYNC_SERVER)" "$(EMPTY)"
 # Use key which is not stored in the repository to fetch the files from the fileserver
 	curl --fail --location $(BUILD_RSYNC_ENCRYPTED_KEY_URL) --output ./host.key.gpg
 	@echo $(BUILD_RSYNC_ENCRYPTION_PASSWORD)|gpg --batch --passphrase-fd 0 ./host.key.gpg
 	chmod 600 ./host.key
 	rsync -rv -e "ssh -o BatchMode=yes -q -o StrictHostKeyChecking=no -i ./host.key" --include="*/" --include="*.tar.gz" --exclude="*" $(BUILD_RSYNC_USER)@$(BUILD_RSYNC_SERVER):"$(BUILD_RSYNC_PATH)" downloads/$(MQ_ARCHIVE_DEV)
 	-@rm host.key.gpg host.key
 else
 ifneq "$(MQ_ARCHIVE_REPOSITORY_DEV)" "$(EMPTY)"
-	curl --fail --user $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) --request GET "$(MQ_ARCHIVE_REPOSITORY_DEV)" --output downloads/$(MQ_ARCHIVE_DEV)
+	curl -u $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) -X GET "$(MQ_ARCHIVE_REPOSITORY_DEV)" -o downloads/$(MQ_ARCHIVE_DEV)
 else
-	curl --fail --location https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_ARCHIVE_DEV) --output downloads/$(MQ_ARCHIVE_DEV)
+	curl -L https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/$(MQ_ARCHIVE_DEV) -o downloads/$(MQ_ARCHIVE_DEV)
 endif
 endif
 downloads/$(MQ_ARCHIVE):
 	$(info $(SPACER)$(shell printf $(TITLE)"Downloading IBM MQ Advanced "$(MQ_VERSION)$(END)))
 	mkdir -p downloads
 ifneq "$(BUILD_RSYNC_SERVER)" "$(EMPTY)"
 # Use key which is not stored in the repository to fetch the files from the fileserver
 	-@rm host.key.gpg host.key
 	curl --fail --location $(BUILD_RSYNC_ENCRYPTED_KEY_URL) --output ./host.key.gpg
 	@echo $(BUILD_RSYNC_ENCRYPTION_PASSWORD)|gpg --batch --passphrase-fd 0 ./host.key.gpg
 	chmod 600 ./host.key
 	rsync -rv -e "ssh -o BatchMode=yes -q -o StrictHostKeyChecking=no -i ./host.key" --include="*/" --include="*.tar.gz" --exclude="*" $(BUILD_RSYNC_USER)@$(BUILD_RSYNC_SERVER):"$(BUILD_RSYNC_PATH)" downloads/$(MQ_ARCHIVE)
 	-@rm host.key.gpg host.key
 else
 ifneq "$(MQ_ARCHIVE_REPOSITORY)" "$(EMPTY)"
-	curl --fail --user $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) --request GET "$(MQ_ARCHIVE_REPOSITORY)" --output downloads/$(MQ_ARCHIVE)
+	curl -u $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) -X GET "$(MQ_ARCHIVE_REPOSITORY)" -o downloads/$(MQ_ARCHIVE)
 endif
 endif
 .PHONY: downloads
 downloads: downloads/$(MQ_ARCHIVE_DEV) downloads/$(MQ_SDK_ARCHIVE)
 .PHONY: cache-mq-tag
 cache-mq-tag:
 	@printf "MQ_MANIFEST_TAG=$(MQ_MANIFEST_TAG)\n" | tee $(PATH_TO_MQ_TAG_CACHE)
 ###############################################################################
 # Test targets
 ###############################################################################
 # Vendor Go dependencies for the Docker tests
 test/docker/vendor:
-	cd test/docker && go mod vendor
+	cd test/docker && dep ensure -vendor-only
 # Shortcut to just run the unit tests
 .PHONY: test-unit
 test-unit:
-	$(COMMAND) build --target builder --file Dockerfile-server .
+	docker build --target builder --file Dockerfile-server .
 .PHONY: test-advancedserver
 test-advancedserver: test/docker/vendor
-	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) on $(shell $(COMMAND) --version)"$(END)))
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) on $(shell docker --version)"$(END)))
-	$(COMMAND) inspect $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)
+	docker inspect $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) EXPECTED_LICENSE=Production DOCKER_API_VERSION=$(DOCKER_API_VERSION) go test -parallel $(NUM_CPU) -timeout $(TEST_TIMEOUT_DOCKER) $(TEST_OPTS_DOCKER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) EXPECTED_LICENSE=Production go test -parallel $(NUM_CPU) $(TEST_OPTS_DOCKER)
 .PHONY: build-devjmstest
 build-devjmstest:
@@ -302,9 +192,9 @@ build-devjmstest:
 .PHONY: test-devserver
 test-devserver: test/docker/vendor
-	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_DEVSERVER):$(MQ_TAG) on $(shell $(COMMAND) --version)"$(END)))
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_DEVSERVER):$(MQ_TAG) on $(shell docker --version)"$(END)))
-	$(COMMAND) inspect $(MQ_IMAGE_DEVSERVER):$(MQ_TAG)
+	docker inspect $(MQ_IMAGE_DEVSERVER):$(MQ_TAG)
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER):$(MQ_TAG) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) IBMJRE=false DOCKER_API_VERSION=$(DOCKER_API_VERSION) go test -parallel $(NUM_CPU) -timeout $(TEST_TIMEOUT_DOCKER) -tags mqdev $(TEST_OPTS_DOCKER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER):$(MQ_TAG) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) IBMJRE=true go test -parallel $(NUM_CPU) -tags mqdev $(TEST_OPTS_DOCKER)
 .PHONY: coverage
 coverage:
@@ -312,7 +202,7 @@ coverage:
 .PHONY: test-advancedserver-cover
 test-advancedserver-cover: test/docker/vendor coverage
-	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) with code coverage on $(shell $(COMMAND) --version)"$(END)))
+	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) with code coverage on $(shell docker --version)"$(END)))
 	rm -f ./coverage/unit*.cov
 	# Run unit tests with coverage, for each package under 'internal'
 	go list -f '{{.Name}}' ./internal/... | xargs -I {} go test -cover -covermode count -coverprofile ./coverage/unit-{}.cov ./internal/{}
@@ -324,7 +214,7 @@ test-advancedserver-cover: test/docker/vendor coverage
 	rm -f ./test/docker/coverage/*.cov
 	rm -f ./coverage/docker.*
 	mkdir -p ./test/docker/coverage/
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)-cover TEST_COVER=true DOCKER_API_VERSION=$(DOCKER_API_VERSION) go test $(TEST_OPTS_DOCKER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)-cover TEST_COVER=true go test $(TEST_OPTS_DOCKER)
 	echo 'mode: count' > ./coverage/docker.cov
 	tail -q -n +2 ./test/docker/coverage/*.cov >> ./coverage/docker.cov
 	go tool cover -html=./coverage/docker.cov -o ./coverage/docker.html
@@ -333,18 +223,16 @@ test-advancedserver-cover: test/docker/vendor coverage
 	tail -q -n +2 ./coverage/unit.cov ./coverage/docker.cov  >> ./coverage/combined.cov
 	go tool cover -html=./coverage/combined.cov -o ./coverage/combined.html
-###############################################################################
+# Build an MQ image.  The commands used are slightly different between Docker and Podman
-# Build functions
+define build-mq
-###############################################################################
+	$(if $(findstring docker,$(COMMAND)), @docker network create build,)
-
+	$(if $(findstring docker,$(COMMAND)), @docker run --rm --name $(BUILD_SERVER_CONTAINER) --network build --network-alias build --volume $(DOWNLOADS_DIR):/usr/share/nginx/html:ro --detach docker.io/nginx:alpine,)
-# Command to build the image
+	$(eval EXTRA_ARGS=$(if $(findstring docker,$(COMMAND)), --network build --build-arg MQ_URL=http://build:80/$4, --volume $(DOWNLOADS_DIR):/var/downloads --build-arg MQ_URL=file:///var/downloads/$4))
-# Args: imageName, imageTag, dockerfile, extraArgs, dockerfileTarget
+	# Build the new image
 # If the ARCH variable has been changed from the default value (arch_go variable), then the `--platform` parameter is added
 define build-mq-command
 	$(COMMAND) build \
 	  --tag $1:$2 \
 	  --file $3 \
-	  $4 \
+		$(EXTRA_ARGS) \
 	  --build-arg IMAGE_REVISION="$(IMAGE_REVISION)" \
 	  --build-arg IMAGE_SOURCE="$(IMAGE_SOURCE)" \
 	  --build-arg IMAGE_TAG="$1:$2" \
@@ -352,75 +240,36 @@ define build-mq-command
 	  --label name=$1 \
 	  --label build-date=$(shell date +%Y-%m-%dT%H:%M:%S%z) \
 	  --label architecture="$(ARCH)" \
-	  --label run="podman run -d -e LICENSE=accept $1:$2" \
+	  --label run="docker run -d -e LICENSE=accept $1:$2" \
 	  --label vcs-ref=$(IMAGE_REVISION) \
 	  --label vcs-type=git \
 	  --label vcs-url=$(IMAGE_SOURCE) \
 	  $(if $(findstring $(arch_go),$(ARCH)),,--platform=linux/$(ARCH)) \
 	  $(EXTRA_LABELS) \
 	  --target $5 \
 	  .
 	$(if $(findstring docker,$(COMMAND)), @docker kill $(BUILD_SERVER_CONTAINER))
 	$(if $(findstring docker,$(COMMAND)), @docker network rm build)
 endef
-# Build using a separate container to host the MQ download files.
+DOCKER_SERVER_VERSION=$(shell docker version --format "{{ .Server.Version }}")
-# To minimize the layers in the resulting image, the download files can't be part of the build context.
+DOCKER_CLIENT_VERSION=$(shell docker version --format "{{ .Client.Version }}")
-# The "docker build" command (and "podman build" on macOS) don't allow you to mount a directory into the build, so a 
+PODMAN_VERSION=$(shell podman version --format "{{ .Version }}")
-# separate container is used to host a web server.
+.PHONY: command-version
-# Note that for Podman, this means that you need to be using the "rootful" mode, because the rootless mode doesn't allow
+command-version:
-# much control of networking, so the containers can't talk to each other.
+# If we're using Docker, then check it's recent enough to support multi-stage builds
-define build-mq-using-web-server
+ifneq (,$(findstring docker,$(COMMAND)))
-	$(COMMAND) network create $(BUILD_SERVER_NETWORK)
+	@test "$(word 1,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker client 17.05 or greater is required" && exit 1)
-	$(COMMAND) run \
+	@test "$(word 1,$(subst ., ,$(DOCKER_SERVER_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(DOCKER_SERVER_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(DOCKER_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker server 17.05 or greater is required" && exit 1)
-	  --rm \
+endif
-	  --name $(BUILD_SERVER_CONTAINER) \
+ifneq (,$(findstring podman,$(COMMAND)))
-	  --network $(BUILD_SERVER_NETWORK) \
+	@test "$(word 1,$(subst ., ,$(PODMAN_VERSION)))" -ge "1" || (echo "Error: Podman version 1.0 or greater is required" && exit 1)
-	  --volume $(DOWNLOADS_DIR):/opt/app-root/src$(VOLUME_MOUNT_OPTIONS) \
+endif
 	  --detach \
 	  registry.access.redhat.com/ubi8/nginx-120 nginx -g "daemon off;" || ($(COMMAND) network rm $(BUILD_SERVER_NETWORK) && exit 1)
 	BUILD_SERVER_IP=$$($(COMMAND) inspect -f '{{ .NetworkSettings.Networks.$(BUILD_SERVER_NETWORK).IPAddress }}' $(BUILD_SERVER_CONTAINER)); \
 	$(call build-mq-command,$1,$2,$3,--network build --build-arg MQ_URL=http://$$BUILD_SERVER_IP:8080/$4,$5) || ($(COMMAND) rm -f $(BUILD_SERVER_CONTAINER) && $(COMMAND) network rm $(BUILD_SERVER_NETWORK) && exit 1)
 	$(COMMAND) rm -f $(BUILD_SERVER_CONTAINER)
 	$(COMMAND) network rm $(BUILD_SERVER_NETWORK)
 endef
 # When building with Docker, always use the web server build because you can't use bind-mounted volumes.
 # Args: imageName, imageTag, dockerfile, mqArchive, dockerfileTarget
 define build-mq-docker
 	$(call build-mq-using-web-server,$1,$2,$3,$4,$5)
 endef
 # When building with Podman on macOS (Darwin), use the web server build because you can't use bind-mounted volumes with `podman build` on macOS
 # Args: imageName, imageTag, dockerfile, mqArchive, dockerfileTarget
 define build-mq-podman-Darwin
 	$(call build-mq-using-web-server,$1,$2,$3,$4,$5)
 endef
 # When building with Podman on Linux, just pass the downloads directory as a volume
 # Args: imageName, imageTag, dockerfile, mqArchive, dockerfileTarget
 define build-mq-podman-Linux
 	$(call build-mq-command,$1,$2,$3,--volume $(DOWNLOADS_DIR):/var/downloads$(VOLUME_MOUNT_OPTIONS) --build-arg MQ_URL=file:///var/downloads/$4,$5)
 endef
 # When building with Podman, just pass the downloads directory as a volume
 # Args: imageName, imageTag, dockerfile, mqArchive, dockerfileTarget
 define build-mq-podman
 	$(call build-mq-podman-$(shell uname -s),$1,$2,$3,$4,$5)
 endef
 # Build an MQ image.  The commands used are slightly different between Docker and Podman
 # Args: imageName, imageTag, dockerfile, mqArchive, dockerfileTarget
 define build-mq
 	$(call build-mq-$(COMMAND),$1,$2,$3,$4,$5)
 endef
 ###############################################################################
 # Build targets
 ###############################################################################
 .PHONY: build-advancedserver-host
 build-advancedserver-host: build-advancedserver
 .PHONY: build-advancedserver
-build-advancedserver: log-build-env downloads/$(MQ_ARCHIVE) command-version
+build-advancedserver: registry-login log-build-env downloads/$(MQ_ARCHIVE) command-version
 	$(info $(SPACER)$(shell printf $(TITLE)"Build $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)"$(END)))
 	$(call build-mq,$(MQ_IMAGE_ADVANCEDSERVER),$(MQ_TAG),Dockerfile-server,$(MQ_ARCHIVE),mq-server)
@@ -428,39 +277,40 @@ build-advancedserver: log-build-env downloads/$(MQ_ARCHIVE) command-version
 build-devserver-host: build-devserver
 .PHONY: build-devserver
-build-devserver: log-build-env downloads/$(MQ_ARCHIVE_DEV) command-version
+build-devserver: registry-login log-build-env downloads/$(MQ_ARCHIVE_DEV) command-version
 	$(info $(shell printf $(TITLE)"Build $(MQ_IMAGE_DEVSERVER):$(MQ_TAG)"$(END)))
 	$(call build-mq,$(MQ_IMAGE_DEVSERVER),$(MQ_TAG),Dockerfile-server,$(MQ_ARCHIVE_DEV),mq-dev-server)
 .PHONY: build-advancedserver-cover
-build-advancedserver-cover: command-version
+build-advancedserver-cover: registry-login command-version
 	$(COMMAND) build --build-arg BASE_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG) -t $(MQ_IMAGE_ADVANCEDSERVER):$(MQ_TAG)-cover -f Dockerfile-server.cover .
 .PHONY: build-explorer
-build-explorer: downloads/$(MQ_ARCHIVE_DEV)
+build-explorer: registry-login downloads/$(MQ_ARCHIVE_DEV)
 	$(call build-mq,mq-explorer,latest-$(ARCH),incubating/mq-explorer/Dockerfile,$(MQ_ARCHIVE_DEV),mq-explorer)
 .PHONY: build-sdk
-build-sdk: downloads/$(MQ_ARCHIVE_DEV)
+build-sdk: registry-login downloads/$(MQ_ARCHIVE_DEV)
 	$(info $(shell printf $(TITLE)"Build $(MQ_IMAGE_SDK)"$(END)))
 	$(call build-mq,mq-sdk,$(MQ_TAG),incubating/mq-sdk/Dockerfile,$(MQ_SDK_ARCHIVE),mq-sdk)
-###############################################################################
+.PHONY: registry-login
-# Logging targets
+registry-login:
-###############################################################################
+ifneq ($(REGISTRY_USER),)
 	$(COMMAND) login -u $(REGISTRY_USER) -p $(REGISTRY_PASS) registry.redhat.io
 endif
 .PHONY: log-build-env
 log-build-vars:
 	$(info $(SPACER)$(shell printf $(TITLE)"Build environment"$(END)))
-	@echo arch_uname=$(arch_uname)
+	@echo ARCH=$(ARCH)
-	@echo arch_go=$(arch_go)
+	@echo MQ_VERSION=$(MQ_VERSION)
-	@echo "ARCH=$(ARCH) (origin:$(origin ARCH))"
+	@echo MQ_ARCHIVE=$(MQ_ARCHIVE)
 	@echo MQ_VERSION="$(MQ_VERSION) (origin:$(origin MQ_VERSION))"
 	@echo MQ_ARCHIVE="$(MQ_ARCHIVE) (origin:$(origin MQ_ARCHIVE))"
 	@echo MQ_ARCHIVE_DEV_ARCH=$(MQ_ARCHIVE_DEV_ARCH)
 	@echo MQ_ARCHIVE_DEV=$(MQ_ARCHIVE_DEV)
 	@echo MQ_IMAGE_DEVSERVER=$(MQ_IMAGE_DEVSERVER)
 	@echo MQ_IMAGE_ADVANCEDSERVER=$(MQ_IMAGE_ADVANCEDSERVER)
 	@echo COMMAND=$(COMMAND)
 	@echo REGISTRY_USER=$(REGISTRY_USER)
 .PHONY: log-build-env
 log-build-env: log-build-vars
@@ -470,22 +320,16 @@ log-build-env: log-build-vars
 include formatting.mk
 ###############################################################################
 # Push/pull targets
 ###############################################################################
 .PHONY: pull-mq-archive
 pull-mq-archive:
-	curl --fail --user $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) --request GET "$(MQ_ARCHIVE_REPOSITORY)" --output downloads/$(MQ_ARCHIVE)
+	curl -u $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) -X GET "$(MQ_ARCHIVE_REPOSITORY)" -o downloads/$(MQ_ARCHIVE)
 .PHONY: pull-mq-archive-dev
 pull-mq-archive-dev:
-	curl --fail --user $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) --request GET "$(MQ_ARCHIVE_REPOSITORY_DEV)" --output downloads/$(MQ_ARCHIVE_DEV)
+	curl -u $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) -X GET "$(MQ_ARCHIVE_REPOSITORY_DEV)" -o downloads/$(MQ_ARCHIVE_DEV)
 .PHONY: push-advancedserver
 push-advancedserver:
 	@if [ $(MQ_DELIVERY_REGISTRY_NAMESPACE) = "master-fake" ]; then\
 		echo "Detected fake master build. Note that the push destination is set to the fake master namespace: $(MQ_DELIVERY_REGISTRY_FULL_PATH)";\
 	fi
 	$(info $(SPACER)$(shell printf $(TITLE)"Push production image to $(MQ_DELIVERY_REGISTRY_FULL_PATH)"$(END)))
 	$(COMMAND) login $(MQ_DELIVERY_REGISTRY_HOSTNAME) -u $(MQ_DELIVERY_REGISTRY_USER) -p $(MQ_DELIVERY_REGISTRY_CREDENTIAL)
 	$(COMMAND) tag $(MQ_IMAGE_ADVANCEDSERVER)\:$(MQ_TAG) $(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_FULL_RELEASE_NAME)
@@ -493,9 +337,6 @@ push-advancedserver:
 .PHONY: push-devserver
 push-devserver:
 	@if [ $(MQ_DELIVERY_REGISTRY_NAMESPACE) = "master-fake" ]; then\
 		echo "Detected fake master build. Note that the push destination is set to the fake master namespace: $(MQ_DELIVERY_REGISTRY_FULL_PATH)";\
 	fi
 	$(info $(SPACER)$(shell printf $(TITLE)"Push developer image to $(MQ_DELIVERY_REGISTRY_FULL_PATH)"$(END)))
 	$(COMMAND) login $(MQ_DELIVERY_REGISTRY_HOSTNAME) -u $(MQ_DELIVERY_REGISTRY_USER) -p $(MQ_DELIVERY_REGISTRY_CREDENTIAL)
 	$(COMMAND) tag $(MQ_IMAGE_DEVSERVER)\:$(MQ_TAG) $(MQ_DELIVERY_REGISTRY_FULL_PATH)/$(MQ_IMAGE_DEV_FULL_RELEASE_NAME)
@@ -518,34 +359,22 @@ pull-devserver:
 .PHONY: push-manifest
 push-manifest: build-skopeo-container
 	$(info $(SPACER)$(shell printf $(TITLE)"** Determining the image digests **"$(END)))
-ifneq "$(LTS)" "true"
+	$(eval MQ_IMAGE_DEVSERVER_AMD64_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux --override-arch s390x  inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_DEVSERVER_AMD64) | jq -r .Digest))
 	$(eval MQ_IMAGE_DEVSERVER_AMD64_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_DEVSERVER_AMD64) | jq -r .Digest))
 	$(eval MQ_IMAGE_DEVSERVER_S390X_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_DEVSERVER_S390X) | jq -r .Digest))
 	$(eval MQ_IMAGE_DEVSERVER_PPC64LE_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_DEVSERVER_PPC64LE) | jq -r .Digest))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_DEVSERVER_AMD64) has a digest of $(MQ_IMAGE_DEVSERVER_AMD64_DIGEST)**"$(END)))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_DEVSERVER_S390X) has a digest of $(MQ_IMAGE_DEVSERVER_S390X_DIGEST)**"$(END)))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_DEVSERVER_PPC64LE) has a digest of $(MQ_IMAGE_DEVSERVER_PPC64LE_DIGEST)**"$(END)))
 endif
 	$(eval MQ_IMAGE_ADVANCEDSERVER_AMD64_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_ADVANCEDSERVER_AMD64) | jq -r .Digest))
 	$(eval MQ_IMAGE_ADVANCEDSERVER_S390X_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_ADVANCEDSERVER_S390X) | jq -r .Digest))
-	$(eval MQ_IMAGE_ADVANCEDSERVER_PPC64LE_DIGEST=$(shell $(COMMAND) run skopeo:latest --override-os linux inspect --creds $(MQ_ARCHIVE_REPOSITORY_USER):$(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) docker://$(MQ_IMAGE_ADVANCEDSERVER_PPC64LE) | jq -r .Digest))
+	$(info $(shell printf "** Determined the built $(MQ_IMAGE_DEVSERVER_AMD64) has a digest of $(MQ_IMAGE_DEVSERVER_AMD64_DIGEST)**"$(END)))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_DEVSERVER_S390X) has a digest of $(MQ_IMAGE_DEVSERVER_S390X_DIGEST)**"$(END)))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_ADVANCEDSERVER_AMD64) has a digest of $(MQ_IMAGE_ADVANCEDSERVER_AMD64_DIGEST)**"$(END)))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_ADVANCEDSERVER_S390X) has a digest of $(MQ_IMAGE_ADVANCEDSERVER_S390X_DIGEST)**"$(END)))
 	$(info $(shell printf "** Determined the built $(MQ_IMAGE_ADVANCEDSERVER_PPC64LE) has a digest of $(MQ_IMAGE_ADVANCEDSERVER_PPC64LE_DIGEST)**"$(END)))
 ifneq "$(LTS)" "true"
 	$(info $(shell printf "** Calling script to create fat-manifest for $(MQ_IMAGE_DEVSERVER_MANIFEST)**"$(END)))
-	echo $(shell ./travis-build-scripts/create-manifest-list.sh -r $(MQ_DELIVERY_REGISTRY_HOSTNAME) -n $(MQ_DELIVERY_REGISTRY_NAMESPACE) -i $(MQ_IMAGE_DEVSERVER) -t $(MQ_MANIFEST_TAG) -u $(MQ_ARCHIVE_REPOSITORY_USER) -p $(MQ_ARCHIVE_REPOSITORY_CREDENTIAL)  -d "$(MQ_IMAGE_DEVSERVER_AMD64_DIGEST) $(MQ_IMAGE_DEVSERVER_S390X_DIGEST) $(MQ_IMAGE_DEVSERVER_PPC64LE_DIGEST)" $(END))
+	echo $(shell ./travis-build-scripts/create-manifest-list.sh -r $(MQ_DELIVERY_REGISTRY_HOSTNAME) -n $(MQ_DELIVERY_REGISTRY_NAMESPACE) -i $(MQ_IMAGE_DEVSERVER) -t $(MQ_MANIFEST_TAG) -u $(MQ_ARCHIVE_REPOSITORY_USER) -p $(MQ_ARCHIVE_REPOSITORY_CREDENTIAL)  -d "$(MQ_IMAGE_DEVSERVER_AMD64_DIGEST) $(MQ_IMAGE_DEVSERVER_S390X_DIGEST)" $(END))
 endif
 	$(info $(shell printf "** Calling script to create fat-manifest for $(MQ_IMAGE_ADVANCEDSERVER_MANIFEST)**"$(END)))
-	echo $(shell ./travis-build-scripts/create-manifest-list.sh -r $(MQ_DELIVERY_REGISTRY_HOSTNAME) -n $(MQ_DELIVERY_REGISTRY_NAMESPACE) -i $(MQ_IMAGE_ADVANCEDSERVER) -t $(MQ_MANIFEST_TAG) -u $(MQ_ARCHIVE_REPOSITORY_USER) -p $(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) -d "$(MQ_IMAGE_ADVANCEDSERVER_AMD64_DIGEST) $(MQ_IMAGE_ADVANCEDSERVER_S390X_DIGEST) $(MQ_IMAGE_ADVANCEDSERVER_PPC64LE_DIGEST)" $(END))
+	echo $(shell ./travis-build-scripts/create-manifest-list.sh -r $(MQ_DELIVERY_REGISTRY_HOSTNAME) -n $(MQ_DELIVERY_REGISTRY_NAMESPACE) -i $(MQ_IMAGE_ADVANCEDSERVER) -t $(MQ_MANIFEST_TAG) -u $(MQ_ARCHIVE_REPOSITORY_USER) -p $(MQ_ARCHIVE_REPOSITORY_CREDENTIAL) -d "$(MQ_IMAGE_ADVANCEDSERVER_AMD64_DIGEST) $(MQ_IMAGE_ADVANCEDSERVER_S390X_DIGEST)" $(END))
-
+	
 .PHONY: build-skopeo-container
 build-skopeo-container:
-	$(COMMAND) images | grep -q "skopeo"; if [ $$? != 0 ]; then $(COMMAND) build -t skopeo:latest ./docker-builds/skopeo/; fi
+	$(COMMAND) images | grep -q "skopeo"; if [ $$? != 0 ]; then docker build -t skopeo:latest ./docker-builds/skopeo/; fi
 ###############################################################################
 # Other targets
 ###############################################################################
 .PHONY: clean
 clean:
@@ -608,29 +437,4 @@ gosec:
 		printf "\ngosec found no LOW severity issues\n" ;\
 fi ;\
-.PHONY: update-release-information
+include formatting.mk
 update-release-information:
 	sed -i.bak 's/ARG MQ_URL=.*-LinuxX64.tar.gz"/ARG MQ_URL="https:\/\/public.dhe.ibm.com\/ibmdl\/export\/pub\/software\/websphere\/messaging\/mqadv\/$(MQ_VERSION)-IBM-MQ-Advanced-for-Developers-Non-Install-LinuxX64.tar.gz"/g' Dockerfile-server && rm Dockerfile-server.bak
 	$(eval MQ_VERSION_1=$(shell echo '${MQ_VERSION}' | rev | cut -c 3- | rev))
 	sed -i.bak 's/IBM_MQ_.*_LINUX_X86-64_NOINST.tar.gz/IBM_MQ_${MQ_VERSION_1}_LINUX_X86-64_NOINST.tar.gz/g' docs/building.md && rm docs/building.md.bak
 	sed -i.bak 's/ibm-mqadvanced-server:.*-amd64/ibm-mqadvanced-server:$(MQ_VERSION)-amd64/g' docs/security.md
 	sed -i.bak 's/ibm-mqadvanced-server-dev.*-amd64/ibm-mqadvanced-server-dev:$(MQ_VERSION)-amd64/g' docs/security.md && rm docs/security.md.bak
 	sed -i.bak 's/MQ_IMAGE_ADVANCEDSERVER=ibm-mqadvanced-server:.*-amd64/MQ_IMAGE_ADVANCEDSERVER=ibm-mqadvanced-server:$(MQ_VERSION)-amd64/g' docs/testing.md && rm docs/testing.md.bak
 	$(eval MQ_VERSION_2=$(shell echo '${MQ_VERSION_1}' | rev | cut -c 3- | rev))
 	sed -i.bak 's/knowledgecenter\/SSFKSJ_.*\/com/knowledgecenter\/SSFKSJ_${MQ_VERSION_2}.0\/com/g' docs/usage.md && rm docs/usage.md.bak
 	$(eval MQ_VERSION_3=$(shell echo '${MQ_VERSION_1}' | sed "s/\.//g"))
 	sed -i.bak 's/MQ_..._ARCHIVE_REPOSITORY/MQ_${MQ_VERSION_3}_ARCHIVE_REPOSITORY/g' .travis.yml && rm .travis.yml.bak
 COMMAND_SERVER_VERSION=$(shell $(COMMAND) version --format "{{ .Server.Version }}")
 COMMAND_CLIENT_VERSION=$(shell $(COMMAND) version --format "{{ .Client.Version }}")
 PODMAN_VERSION=$(shell podman version --format "{{ .Version }}")
 .PHONY: command-version
 command-version:
 # If we're using Docker, then check it's recent enough to support multi-stage builds
 ifneq (,$(findstring docker,$(COMMAND)))
 	@test "$(word 1,$(subst ., ,$(COMMAND_CLIENT_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(COMMAND_CLIENT_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(COMMAND_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker client 17.05 or greater is required" && exit 1)
 	@test "$(word 1,$(subst ., ,$(COMMAND_SERVER_VERSION)))" -ge "17" || ("$(word 1,$(subst ., ,$(COMMAND_SERVER_VERSION)))" -eq "17" && "$(word 2,$(subst ., ,$(COMMAND_CLIENT_VERSION)))" -ge "05") || (echo "Error: Docker server 17.05 or greater is required" && exit 1)
 endif
 ifneq (,$(findstring podman,$(COMMAND)))
 	@test "$(word 1,$(subst ., ,$(PODMAN_VERSION)))" -ge "1" || (echo "Error: Podman version 1.0 or greater is required" && exit 1)
 endif
--- a/README.md
+++ b/README.md
@@ -1,6 +1,5 @@
 # IBM MQ container
 [![Build Status](https://travis-ci.org/ibm-messaging/mq-container.svg?branch=master)](https://travis-ci.org/ibm-messaging/mq-container)
 **Note**: The `master` branch may be in an *unstable or even broken state* during development.
@@ -34,7 +33,7 @@ See the [default developer configuration docs](docs/developer-config.md) for the
 ### Kubernetes
-If you want to use IBM MQ on [Kubernetes](https://kubernetes.io), you can find an example [Helm](https://helm.sh/) chart here: [IBM MQ Sample Helm Chart](https://github.com/ibm-messaging/mq-helm).  This can be used to run the container on a Kubernetes cluster, such as the [IBM Cloud Kubernetes Service](https://www.ibm.com/cloud/container-service).
+If you want to use IBM MQ in [Kubernetes](https://kubernetes.io), you can find an example [Helm](https://helm.sh/) chart here: [IBM charts](https://github.com/IBM/charts).  This can be used to run the container on a cluster, such as [IBM Cloud Private](https://www.ibm.com/cloud-computing/products/ibm-cloud-private/) or the [IBM Cloud Kubernetes Service](https://www.ibm.com/cloud/container-service).
 ## Issues and contributions
@@ -45,12 +44,11 @@ For issues relating specifically to the container image or Helm chart, please us
 The Dockerfiles and associated code and scripts are licensed under the [Apache License 2.0](http://www.apache.org/licenses/LICENSE-2.0.html).
 Licenses for the products installed within the images are as follows:
- [IBM MQ Advanced for Developers](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-CAUEQC) (International License Agreement for Non-Warranted Programs). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
+- [IBM MQ Advanced for Developers](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-BMKG5H) (International License Agreement for Non-Warranted Programs). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
- [IBM MQ Advanced](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-CAUEBE) (International Program License Agreement). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
+- [IBM MQ Advanced](http://www14.software.ibm.com/cgi-bin/weblap/lap.pl?la_formnum=Z125-3301-14&li_formnum=L-APIG-BMJJBM) (International Program License Agreement). This license may be viewed from an image using the `LICENSE=view` environment variable as described above or by following the link above.
 Note: The IBM MQ Advanced for Developers license does not permit further distribution and the terms restrict usage to a developer machine.
 ## Copyright
-© Copyright IBM Corporation 2015, 2022
+© Copyright IBM Corporation 2015, 2020
--- a/authservice/mqhtpass/Makefile
+++ b/authservice/mqhtpass/Makefile
@@ -1,62 +0,0 @@
 # © Copyright IBM Corporation 2017, 2022
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 # http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # This Makefile expects the following to be installed:
 # - gcc
 # - ldd
 # - MQ SDK (mqm_r library, plus header files)
 # - Apache Portable Runtime (apr-1 and aprutil-1 libraries, plus header files)
 SRC_DIR = src
 BUILD_DIR = ./build
 ARCH ?= $(if $(findstring x86_64,$(shell uname -m)),amd64,$(if $(findstring aarch64,$(shell uname -m)),aarch64,$(shell uname -m)))
 # Flags passed to the C compiler.  Need to use gnu11 to get POSIX functions needed for file locking.
 CFLAGS.amd64 := -m64
 CFLAGS.ppc64le := -m64
 CFLAGS.s390x := -m64
 # -m64 is not a valid compiler option on aarch64/arm64 (ARM)
 CFLAGS.arm64 :=
 CFLAGS += -std=gnu11 -fPIC -Wall ${CFLAGS.${ARCH}}
 LIB_APR = -L/usr/lib64 -lapr-1 -laprutil-1
 LIB_MQ = -L/opt/mqm/lib64 -lmqm_r
 all: $(BUILD_DIR)/mqhtpass.so $(BUILD_DIR)/htpass_test $(BUILD_DIR)/log_test
 $(BUILD_DIR)/log.o : $(SRC_DIR)/log.c $(SRC_DIR)/log.h
 	mkdir -p ${dir $@}
 	gcc $(CFLAGS) -c $(SRC_DIR)/log.c -o $@
 $(BUILD_DIR)/log_test : $(BUILD_DIR)/log.o
 	mkdir -p ${dir $@}
 	gcc $(CFLAGS) $(SRC_DIR)/log_test.c $^ -o $@
 # Run Logging tests, and print log if they fail	
 	$@ || (cat log_test*.log && exit 1)
 $(BUILD_DIR)/htpass.o : $(SRC_DIR)/htpass.c $(SRC_DIR)/htpass.h
 	mkdir -p ${dir $@}
 	gcc $(CFLAGS) -c $(SRC_DIR)/htpass.c -I /usr/include/apr-1 -o $@
 $(BUILD_DIR)/htpass_test : $(BUILD_DIR)/htpass.o $(BUILD_DIR)/log.o
 	mkdir -p ${dir $@}
 	gcc $(CFLAGS) $(LIB_APR) -lpthread $(SRC_DIR)/htpass_test.c $^ -o $@
 # Run HTPasswd tests, and print log if they fail	
 	$@ || (cat htpass_test*.log && exit 1)
 $(BUILD_DIR)/mqhtpass.so : $(BUILD_DIR)/log.o $(BUILD_DIR)/htpass.o
 	mkdir -p ${dir $@}
 	# NOTE: rpath for libapr will be different on Ubuntu
 	gcc $(CFLAGS) -I/opt/mqm/inc -D_REENTRANT $(LIB_APR) $(LIB_MQ) -Wl,-rpath,/opt/mqm/lib64 -Wl,-rpath,/usr/lib64 -shared $(SRC_DIR)/mqhtpass.c $^ -o $@
 	ldd $@
--- a/authservice/mqhtpass/src/htpass.c
+++ b/authservice/mqhtpass/src/htpass.c
@@ -1,145 +0,0 @@
 /*
 © Copyright IBM Corporation 2021
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 #include <errno.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "log.h"
 #include "htpass.h"
 #include <linux/limits.h>
 #include <apr_general.h>
 #include <apr_errno.h>
 #include <apr_md5.h>
 bool htpass_valid_file(char *filename)
 {
  bool valid = true;
  FILE *fp;
  char *huser;
  fp = fopen(filename, "r");
  if (fp == NULL)
  {
    log_errorf("Error %d opening htpasswd file '%s'", errno, filename);
  }
  if (fp)
  {
    const size_t line_size = 1024;
    char *line = malloc(line_size);
    while (fgets(line, line_size, fp) != NULL)
    {
      char *saveptr;
      // Need to use strtok_r to be safe for multiple threads
      huser = strtok_r(line, ":", &saveptr);
      if (strlen(huser) >= 12)
      {
        log_errorf("Invalid htpasswd file for use with IBM MQ.  User '%s' is longer than twelve characters", huser);
        valid = false;
        break;
      }
    }
    fclose(fp);
    if (line)
    {
      free(line);
    }
  }
  return valid;
 }
 char *find_hash(char *filename, char *user)
 {
  bool found = false;
  FILE *fp;
  char *huser;
  char *hash;
  fp = fopen(filename, "r");
  if (fp == NULL)
  {
    log_errorf("Error %d opening htpasswd file '%s'", errno, filename);
  }
  if (fp)
  {
    const size_t line_size = 1024;
    char *line = malloc(line_size);
    while (fgets(line, line_size, fp) != NULL)
    {
      char *saveptr;
      // Need to use strtok_r to be safe for multiple threads
      huser = strtok_r(line, ":", &saveptr);
      if (huser && (strcmp(user, huser) == 0))
      {
        // Make a duplicate of the string, because we'll be keeping it
        hash = strdup(strtok_r(NULL, " \r\n\t", &saveptr));
        found = true;
        break;
      }
    }
    fclose(fp);
    if (line)
    {
      free(line);
    }
  }
  if (!found)
  {
    hash = NULL;
  }
  return hash;
 }
 int htpass_authenticate_user(char *filename, char *user, char *password)
 {
  char *hash = find_hash(filename, user);
  int result = -1;
  if (hash == NULL)
  {
    result = HTPASS_INVALID_USER;
    log_debugf("User does not exist. user=%s", user);
  }
  else
  {
    // Use the Apache Portable Runtime utilities to validate the password against the hash.
    // Supports multiple hashing algorithms, but we should only be using bcrypt
    apr_status_t status = apr_password_validate(password, hash);
    // status is usually either APR_SUCCESS or APR_EMISMATCH
    if (status == APR_SUCCESS)
    {
      result = HTPASS_VALID;
      log_debugf("Correct password supplied. user=%s", user);
    }
    else
    {
      result = HTPASS_INVALID_PASSWORD;
      log_debugf("Incorrect password supplied. user=%s", user);
    }
  }
  return result;
 }
 bool htpass_valid_user(char *filename, char *user)
 {
  char *hash = find_hash(filename, user);
  bool valid = false;
  if (hash != NULL)
  {
    valid = true;
  }
  return valid;
 }
--- a/authservice/mqhtpass/src/htpass.h
+++ b/authservice/mqhtpass/src/htpass.h
@@ -1,49 +0,0 @@
 /*
 © Copyright IBM Corporation 2021
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 #ifndef _HTPASS_H
 #define _HTPASS_H
 #define HTPASS_VALID 0
 #define HTPASS_INVALID_USER 1
 #define HTPASS_INVALID_PASSWORD 2
 /**
 * Validate an HTPasswd file for use with IBM MQ.
 * 
 * @param filename the HTPasswd file
 */
 _Bool htpass_valid_file(char *filename);
 /**
 * Authenticate a user, based on the supplied file name.
 * 
 * @param filename the HTPasswd file
 * @param user the user name to authenticate
 * @param password the password of the user
 * @return HTPASS_VALID, HTPASS_INVALID_USER or HTPASS_INVALID_PASSWORD
 */
 int htpass_authenticate_user(char *filename, char *user, char *password);
 /**
 * Validate that a user exists in the password file.
 * 
 * @param filename the HTPasswd file
 * @param user the user name to validate
 */
 _Bool htpass_valid_user(char *filename, char *user);
 #endif
--- a/authservice/mqhtpass/src/htpass_test.c
+++ b/authservice/mqhtpass/src/htpass_test.c
@@ -1,223 +0,0 @@
 /*
 © Copyright IBM Corporation 2021
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include "log.h"
 #include "htpass.h"
 // Headers for multi-threaded tests
 #include <pthread.h>
 // Start a test and log the function name
 #define test_start() printf("=== RUN: %s\n", __func__)
 // Indicate test has passed
 #define test_pass() printf("--- PASS: %s\n", __func__)
 // Indicate test has failed
 void test_fail(const char *test_name)
 {
  printf("--- FAIL: %s\n", test_name);
  exit(1);
 }
 // ----------------------------------------------------------------------------
 // Simple tests for file validation
 // ----------------------------------------------------------------------------
 void test_htpass_valid_file_ok()
 {
  test_start();
  int ok = htpass_valid_file("./src/htpass_test.htpasswd");
  if (!ok)
    test_fail(__func__);
  test_pass();
 }
 void test_htpass_valid_file_too_long()
 {
  test_start();
  int ok = htpass_valid_file("./src/htpass_test_invalid.htpasswd");
  if (ok)
    test_fail(__func__);
  test_pass();
 }
 // ----------------------------------------------------------------------------
 // Simple tests for authentication
 // ----------------------------------------------------------------------------
 void test_htpass_authenticate_user_fred_valid()
 {
  test_start();
  int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "fred", "passw0rd");
  printf("%s: fred - %d\n", __func__, rc);
  if (rc != HTPASS_VALID)
    test_fail(__func__);
  test_pass();
 }
 void test_htpass_authenticate_user_fred_invalid1()
 {
  test_start();
  int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "fred", "passw0rd ");
  printf("%s: fred - %d\n", __func__, rc);
  if (rc != HTPASS_INVALID_PASSWORD)
    test_fail(__func__);
  test_pass();
 }
 void test_htpass_authenticate_user_fred_invalid2()
 {
  test_start();
  int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "fred", "");
  printf("%s: fred - %d\n", __func__, rc);
  if (rc != HTPASS_INVALID_PASSWORD)
    test_fail(__func__);
  test_pass();
 }
 void test_htpass_authenticate_user_fred_invalid3()
 {
  test_start();
  int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "fred", "clearlywrong");
  printf("%s: fred - %d\n", __func__, rc);
  if (rc != HTPASS_INVALID_PASSWORD)
    test_fail(__func__);
  test_pass();
 }
 void test_htpass_authenticate_user_barney_valid()
 {
  test_start();
  int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "barney", "s3cret");
  printf("%s: barney - %d\n", __func__, rc);
  if (rc != HTPASS_VALID)
    test_fail(__func__);
  test_pass();
 }
 void test_htpass_authenticate_user_unknown()
 {
  test_start();
  int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "george", "s3cret");
  printf("%s: barney - %d\n", __func__, rc);
  if (rc != HTPASS_INVALID_USER)
    test_fail(__func__);
  test_pass();
 }
 // ----------------------------------------------------------------------------
 // Multi-threaded test
 // ----------------------------------------------------------------------------
 #define NUM_THREADS 5
 // Number of tests to perform per thread.  Higher numbers are more likely to trigger timing issue.
 #define NUM_TESTS_PER_THREAD 1000
 // Maximum number of JSON errors to report (log can get flooded)
 #define MAX_JSON_ERRORS 10
 // Authenticate multiple users, multiple times
 void *authenticate_many_times(void *p)
 {
  for (int i = 0; i < NUM_TESTS_PER_THREAD; i++)
  {
    int rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "barney", "s3cret");
    if (rc != HTPASS_VALID)
      test_fail(__func__);
    rc = htpass_authenticate_user("./src/htpass_test.htpasswd", "fred", "passw0rd");
    if (rc != HTPASS_VALID)
      test_fail(__func__);
  }
  pthread_exit(NULL);
 }
 void check_log_file_valid(char *filename)
 {
  int errors = 0;
  printf("--- Checking log file is valid\n");
  // Check that the JSON log file isn't corrupted
  FILE *log = fopen(filename, "r");
  if (log == NULL)
  {
    test_fail(__func__);
  }
  const size_t line_size = 1024;
  char *line = malloc(line_size);
  while (fgets(line, line_size, log) != NULL)
  {
    if ((line[0] != '{') && (errors < MAX_JSON_ERRORS))
    {
      printf("*** Invalid JSON detected: %s\n", line);
      errors++;
    }
  }
  if (line)
  {
    free(line);
  }
  fclose(log);
 }
 // Test authenticate_user with multiple threads, each doing many authentications
 void test_htpass_authenticate_user_multithreaded(char *logfile)
 {
  pthread_t threads[NUM_THREADS];
  int rc;
  test_start();
  // Re-initialize the log to use a file for the multi-threaded test
  log_init(logfile);
  for (int i = 0; i < NUM_THREADS; i++)
  {
    printf("Creating thread %d\n", i);
    rc = pthread_create(&threads[i], NULL, authenticate_many_times, NULL);
    if (rc)
    {
      printf("Error: Unable to create thread, %d\n", rc);
      test_fail(__func__);
    }
  }
  // Wait for all the threads to complete
  for (int i = 0; i < NUM_THREADS; i++)
  {
    pthread_join(threads[i], NULL);
  }
  check_log_file_valid(logfile);
  test_pass();
 }
 // ----------------------------------------------------------------------------
 int main()
 {
  // Turn on debugging for the tests
  setenv("DEBUG", "true", true);
  log_init("htpass_test.log");
  test_htpass_valid_file_ok();
  test_htpass_valid_file_too_long();
  test_htpass_authenticate_user_fred_valid();
  test_htpass_authenticate_user_fred_invalid1();
  test_htpass_authenticate_user_fred_invalid2();
  test_htpass_authenticate_user_fred_invalid3();
  test_htpass_authenticate_user_barney_valid();
  test_htpass_authenticate_user_unknown();
  log_close();
  // Call multi-threaded test last, because it re-initializes the log to use a file
  test_htpass_authenticate_user_multithreaded("htpass_test_multithreaded.log");
 }
--- a/authservice/mqhtpass/src/htpass_test.htpasswd
+++ b/authservice/mqhtpass/src/htpass_test.htpasswd
@@ -1,2 +0,0 @@
 fred:$2y$05$3Fp9epsqEwWOHdyj9Ngf9.qfX34kzc9zNrdQ7kac0GmcCvQjIkAwy
 barney:$2y$05$l8EoyCQ9y2PyfUzIDDfTyu7SSaJEYB1TuHy07xZvN7xt/pR3SIw0a
--- a/authservice/mqhtpass/src/htpass_test_invalid.htpasswd
+++ b/authservice/mqhtpass/src/htpass_test_invalid.htpasswd
@@ -1,3 +0,0 @@
 fred:$2y$05$3Fp9epsqEwWOHdyj9Ngf9.qfX34kzc9zNrdQ7kac0GmcCvQjIkAwy
 barney:$2y$05$l8EoyCQ9y2PyfUzIDDfTyu7SSaJEYB1TuHy07xZvN7xt/pR3SIw0a
 namewhichisfartoolongformq:$2y$05$l8EoyCQ9y2PyfUzIDDfTyu7SSaJEYB1TuHy07xZvN7xt/pR3SIw0a
--- a/authservice/mqhtpass/src/log.c
+++ b/authservice/mqhtpass/src/log.c
@@ -1,162 +0,0 @@
 /*
 © Copyright IBM Corporation 2021, 2022
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdarg.h>
 #include <string.h>
 #include <time.h>
 #include <sys/time.h>
 #include <unistd.h>
 FILE *fp = NULL;
 int pid;
 char hostname[255];
 bool debug = false;
 /**
 * Determine whether debugging is enabled or not, using an environment variable.
 */
 void init_debug(){
  char *debug_env = getenv("DEBUG");
  if (debug_env != NULL)
  {
    // Enable debug logging if the DEBUG environment variable is set
    if (strncmp(debug_env, "true", 4) || strncmp(debug_env, "1", 1))
    {
      debug = true;
    }
  }
 }
 /**
 * Internal function to initialize the log with the given file mode.
 */
 int log_init_internal(char *filename, const char *mode)
 {
  int result = 0;
  pid = getpid();
  hostname[254] = '\0';
  gethostname(hostname, 254);
  if (!fp)
  {
    fp = fopen(filename, "a");
    if (fp)
    {
      // Disable buffering for this file
      setbuf(fp, NULL);
    }
    else
    {
      result = 1;
    }
  }
  init_debug();
  return result;
 }
 int log_init_reset(char *filename)
 {
  // Open the log file for writing (overwrite if it already exists)
  return log_init_internal(filename, "w");
 }
 int log_init(char *filename)
 {
  // Open the log file file for appending
  return log_init_internal(filename, "a");
 }
 void log_init_file(FILE *f)
 {
  fp = f;
  init_debug();
 }
 void log_close()
 {
  if (fp)
  {
    fclose(fp);
    fp = NULL;
  }
 }
 void log_printf(const char *source_file, int source_line, const char *level, const char *format, ...)
 {
  if (fp)
  {
    // If this is a DEBUG message, and debugging is off
    if ((strncmp(level, "DEBUG", 5) == 0) && !debug)
    {
      return;
    }
    char buf[1024] = "";
    char *cur = buf;
    char* const end = buf + sizeof buf;
    char date_buf[70];
    struct tm *utc;
    time_t t;
    struct timeval now;
    gettimeofday(&now, NULL);
    t = now.tv_sec;
    t = time(NULL);
    utc = gmtime(&t);
    cur += snprintf(cur, end-cur, "{");
    cur += snprintf(cur, end-cur, "\"loglevel\":\"%s\"", level);
    // Print ISO-8601 time and date
    if (strftime(date_buf, sizeof date_buf, "%FT%T", utc))
    {
       // Round microseconds down to milliseconds, for consistency
       cur += snprintf(cur, end-cur, ", \"ibm_datetime\":\"%s.%03ldZ\"", date_buf, now.tv_usec / (long)1000);
    }
    cur += snprintf(cur, end-cur, ", \"ibm_processId\":\"%d\"", pid);
    cur += snprintf(cur, end-cur, ", \"host\":\"%s\"", hostname);
    cur += snprintf(cur, end-cur, ", \"module\":\"%s:%d\"", source_file, source_line);
    cur += snprintf(cur, end-cur, ", \"message\":\"");
    if (strncmp(level, "DEBUG", 5) == 0)
    {
      // Add a prefix on any debug messages
      cur += snprintf(cur, end-cur, "mqhtpass: ");
    }
    // Print log message, using varargs
    va_list args;
    va_start(args, format);
    cur += vsnprintf(cur, end-cur, format, args);
    va_end(args);
    cur += snprintf(cur, end-cur, "\"}\n");
    // Important: Just do one file write, to prevent problems with multi-threading.
    // This only works if the log message is not too long for the buffer.
    fprintf(fp, "%s", buf);
  }
 }
 int trimmed_len(char *s, int max_len)
 {
  int i;
  for (i = max_len - 1; i >= 0; i--)
  {
    if (s[i] != ' ')
      break;
  }
  return i+1;
 }
--- a/authservice/mqhtpass/src/log.h
+++ b/authservice/mqhtpass/src/log.h
@@ -1,70 +0,0 @@
 /*
 © Copyright IBM Corporation 2021, 2022
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 #ifndef _LOG_H
 #define _LOG_H
 /**
 * Initialize the log to use the given file name, wiping any existing contents.
 */
 int log_init_reset(char *filename);
 /**
 * Initialize the log to use the given file name.
 */
 int log_init(char *filename);
 /**
 * Initialize the log with an existing file handle.
 */
 void log_init_file(FILE *f);
 /**
 * Write a message to the log file, based on a printf format string.
 * 
 * @param source_file the name of the source code file submitting this log message
 * @param source_line the line of code in the source file
 * @param level the log level, one of "DEBUG", "INFO" or "ERROR"
 * @param format the printf format string for the message
 */
 void log_printf(const char *source_file, int source_line, const char *level, const char *format, ...);
 void log_close();
 /**
 * Variadic macro to write an informational message to the log file, based on a printf format string.
 */
 #define log_infof(format,...) log_printf(__FILE__, __LINE__, "INFO", format, ##__VA_ARGS__)
 /**
 * Variadic macro to write an error message to the log file, based on a printf format string.
 */
 #define log_errorf(format,...) log_printf(__FILE__, __LINE__, "ERROR", format, ##__VA_ARGS__)
 /**
 * Variadic macro to write a debug message to the log file, based on a printf format string.
 */
 #define log_debugf(format,...) log_printf(__FILE__, __LINE__, "DEBUG", format, ##__VA_ARGS__)
 /**
 * Return the length of the string when trimmed of trailing spaces.
 * IBM MQ uses fixed length strings, so this function can be used to print
 * a trimmed version of a string using the "%.*s" printf format string.
 * For example, `log_printf("%.*s", trimmed_len(fw_str, 48), fw_str)`
 */
 int trimmed_len(char *s, int);
 #endif
--- a/authservice/mqhtpass/src/log_test.c
+++ b/authservice/mqhtpass/src/log_test.c
@@ -1,120 +0,0 @@
 /*
 © Copyright IBM Corporation 2022
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "log.h"
 // Headers for multi-threaded tests
 #include <pthread.h>
 // Start a test and log the function name
 #define test_start() printf("=== RUN: %s\n", __func__)
 // Indicate test has passed
 #define test_pass() printf("--- PASS: %s\n", __func__)
 // The length of strings used in the tests
 #define STR_LEN 5
 // Indicate test has failed
 void test_fail(const char *test_name)
 {
  printf("--- FAIL: %s\n", test_name);
  exit(1);
 }
 // Print a fixed-width string in hexadecimal
 void print_hex(char fw_string[STR_LEN])
 {
  printf("[");
  for (int i=0; i<STR_LEN; i++)
  {
    printf("%02x", fw_string[i]);
    if (i < STR_LEN-1)
      printf(",");
  }
  printf("]");
 }
 // ----------------------------------------------------------------------------
 // Tests for string manipulation
 // ----------------------------------------------------------------------------
 void test_trimmed_len(const char *test_name, char fw_string[STR_LEN], int expected_len)
 {
  printf("=== RUN: %s\n", test_name);
  int len;
  // Create a copy of the fixed-width string
  char fw_string2[STR_LEN];
  memcpy(fw_string2, fw_string, STR_LEN * sizeof(char));
  // Call the function under test
  len = trimmed_len(fw_string, STR_LEN);
  // Check the result is correct
  if (len != expected_len)
  {
    printf("%s: Expected result to be %d; got %d\n", __func__, expected_len, len);
    test_fail(test_name);
  }
  // Check that the original string has not been changed
  for (int i=0; i<STR_LEN; i++)
  {
    if (fw_string[i] != fw_string2[i])
    {
      printf("%c-%c\n", fw_string[i], fw_string2[i]);
      printf("%s: Expected string to be identical to input hex ", __func__);
      print_hex(fw_string2);
      printf("; got hex ");
      print_hex(fw_string);
      printf("\n");
      test_fail(test_name);
    }
  }
  printf("--- PASS: %s\n", test_name);
 }
 void test_trimmed_len_normal()
 {
  char fw_string[STR_LEN] = {'a','b','c',' ',' '};
  test_trimmed_len(__func__, fw_string, 3);
 }
 void test_trimmed_len_full()
 {
  char fw_string[STR_LEN] = {'a','b','c','d','e'};
  test_trimmed_len(__func__, fw_string, 5);
 }
 void test_trimmed_len_empty()
 {
  char fw_string[STR_LEN] = {' ',' ',' ',' ',' '};
  test_trimmed_len(__func__, fw_string, 0);
 }
 // ----------------------------------------------------------------------------
 int main()
 {
  // Turn on debugging for the tests
  setenv("DEBUG", "true", true);
  log_init("log_test.log");
  test_trimmed_len_normal();
  test_trimmed_len_full();
  test_trimmed_len_empty();
  log_close();
 }
--- a/authservice/mqhtpass/src/mqhtpass.c
+++ b/authservice/mqhtpass/src/mqhtpass.c
@@ -1,342 +0,0 @@
 /*
 © Copyright IBM Corporation 2021, 2022
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 // This is a developer only configuration and not recommended for production usage.
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <cmqec.h>
 #include "log.h"
 #include "htpass.h"
 // Declare the internal functions that implement the interface
 MQZ_INIT_AUTHORITY MQStart;
 static MQZ_AUTHENTICATE_USER mqhtpass_authenticate_user;
 static MQZ_FREE_USER mqhtpass_free_user;
 static MQZ_TERM_AUTHORITY mqhtpass_terminate;
 #define LOG_FILE "/var/mqm/errors/mqhtpass.json"
 #define HTPASSWD_FILE "/etc/mqm/mq.htpasswd"
 #define NAME "MQ Advanced for Developers custom authentication service"
 /**
 * Initialization and entrypoint for the dynamically loaded
 * authorization installable service. It registers the addresses of the
 * other functions which are to be called by the queue manager.
 *
 * This function is called whenever the module is loaded.  The Options
 * field will show whether it's a PRIMARY (i.e. during qmgr startup) or
 * SECONDARY.
 */
 void MQENTRY MQStart(
    MQHCONFIG hc,
    MQLONG Options,
    MQCHAR48 QMgrName,
    MQLONG ComponentDataLength,
    PMQBYTE ComponentData,
    PMQLONG Version,
    PMQLONG pCompCode,
    PMQLONG pReason)
 {
  MQLONG CC = MQCC_OK;
  MQLONG Reason = MQRC_NONE;
  int log_rc = 0;
  if (Options == MQZIO_PRIMARY)
  {
    // Reset the log file.  The file could still get large if debug is turned on,
    // but this is a simpler solution for now.
    log_rc = log_init_reset(LOG_FILE);
  }
  else
  {
    log_rc = log_init(LOG_FILE);
  }
  if (log_rc != 0)
  {
    CC = MQCC_FAILED;
    Reason = MQRC_INITIALIZATION_FAILED;
  }
  if (Options == MQZIO_PRIMARY)
  {
    log_infof("Initializing %s", NAME);
  }
  log_debugf("MQStart options=%s qmgr=%.*s", ((Options == MQZIO_SECONDARY) ? "Secondary" : "Primary"), trimmed_len(QMgrName, MQ_Q_MGR_NAME_LENGTH), QMgrName);
  if (!htpass_valid_file(HTPASSWD_FILE))
  {
    CC = MQCC_FAILED;
    Reason = MQRC_INITIALIZATION_FAILED;
  }
  // Initialize the functions to use for each entry point
  if (CC == MQCC_OK)
  {
    hc->MQZEP_Call(hc, MQZID_INIT_AUTHORITY, (PMQFUNC)MQStart, &CC, &Reason);
  }
  if (CC == MQCC_OK)
  {
    hc->MQZEP_Call(hc, MQZID_TERM_AUTHORITY, (PMQFUNC)mqhtpass_terminate, &CC, &Reason);
  }
  if (CC == MQCC_OK)
  {
    hc->MQZEP_Call(hc, MQZID_AUTHENTICATE_USER, (PMQFUNC)mqhtpass_authenticate_user, &CC, &Reason);
  }
  if (CC == MQCC_OK)
  {
    hc->MQZEP_Call(hc, MQZID_FREE_USER, (PMQFUNC)mqhtpass_free_user, &CC, &Reason);
  }
  *Version = MQZAS_VERSION_5;
  *pCompCode = CC;
  *pReason = Reason;
  return;
 }
 /**
 * Called during the connection of any application which supplies an MQCSP (Connection Security Parameters).
 * This is the usual case.
 * See https://www.ibm.com/support/knowledgecenter/SSFKSJ_latest/com.ibm.mq.ref.dev.doc/q095610_.html
 */
 static void MQENTRY mqhtpass_authenticate_user_csp(
    PMQCHAR pQMgrName,
    PMQCSP pSecurityParms,
    PMQZAC pApplicationContext,
    PMQZIC pIdentityContext,
    PMQPTR pCorrelationPtr,
    PMQBYTE pComponentData,
    PMQLONG pContinuation,
    PMQLONG pCompCode,
    PMQLONG pReason)
 {
  char *csp_user = NULL;
  char *csp_pass = NULL;
  // Firstly, create null-terminated strings from the user credentials in the MQ CSP object
  csp_user = malloc(pSecurityParms->CSPUserIdLength + 1);
  if (!csp_user)
  {
    log_errorf("%s is unable to allocate memory for a user", NAME);
    *pCompCode = MQCC_FAILED;
    *pReason = MQRC_SERVICE_ERROR;
    return;
  }
  strncpy(csp_user, pSecurityParms->CSPUserIdPtr, pSecurityParms->CSPUserIdLength);
  csp_user[pSecurityParms->CSPUserIdLength] = 0;
  csp_pass = malloc((pSecurityParms->CSPPasswordLength + 1));
  if (!csp_pass)
  {
    log_errorf("%s is unable to allocate memory for a password", NAME);
    *pCompCode = MQCC_FAILED;
    *pReason = MQRC_SERVICE_ERROR;
    if (csp_user)
    {
      free(csp_user);
    }
    return;
  }
  strncpy(csp_pass, pSecurityParms->CSPPasswordPtr, pSecurityParms->CSPPasswordLength);
  csp_pass[pSecurityParms->CSPPasswordLength] = 0;
  log_debugf("%s with CSP user set. user=%s", __func__, csp_user);
  int auth_result = htpass_authenticate_user(HTPASSWD_FILE, csp_user, csp_pass);
  if (auth_result == HTPASS_VALID)
  {
    // An OK completion code means MQ will accept this user is authenticated
    *pCompCode = MQCC_OK;
    *pReason = MQRC_NONE;
    // Tell the queue manager to stop trying other authorization services.
    *pContinuation = MQZCI_STOP;
    memcpy(pIdentityContext->UserIdentifier, csp_user, sizeof(pIdentityContext->UserIdentifier));
    log_debugf("Authenticated user=%s", pIdentityContext->UserIdentifier);
  }
  // If the htpasswd file does not have an entry for this user
  else if (auth_result == HTPASS_INVALID_USER)
  {
    *pCompCode = MQCC_WARNING;
    *pReason = MQRC_NONE;
    // Tell the queue manager to continue trying other authorization services, as they might have the user.
    *pContinuation = MQZCI_CONTINUE;
    log_debugf(
        "User authentication failed due to invalid user.  user=%.*s effuser=%.*s applname=%.*s csp_user=%s cc=%d reason=%d",
        trimmed_len(pIdentityContext->UserIdentifier, MQ_USER_ID_LENGTH),
        pIdentityContext->UserIdentifier,
        trimmed_len(pApplicationContext->EffectiveUserID, MQ_USER_ID_LENGTH),
        pApplicationContext->EffectiveUserID,
        trimmed_len(pApplicationContext->ApplName, MQ_APPL_NAME_LENGTH),
        pApplicationContext->ApplName,
        csp_user,
        *pCompCode,
        *pReason);
  }
  // If the htpasswd file has an entry for this user, but the password supplied is incorrect
  else if (auth_result == HTPASS_INVALID_PASSWORD)
  {
    *pCompCode = MQCC_WARNING;
    *pReason = MQRC_NOT_AUTHORIZED;
    // Tell the queue manager to stop trying other authorization services.
    *pContinuation = MQZCI_STOP;
    log_debugf(
        "User authentication failed due to invalid password.  user=%.*s effuser=%.*s applname=%.*s csp_user=%s cc=%d reason=%d",
        trimmed_len(pIdentityContext->UserIdentifier, MQ_USER_ID_LENGTH),
        pIdentityContext->UserIdentifier,
        trimmed_len(pApplicationContext->EffectiveUserID, MQ_USER_ID_LENGTH),
        pApplicationContext->EffectiveUserID,
        trimmed_len(pApplicationContext->ApplName, MQ_APPL_NAME_LENGTH),
        pApplicationContext->ApplName,
        csp_user,
        *pCompCode,
        *pReason);
  }
  if (csp_user)
  {
    free(csp_user);
  }
  if (csp_pass)
  {
    free(csp_pass);
  }
  return;
 }
 /**
 * Called during the connection of any application.
 * For more information on the parameters, see https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_latest/com.ibm.mq.ref.dev.doc/q110090_.html
 */
 static void MQENTRY mqhtpass_authenticate_user(
    PMQCHAR pQMgrName,
    PMQCSP pSecurityParms,
    PMQZAC pApplicationContext,
    PMQZIC pIdentityContext,
    PMQPTR pCorrelationPtr,
    PMQBYTE pComponentData,
    PMQLONG pContinuation,
    PMQLONG pCompCode,
    PMQLONG pReason)
 {
  char *spuser = NULL;
  // By default, return a warning, which indicates to MQ that this
  // authorization service hasn't authenticated the user.
  *pCompCode = MQCC_WARNING;
  *pReason = MQRC_NONE;
  // By default, tell the queue manager to continue trying other
  // authorization services.
  *pContinuation = MQZCI_CONTINUE;
  if ((pSecurityParms->AuthenticationType) == MQCSP_AUTH_USER_ID_AND_PWD)
  {
    mqhtpass_authenticate_user_csp(pQMgrName, pSecurityParms, pApplicationContext, pIdentityContext, pCorrelationPtr, pComponentData, pContinuation, pCompCode, pReason);
  }
  else
  {
    // Password not supplied, so just check that the user ID is valid
    spuser = malloc(sizeof(PMQCHAR12) + 1);
    if (!spuser)
    {
      log_errorf("%s is unable to allocate memory to check a user", NAME);
      *pCompCode = MQCC_FAILED;
      *pReason = MQRC_SERVICE_ERROR;
      return;
    }
    strncpy(spuser, pApplicationContext->EffectiveUserID, strlen(pApplicationContext->EffectiveUserID));
    spuser[sizeof(PMQCHAR12)] = 0;
    log_debugf("%s without CSP user set.  effectiveuid=%s env=%d, callertype=%d, type=%d, accttoken=%d applidentitydata=%d", __func__, spuser, pApplicationContext->Environment, pApplicationContext->CallerType, pApplicationContext->AuthenticationType, pIdentityContext->AccountingToken, pIdentityContext->ApplIdentityData);
    if (strncmp(spuser, "mqm", 3) == 0)
    {
      // Special case: pass the "mqm" user on for validation up the chain
      // A warning in the completion code means MQ will pass this to other authorization services
      *pCompCode = MQCC_WARNING;
      *pReason = MQRC_NONE;
      *pContinuation = MQZCI_CONTINUE;
    }
    else
    {
      bool valid_user = htpass_valid_user(HTPASSWD_FILE, spuser);
      if (valid_user)
      {
        // An OK completion code means MQ will accept this user is authenticated
        *pCompCode = MQCC_OK;
        *pReason = MQRC_NONE;
        *pContinuation = MQZCI_STOP;
        memcpy(pIdentityContext->UserIdentifier, spuser, sizeof(pIdentityContext->UserIdentifier));
      }
      else
      {
        log_debugf(
            "User authentication failed user=%.*s effuser=%.*s applname=%.*s cspuser=%s cc=%d reason=%d",
            trimmed_len(pIdentityContext->UserIdentifier, MQ_USER_ID_LENGTH),
            pIdentityContext->UserIdentifier,
            trimmed_len(pApplicationContext->EffectiveUserID, MQ_USER_ID_LENGTH),
            pApplicationContext->EffectiveUserID,
            trimmed_len(pApplicationContext->ApplName, MQ_APPL_NAME_LENGTH),
            pApplicationContext->ApplName,
            spuser,
            *pCompCode,
            *pReason);
      }
      if (spuser)
      {
        free(spuser);
      }
    }
  }
  return;
 }
 /**
 * Called during MQDISC, as the inverse of the call to authenticate.
 */
 static void MQENTRY mqhtpass_free_user(
    PMQCHAR pQMgrName,
    PMQZFP pFreeParms,
    PMQBYTE pComponentData,
    PMQLONG pContinuation,
    PMQLONG pCompCode,
    PMQLONG pReason)
 {
  log_debugf("mqhtpass_freeuser()");
  *pCompCode = MQCC_WARNING;
  *pReason = MQRC_NONE;
  *pContinuation = MQZCI_CONTINUE;
 }
 /**
 * Called when the authorization service is terminated.
 */
 static void MQENTRY mqhtpass_terminate(
    MQHCONFIG hc,
    MQLONG Options,
    PMQCHAR pQMgrName,
    PMQBYTE pComponentData,
    PMQLONG pCompCode,
    PMQLONG pReason)
 {
  if (Options == MQZTO_PRIMARY)
  {
    log_infof("Terminating %s", NAME);
    log_close();
  }
  else {
    log_debugf("Terminating secondary");
  }
  *pCompCode = MQCC_OK;
  *pReason = MQRC_NONE;
 }
--- a/cmd/chkmqhealthy/main.go
+++ b/cmd/chkmqhealthy/main.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -18,51 +18,42 @@ limitations under the License.
 package main
 import (
 	"context"
 	"fmt"
 	"os"
 	"os/exec"
 	"os/signal"
 	"strings"
 	"github.com/ibm-messaging/mq-container/pkg/name"
 )
-func queueManagerHealthy(ctx context.Context) (bool, error) {
+func queueManagerHealthy() (bool, error) {
 	name, err := name.GetQueueManagerName()
 	if err != nil {
 		return false, err
 	}
 	// Specify the queue manager name, just in case someone's created a second queue manager
 	// #nosec G204
-	cmd := exec.CommandContext(ctx, "dspmq", "-n", "-m", name)
+	cmd := exec.Command("dspmq", "-n", "-m", name)
 	// Run the command and wait for completion
 	out, err := cmd.CombinedOutput()
 	fmt.Printf("%s", out)
 	if err != nil {
 		fmt.Println(err)
 		return false, err
 	}
-	if !strings.Contains(string(out), "(RUNNING)") && !strings.Contains(string(out), "(RUNNING AS STANDBY)") && !strings.Contains(string(out), "(STARTING)") && !strings.Contains(string(out), "(REPLICA)") {
+	fmt.Printf("%s", out)
 	if !strings.Contains(string(out), "(RUNNING)") && !strings.Contains(string(out), "(RUNNING AS STANDBY)") && !strings.Contains(string(out), "(STARTING)") {
 		return false, nil
 	}
 	return true, nil
 }
-func doMain() int {
+func main() {
-	ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt, os.Kill)
+	healthy, err := queueManagerHealthy()
 	defer cancel()
 	healthy, err := queueManagerHealthy(ctx)
 	if err != nil {
-		return 2
+		os.Exit(2)
 	}
 	if !healthy {
-		return 1
+		os.Exit(1)
 	}
-	return 0
+	os.Exit(0)
 }
 func main() {
 	os.Exit(doMain())
 }
--- a/cmd/chkmqready/main.go
+++ b/cmd/chkmqready/main.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -18,54 +18,39 @@ limitations under the License.
 package main
 import (
 	"context"
 	"fmt"
 	"net"
 	"os"
 	"os/signal"
 	"github.com/ibm-messaging/mq-container/internal/ready"
 	"github.com/ibm-messaging/mq-container/pkg/name"
 )
-func doMain() int {
+func main() {
 	ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt, os.Kill)
 	defer cancel()
 	// Check if runmqserver has indicated that it's finished configuration
 	r, err := ready.Check()
 	if !r || err != nil {
-		return 1
+		os.Exit(1)
 	}
 	name, err := name.GetQueueManagerName()
 	if err != nil {
 		fmt.Println(err)
-		return 1
+		os.Exit(1)
 	}
 	// Check if the queue manager has a running listener
-	if active, _ := ready.IsRunningAsActiveQM(ctx, name); active {
+	if standby, _ := ready.IsRunningAsStandbyQM(name); !standby {
 		conn, err := net.Dial("tcp", "127.0.0.1:1414")
 		if err != nil {
 			fmt.Println(err)
-			return 1
+			os.Exit(1)
 		}
 		err = conn.Close()
 		if err != nil {
 			fmt.Println(err)
 		}
 	} else if standby, _ := ready.IsRunningAsStandbyQM(ctx, name); standby {
 		fmt.Printf("Detected queue manager running in standby mode")
 		return 10
 	} else if replica, _ := ready.IsRunningAsReplicaQM(ctx, name); replica {
 		fmt.Printf("Detected queue manager running in replica mode")
 		return 20
 	} else {
-		return 1
+		fmt.Printf("Detected queue manager running in standby mode")
 		os.Exit(10)
 	}
 	return 0
 }
 func main() {
 	os.Exit(doMain())
 }
--- a/cmd/chkmqstarted/main.go
+++ b/cmd/chkmqstarted/main.go
@@ -1,67 +0,0 @@
 /*
 © Copyright IBM Corporation 2021, 2022
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 // chkmqstarted checks that MQ has successfully started, by checking the output of the "dspmq" command
 package main
 import (
 	"context"
 	"fmt"
 	"os"
 	"os/exec"
 	"os/signal"
 	"strings"
 	"github.com/ibm-messaging/mq-container/pkg/name"
 )
 func queueManagerStarted(ctx context.Context) (bool, error) {
 	name, err := name.GetQueueManagerName()
 	if err != nil {
 		return false, err
 	}
 	// Specify the queue manager name, just in case someone's created a second queue manager
 	// #nosec G204
 	cmd := exec.CommandContext(ctx, "dspmq", "-n", "-m", name)
 	// Run the command and wait for completion
 	out, err := cmd.CombinedOutput()
 	if err != nil {
 		fmt.Println(err)
 		return false, err
 	}
 	if !strings.Contains(string(out), "(RUNNING)") && !strings.Contains(string(out), "(RUNNING AS STANDBY)") && !strings.Contains(string(out), "(STARTING)") && !strings.Contains(string(out), "(REPLICA)") {
 		return false, nil
 	}
 	return true, nil
 }
 func doMain() int {
 	ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt, os.Kill)
 	defer cancel()
 	started, err := queueManagerStarted(ctx)
 	if err != nil {
 		return 2
 	}
 	if !started {
 		return 1
 	}
 	return 0
 }
 func main() {
 	os.Exit(doMain())
 }
--- a/cmd/runmqdevserver/main.go
+++ b/cmd/runmqdevserver/main.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2021
+© Copyright IBM Corporation 2018, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -19,6 +19,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"os"
 	"os/exec"
 	"syscall"
 	"github.com/ibm-messaging/mq-container/internal/htpasswd"
@@ -29,6 +30,27 @@ import (
 var log *logger.Logger
 func setPassword(user string, password string) error {
 	// #nosec G204
 	cmd := exec.Command("sudo", "chpasswd")
 	stdin, err := cmd.StdinPipe()
 	if err != nil {
 		return err
 	}
 	fmt.Fprintf(stdin, "%s:%s", user, password)
 	err = stdin.Close()
 	if err != nil {
 		log.Errorf("Error closing password stdin: %v", err)
 	}
 	out, err := cmd.CombinedOutput()
 	if err != nil {
 		// Include the command output in the error
 		return fmt.Errorf("%v: %v", err.Error(), out)
 	}
 	log.Printf("Set password for \"%v\" user", user)
 	return nil
 }
 func getLogFormat() string {
 	return os.Getenv("LOG_FORMAT")
 }
--- a/cmd/runmqserver/logging.go
+++ b/cmd/runmqserver/logging.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -79,8 +79,6 @@ func formatBasic(obj map[string]interface{}) string {
 	if len(inserts) > 0 {
 		return fmt.Sprintf("%s %s [%v]\n", obj["ibm_datetime"], obj["message"], strings.Join(inserts, ", "))
 	}
 	// Convert time zone information from some logs (e.g. Liberty) for consistency
 	obj["ibm_datetime"] = strings.Replace(obj["ibm_datetime"].(string), "+0000", "Z", 1)
 	return fmt.Sprintf("%s %s\n", obj["ibm_datetime"], obj["message"])
 }
@@ -102,16 +100,6 @@ func mirrorQueueManagerErrorLogs(ctx context.Context, wg *sync.WaitGroup, name s
 	return mirrorLog(ctx, wg, f, fromStart, mf, true)
 }
 // mirrorHTPasswdLogs starts a goroutine to mirror the contents of the MQ HTPasswd authorization service's log
 func mirrorHTPasswdLogs(ctx context.Context, wg *sync.WaitGroup, name string, fromStart bool, mf mirrorFunc) (chan error, error) {
 	return mirrorLog(ctx, wg, "/var/mqm/errors/mqhtpass.json", false, mf, true)
 }
 // mirrorWebServerLogs starts a goroutine to mirror the contents of the Liberty web server messages.log
 func mirrorWebServerLogs(ctx context.Context, wg *sync.WaitGroup, name string, fromStart bool, mf mirrorFunc) (chan error, error) {
 	return mirrorLog(ctx, wg, "/var/mqm/web/installations/Installation1/servers/mqweb/logs/messages.log", false, mf, true)
 }
 func getDebug() bool {
 	debug := os.Getenv("DEBUG")
 	if debug == "true" || debug == "1" {
@@ -131,21 +119,14 @@ func configureLogger(name string) (mirrorFunc, error) {
 			return nil, err
 		}
 		return func(msg string, isQMLog bool) bool {
-			// Check if the message is JSON
+			obj, err := processLogMessage(msg)
-			if len(msg) > 0 && msg[0] == '{' {
+			if err == nil && isQMLog && filterQMLogMessage(obj) {
-				obj, err := processLogMessage(msg)
+				return false
-				if err == nil && isQMLog && filterQMLogMessage(obj) {
+			}
-					return false
+			if err != nil {
-				}
+				log.Printf("Failed to unmarshall JSON - %v", msg)
 				if err != nil {
 					log.Printf("Failed to unmarshall JSON in log message - %v", msg)
 				} else {
 					fmt.Println(msg)
 				}
 			} else {
-				// The log being mirrored isn't JSON, so wrap it in a simple JSON message
+				fmt.Println(msg)
 				// MQ error logs are usually JSON, but this is useful for Liberty logs - usually expect WLP_LOGGING_MESSAGE_FORMAT=JSON to be set when mirroring Liberty logs.
 				fmt.Printf("{\"message\":\"%s\"}\n", msg)
 			}
 			return true
 		}, nil
@@ -155,22 +136,16 @@ func configureLogger(name string) (mirrorFunc, error) {
 			return nil, err
 		}
 		return func(msg string, isQMLog bool) bool {
-			// Check if the message is JSON
+			// Parse the JSON message, and print a simplified version
-			if len(msg) > 0 && msg[0] == '{' {
+			obj, err := processLogMessage(msg)
-				// Parse the JSON message, and print a simplified version
+			if err == nil && isQMLog && filterQMLogMessage(obj) {
-				obj, err := processLogMessage(msg)
+				return false
-				if err == nil && isQMLog && filterQMLogMessage(obj) {
+			}
-					return false
+			if err != nil {
-				}
+				log.Printf("Failed to unmarshall JSON - %v", err)
 				if err != nil {
 					log.Printf("Failed to unmarshall JSON in log message - %v", err)
 				} else {
 					fmt.Print(formatBasic(obj))
 				}
 			} else {
-				// The log being mirrored isn't JSON, so just print it.
+				fmt.Printf(formatBasic(obj))
-				// MQ error logs are usually JSON, but this is useful for Liberty logs - usually expect WLP_LOGGING_MESSAGE_FORMAT=JSON to be set when mirroring Liberty logs.
+				// fmt.Printf(formatSimple(obj["ibm_datetime"].(string), obj["message"].(string)))
 				fmt.Println(msg)
 			}
 			return true
 		}, nil
--- a/cmd/runmqserver/main.go
+++ b/cmd/runmqserver/main.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2021
+© Copyright IBM Corporation 2017, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -24,7 +24,6 @@ import (
 	"os"
 	"sync"
 	"github.com/ibm-messaging/mq-container/internal/ha"
 	"github.com/ibm-messaging/mq-container/internal/metrics"
 	"github.com/ibm-messaging/mq-container/internal/ready"
 	"github.com/ibm-messaging/mq-container/internal/tls"
@@ -144,55 +143,30 @@ func doMain() error {
 	// Print out versioning information
 	logVersionInfo()
-	keyLabel, defaultCmsKeystore, defaultP12Truststore, err := tls.ConfigureDefaultTLSKeystores()
+	keyLabel, cmsKeystore, p12Truststore, err := tls.ConfigureTLSKeystores()
 	if err != nil {
 		logTermination(err)
 		return err
 	}
-	err = tls.ConfigureTLS(keyLabel, defaultCmsKeystore, *devFlag, log)
+	err = tls.ConfigureTLS(keyLabel, cmsKeystore, *devFlag, log)
 	if err != nil {
 		logTermination(err)
 		return err
 	}
-	err = postInit(name, keyLabel, defaultP12Truststore)
+	err = postInit(name, keyLabel, p12Truststore)
 	if err != nil {
 		logTermination(err)
 		return err
 	}
 	if os.Getenv("MQ_NATIVE_HA") == "true" {
 		err = ha.ConfigureNativeHA(log)
 		if err != nil {
 			logTermination(err)
 			return err
 		}
 	}
 	enableTraceCrtmqm := os.Getenv("MQ_ENABLE_TRACE_CRTMQM")
 	if enableTraceCrtmqm == "true" || enableTraceCrtmqm == "1" {
 		err = startMQTrace()
 		if err != nil {
 			logTermination(err)
 			return err
 		}
 	}
 	newQM, err := createQueueManager(name, *devFlag)
 	if err != nil {
 		logTermination(err)
 		return err
 	}
 	if enableTraceCrtmqm == "true" || enableTraceCrtmqm == "1" {
 		err = endMQTrace()
 		if err != nil {
 			logTermination(err)
 			return err
 		}
 	}
 	var wg sync.WaitGroup
 	defer func() {
 		log.Debug("Waiting for log mirroring to complete")
@@ -214,23 +188,6 @@ func doMain() error {
 		logTermination(err)
 		return err
 	}
 	if *devFlag {
 		_, err = mirrorHTPasswdLogs(ctx, &wg, name, newQM, mf)
 		if err != nil {
 			logTermination(err)
 			return err
 		}
 	}
 	// Recommended to use this option in conjunction with setting WLP_LOGGING_MESSAGE_FORMAT=JSON
 	mirrorWebLog := os.Getenv("MQ_ENABLE_EMBEDDED_WEB_SERVER_LOG")
 	if mirrorWebLog == "true" || mirrorWebLog == "1" {
 		_, err = mirrorWebServerLogs(ctx, &wg, name, newQM, mf)
 		if err != nil {
 			logTermination(err)
 			return err
 		}
 	}
 	err = updateCommandLevel()
 	if err != nil {
 		logTermination(err)
--- a/cmd/runmqserver/qmgr.go
+++ b/cmd/runmqserver/qmgr.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -16,7 +16,6 @@ limitations under the License.
 package main
 import (
 	"context"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -28,7 +27,6 @@ import (
 	"github.com/ibm-messaging/mq-container/internal/command"
 	containerruntime "github.com/ibm-messaging/mq-container/internal/containerruntime"
 	"github.com/ibm-messaging/mq-container/internal/mqscredact"
 	"github.com/ibm-messaging/mq-container/internal/mqversion"
 	"github.com/ibm-messaging/mq-container/internal/ready"
 )
@@ -114,13 +112,9 @@ func startQueueManager(name string) error {
 	out, rc, err := command.Run("strmqm", "-x", name)
 	if err != nil {
 		// 30=standby queue manager started, which is fine
 		// 94=native HA replica started, which is fine
 		if rc == 30 {
 			log.Printf("Started standby queue manager")
 			return nil
 		} else if rc == 94 {
 			log.Printf("Started replica queue manager")
 			return nil
 		}
 		log.Printf("Error %v starting queue manager: %v", rc, string(out))
 		return err
@@ -132,7 +126,7 @@ func startQueueManager(name string) error {
 func stopQueueManager(name string) error {
 	log.Println("Stopping queue manager")
 	qmGracePeriod := os.Getenv("MQ_GRACE_PERIOD")
-	isStandby, err := ready.IsRunningAsStandbyQM(context.Background(), name)
+	isStandby, err := ready.IsRunningAsStandbyQM(name)
 	if err != nil {
 		log.Printf("Error getting status for queue manager %v: %v", name, err.Error())
 		return err
@@ -142,7 +136,7 @@ func stopQueueManager(name string) error {
 		if isStandby {
 			args = []string{"-x", name}
 		} else {
-			args = []string{"-s", "-w", "-tp", qmGracePeriod, name}
+			args = []string{"-s", "-w", "-r", "-tp", qmGracePeriod, name}
 		}
 	}
 	out, rc, err := command.Run("endmqm", args...)
@@ -209,28 +203,9 @@ func getQueueManagerDataDir(mounts map[string]string, name string) string {
 }
 func getCreateQueueManagerArgs(mounts map[string]string, name string, devMode bool) []string {
 	mqversionBase := "9.2.1.0"
 	// use "UserExternal" only if we are 9.2.1.0 or above.
 	oaVal := "user"
 	mqVersionCheck, err := mqversion.Compare(mqversionBase)
 	if err != nil {
 		log.Printf("Error comparing MQ versions for oa,rc: %v", mqVersionCheck)
 	}
 	if mqVersionCheck >= 0 {
 		oaVal = "UserExternal"
 	}
 	//build args
 	args := []string{"-ii", "/etc/mqm/", "-ic", "/etc/mqm/", "-q", "-p", "1414"}
 	if os.Getenv("MQ_NATIVE_HA") == "true" {
 		args = append(args, "-lr", os.Getenv("HOSTNAME"))
 	}
 	if devMode {
-		args = append(args, "-oa", oaVal)
+		args = append(args, "-oa", "user")
 	}
 	if _, ok := mounts["/mnt/mqm-log"]; ok {
 		args = append(args, "-ld", "/mnt/mqm-log/log")
--- a/cmd/runmqserver/signals.go
+++ b/cmd/runmqserver/signals.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2018
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -33,8 +33,8 @@ func signalHandler(qmgr string) chan int {
 	control := make(chan int)
 	// Use separate channels for the signals, to avoid SIGCHLD signals swamping
 	// the buffer, and preventing other signals.
-	stopSignals := make(chan os.Signal, 1)
+	stopSignals := make(chan os.Signal)
-	reapSignals := make(chan os.Signal, 1)
+	reapSignals := make(chan os.Signal)
 	signal.Notify(stopSignals, syscall.SIGTERM, syscall.SIGINT)
 	go func() {
 		for {
--- a/cmd/runmqserver/version.go
+++ b/cmd/runmqserver/version.go
@@ -20,7 +20,6 @@ import (
 	"strings"
 	"github.com/ibm-messaging/mq-container/internal/command"
 	"github.com/ibm-messaging/mq-container/internal/mqversion"
 )
 var (
@@ -51,7 +50,7 @@ func logImageTag() {
 }
 func logMQVersion() {
-	mqVersion, err := mqversion.Get()
+	mqVersion, _, err := command.Run("dspmqver", "-b", "-f", "2")
 	if err != nil {
 		log.Printf("Error Getting MQ version: %v", strings.TrimSuffix(string(mqVersion), "\n"))
 	}
--- a/cmd/runmqserver/webserver.go
+++ b/cmd/runmqserver/webserver.go
@@ -62,31 +62,15 @@ func startWebServer(webKeystore, webkeystorePW, webTruststoreRef string) error {
 }
 func configureSSO(p12TrustStore tls.KeyStoreData, webKeystore string) (string, error) {
-	requiredEnvVars := []string{}
+	// Ensure all required environment variables are set for SSO
-	_, set := os.LookupEnv("MQ_ZEN_INTERNAL_ENDPOINT")
+	requiredEnvVars := []string{
-	if !set {
+		"MQ_OIDC_CLIENT_ID",
-		// Ensure all required environment variables are set for SSO
+		"MQ_OIDC_CLIENT_SECRET",
-		requiredEnvVars = []string{
+		"MQ_OIDC_UNIQUE_USER_IDENTIFIER",
-			"MQ_OIDC_CLIENT_ID",
+		"MQ_OIDC_AUTHORIZATION_ENDPOINT",
-			"MQ_OIDC_CLIENT_SECRET",
+		"MQ_OIDC_TOKEN_ENDPOINT",
-			"MQ_OIDC_UNIQUE_USER_IDENTIFIER",
+		"MQ_OIDC_JWK_ENDPOINT",
-			"MQ_OIDC_AUTHORIZATION_ENDPOINT",
+		"MQ_OIDC_ISSUER_IDENTIFIER",
 			"MQ_OIDC_TOKEN_ENDPOINT",
 			"MQ_OIDC_JWK_ENDPOINT",
 			"MQ_OIDC_ISSUER_IDENTIFIER",
 		}
 	} else {
 		// Ensure all required environment variables are set for Zen SSO
 		requiredEnvVars = []string{
 			"MQ_ZEN_UNIQUE_USER_IDENTIFIER",
 			"MQ_ZEN_INTERNAL_ENDPOINT",
 			"MQ_ZEN_ISSUER_IDENTIFIER",
 			"MQ_ZEN_AUDIENCES",
 			"MQ_ZEN_CONTEXT_NAME",
 			"MQ_ZEN_BASE_URI",
 			"MQ_ZEN_CONTEXT_NAMESPACE",
 			"IAM_URL",
 		}
 	}
 	for _, envVar := range requiredEnvVars {
 		if len(os.Getenv(envVar)) == 0 {
--- a/config.env
+++ b/config.env
@@ -1,6 +0,0 @@
 ###########################################################################################################################################################
 # MQ_VERSION is the fully qualified MQ version number to build
 MQ_VERSION ?= 9.3.1.1
 ###########################################################################################################################################################
--- a/docs/building.md
+++ b/docs/building.md
@@ -4,40 +4,33 @@
 You need to have the following tools installed:
-* [Docker](https://www.docker.com/) 17.06.1 or later, or [Podman](https://podman.io) 1.0 or later (Podman 4.1 on macOS).  If using Podman on macOS, the you need to be in "rootful" mode to allow the use of a network during builds.  Run `podman machine init --rootful`.
+* [Docker](https://www.docker.com/) V17.06.1 or later, or [Podman](https://podman.io) V1.0 or later
 * [GNU make](https://www.gnu.org/software/make/)
 If you are working in the Windows Subsystem for Linux, follow [this guide by Microsoft to set up Docker](https://blogs.msdn.microsoft.com/commandline/2017/12/08/cross-post-wsl-interoperability-with-docker/) first.
 You will also need a [Red Hat Account](https://access.redhat.com) to be able to access the Red Hat Registry. 
 ## Building a production image
-From MQ 9.2.X, the MQ container adds support for MQ Long Term Support (LTS) **production licensed** releases.
+This procedure works for building the MQ Continuous Delivery release, on `amd64`, `ppc64le` and `s390x` architectures.
 ### Building MQ 9.3 Long Term Support (LTS) and Continuous Delivery (CD)
 **Note**: MQ 9.3 is the latest MQ version with MQ Long Term Support (LTS), as well as being the latest Continuous Delivery (CD) version.
 The procedure below is for building the 9.3 release, on `amd64`, `ppc64le` and `s390x` architectures.
 1. Create a `downloads` directory in the root of this repository
-2. Download MQ from [IBM Passport Advantage](https://www.ibm.com/software/passportadvantage/). Identify the correct 'Long Term Support Release for Containers' eImage part number for your architecture from the 9.3.0 LTS tab at https://www.ibm.com/support/pages/downloading-ibm-mq-930
+2. Download MQ from [IBM Passport Advantage](https://www.ibm.com/software/passportadvantage/) or [IBM Fix Central](https://www.ibm.com/support/fixcentral), and place the downloaded file (for example, `IBM_MQ_9.2.0_LINUX_X86-64_NOINST.tar.gz`) in the `downloads` directory
-3. Ensure the `tar.gz` file is in the `downloads` directory
+3. Login to the Red Hat Registry: `docker login registry.redhat.io` using your Customer Portal credentials.
 4. Run `make build-advancedserver`
 > **Warning**: Note that from MQ 9.2.X, the MQ container build uses a 'No-Install' MQ Package, available under `IBM MQ V9.2.x Continuous Delivery Release components eAssembly, part no. CJ7CNML`
 If you have an MQ archive file with a different file name, you can specify a particular file (which must be in the `downloads` directory).  You should also specify the MQ version, so that the resulting image is tagged correctly, for example:
 ```bash
 MQ_ARCHIVE=mq-1.2.3.4.tar.gz MQ_VERSION=1.2.3.4 make build-advancedserver
 ```
 ### Building previous MQ Long Term Support (LTS)
 **Note**: MQ 9.3 is the latest MQ version with MQ Long Term Support (LTS), as well as being the latest Continuous Delivery (CD) version. Therefore, to build build 9.3.0.X, follow the [instructions above for MQ 9.3](#building-mq-93-long-term-support-lts-and-continuous-delivery-cd).
 However, if you wish to build the previous MQ LTS, use the [instructions](https://github.ibm.com/mq-cloudpak/mq-container/blob/v9.2.0.x-eus/docs/building.md#mq-long-term-support-lts) in the `v9.2.0.x-eus` branch.
 ## Building a developer image
 Login to the Red Hat Registry: `docker login registry.redhat.io` using your Customer Portal credentials.
 Run `make build-devserver`, which will download the latest version of MQ Advanced for Developers from IBM developerWorks.  This is currently only available on the `amd64` architecture.
 You can use the environment variable `MQ_ARCHIVE_DEV` to specify an alternative local file to install from (which must be in the `downloads` directory).
--- a/docs/developer-config.md
+++ b/docs/developer-config.md
@@ -34,7 +34,7 @@ Two channels are created, one for administration, the other for normal messaging
 ## Web Console
-By default the MQ Advanced for Developers image will start the IBM MQ Web Console that allows you to administer your Queue Manager running on your container. When the web console has been started, you can access it by opening a web browser and navigating to `https://<Container IP>:9443/ibmmq/console`. Where `<Container IP>` is replaced by the IP address of your running container.
+By default the MQ Advanced for Developers image will start the IBM MQ Web Console that allows you to administer your Queue Manager running on your container. When the web console has been started, you can access it by opening a web browser and navigating to https://<Container IP>:9443/ibmmq/console. Where <Container IP> is replaced by the IP address of your running container.
 When you navigate to this page you may be presented with a security exception warning. This happens because, by default, the web console creates a self-signed certificate to use for the HTTPS operations. This certificate is not trusted by your browser and has an incorrect distinguished name.
--- a/docs/internals.md
+++ b/docs/internals.md
@@ -11,7 +11,6 @@ The resulting Docker image contains the following:
   - `runmqdevserver` - The main process for MQ Advanced for Developers
   - `chkmqhealthy` - Checks the health of the queue manager.  This can be used by (say) a Kubernetes liveness probe.
   - `chkmqready` - Checks if the queue manager is ready for work.  This can be used by (say) a Kubernetes readiness probe.
   - `chkmqstarted` - Checks if the queue manager has successfully started.  This can be used by (say) a Kubernetes startup probe.
 ## runmqserver
 The `runmqserver` command has the following responsibilities:
--- a/docs/pluggable-connauth.md
+++ b/docs/pluggable-connauth.md
@@ -24,6 +24,6 @@ Use an administrative tool or your application to connect to queue manager using
 #### Troubleshooting
-A log file named `mqhtpass.log` is generated under `/var/mqm/errors` directory path of the container.  This file will contain all the failed connection authentication requests.  Additional information is logged to this file if the environment variable `DEBUG` is set to `true`.
+A log file named `amqpasdev.log` is generated under `/var/mqm/errors` directory path of the container.  This file will contain all the failed connection authentication requests.
-**Please note**: This log file will be wiped when the queue manager is next started.
+**Please note**: This log file is based on circular logging and the maximum size is restricted to 1MB.
--- a/docs/security.md
+++ b/docs/security.md
@@ -16,5 +16,20 @@ docker run \
  --env LICENSE=accept \
  --env MQ_QMGR_NAME=QM1 \
  --detach \
-  ibm-mqadvanced-server:9.3.1.1-amd64
+  ibm-mqadvanced-server:9.2.0.0-amd64
 ```
 The MQ Advanced for Developers image does require the "chown", "setuid", "setgid" and "audit_write" capabilities (plus "dac_override" if you're using an image based on Red Hat Enterprise Linux).  This is because it uses the "sudo" command to change passwords inside the container.  For example, in Docker, you could do the following:
 ```sh
 docker run \
  --cap-drop=ALL \
  --cap-add=CHOWN \
  --cap-add=SETUID \
  --cap-add=SETGID \
  --cap-add=AUDIT_WRITE \
  --env LICENSE=accept \
  --env MQ_QMGR_NAME=QM1 \
  --detach \
  ibm-mqadvanced-server-dev:9.2.0.0-amd64
 ```
--- a/docs/testing.md
+++ b/docs/testing.md
@@ -2,9 +2,10 @@
 ## Prerequisites
 You need to ensure you have the following tools installed:
-* [Docker](https://www.docker.com/) 19.03 or higher (API version 1.40)
+* [Docker](https://www.docker.com/)
 * [GNU make](https://www.gnu.org/software/make/)
 * [Go](https://golang.org/) - only needed for running the tests
 * [dep](https://github.com/golang/dep) (official Go dependency management tool) - needed to prepare for running the tests
 ## Running the tests
 There are two main sets of tests:
@@ -13,18 +14,18 @@ There are two main sets of tests:
 2. Docker tests, which test a complete Docker image, using the Docker API
 ### Running the Docker tests
-
+ 
 The Docker tests can be run locally on a machine with Docker. For example:
 ```
-make test-devserver
+make devserver
-make test-advancedserver
+make advancedserver
 ```
 You can specify the image to use directly by using the `MQ_IMAGE_ADVANCEDSERVER` or `MQ_IMAGE_DEVSERVER` variables, for example:
 ```
-MQ_IMAGE_ADVANCEDSERVER=ibm-mqadvanced-server:9.3.1.1-amd64 make test-advancedserver
+MQ_IMAGE_ADVANCEDSERVER=ibm-mqadvanced-server:9.2.0.0-amd64 make test-advancedserver
 ```
 You can pass parameters to `go test` with an environment variable.  For example, to run the "TestGoldenPath" test, run the following command:
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -14,7 +14,7 @@ docker run \
  --publish 1414:1414 \
  --publish 9443:9443 \
  --detach \
-  icr.io/ibm-messaging/mq
+  ibmcom/mq
 ```
 ## Running with the default configuration and a volume
@@ -34,7 +34,7 @@ docker run \
  --publish 9443:9443 \
  --detach \
  --volume qm1data:/mnt/mqm \
-  icr.io/ibm-messaging/mq
+  ibmcom/mq
 ```
 The Docker image always uses `/mnt/mqm` for MQ data, which is correctly linked for you under `/var/mqm` at runtime.  This is to handle problems with file permissions on some platforms.
@@ -51,7 +51,7 @@ docker run \
  --publish 9443:9443 \
  --publish 9157:9157 \
  --detach \
-  icr.io/ibm-messaging/mq
+  ibmcom/mq
 ```
 ## Customizing the queue manager configuration
@@ -60,14 +60,14 @@ You can customize the configuration in several ways:
 1. For getting started, you can use the [default developer configuration](developer-config.md), which is available out-of-the-box for the MQ Advanced for Developers image
 2. By creating your own image and adding your own MQSC file into the `/etc/mqm` directory on the image.  This file will be run when your queue manager is created.
-3. By using [remote MQ administration](https://www.ibm.com/support/knowledgecenter/SSFKSJ_9.3.0/com.ibm.mq.adm.doc/q021090_.htm), via an MQ command server, the MQ HTTP APIs, or using a tool such as the MQ web console or MQ Explorer.
+3. By using [remote MQ administration](https://www.ibm.com/support/knowledgecenter/SSFKSJ_9.2.0/com.ibm.mq.adm.doc/q021090_.htm), via an MQ command server, the MQ HTTP APIs, or using a tool such as the MQ web console or MQ Explorer.
 Note that a listener is always created on port 1414 inside the container.  This port can be mapped to any port on the Docker host.
 The following is an *example* `Dockerfile` for creating your own pre-configured image, which adds a custom MQ configuration file:
 ```dockerfile
-FROM icr.io/ibm-messaging/mq
+FROM ibmcom/mq
 USER 1001
 COPY 20-config.mqsc /etc/mqm/
 ```
--- a/etc/mqm/qm-service-component.ini
+++ b/etc/mqm/qm-service-component.ini
@@ -1,7 +1,7 @@
 ServiceComponent:
    Service=AuthorizationService
    Name=Dev.HtpAuth.Service
-    Module=/opt/mqm/lib64/mqhtpass.so
+    Module=/opt/mqm/lib64/amqpasdev.so
    ComponentDataSize=0
 ServiceComponent:
   Service=AuthorizationService
--- a/go.mod
+++ b/go.mod
@@ -1,14 +0,0 @@
 module github.com/ibm-messaging/mq-container
 go 1.15
 require (
 	github.com/genuinetools/amicontained v0.4.3
 	github.com/ibm-messaging/mq-golang v2.0.0+incompatible
 	github.com/prometheus/client_golang v1.11.1
 	github.com/prometheus/client_model v0.2.0
 	github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
 	golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d
 	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1
 	software.sslmate.com/src/go-pkcs12 v0.0.0-20200830195227-52f69702a001
 )
--- a/go.sum
+++ b/go.sum
@@ -1,154 +0,0 @@
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/genuinetools/amicontained v0.4.3 h1:cqq9XiAHfWWY3dk8VU8bSJFu9yh8Il5coEdeTAPq72o=
 github.com/genuinetools/amicontained v0.4.3/go.mod h1:PAMZkg9CcUTa6gNyULQ6tOMTMEb2HTKJufvKeFqDw+o=
 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
 github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
 github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
 github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM=
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/ibm-messaging/mq-golang v2.0.0+incompatible h1:xAufRPYSzoRGaME2+x7LcW5+uvy/G3xL/3Sn3u+G/lY=
 github.com/ibm-messaging/mq-golang v2.0.0+incompatible/go.mod h1:qjsZDb7m1oKnbPeDma2JVJTKgyCA91I4bcJ1qHY+gcA=
 github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
 github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.1 h1:+4eQaD7vAZ6DsfsxB15hbE0odUjGI5ARs9yskGu1v4s=
 github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/common v0.26.0 h1:iMAkS2TDoNWnKM+Kopnx/8tnEStIfpYA0ur0xQzzhMQ=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.6.0 h1:mxy4L2jP6qMonqmq+aTtOx1ifVWUgG/TAmntgbh3xv4=
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
 github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 h1:kdXcSzyDtseVEc4yCz2qF8ZrQvIDBJLl4S1c3GCXmoI=
 github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d h1:sK3txAijHtOK88l68nt020reeT1ZdKLIYetKl95FzVY=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.26.0-rc.1 h1:7QnIQpGRHE5RnLKnESfDoxm2dTapTZua5a0kS0A+VXQ=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 software.sslmate.com/src/go-pkcs12 v0.0.0-20200830195227-52f69702a001 h1:AVd6O+azYjVQYW1l55IqkbL8/JxjrLtO6q4FCmV8N5c=
 software.sslmate.com/src/go-pkcs12 v0.0.0-20200830195227-52f69702a001/go.mod h1:/xvNRWUqm0+/ZMiF4EX00vrSCMsE4/NHb+Pt3freEeQ=
--- a/ha/native-ha.ini.tpl
+++ b/ha/native-ha.ini.tpl
@@ -1,18 +0,0 @@
 NativeHALocalInstance:
  Name={{ .Name }}
  {{ if .CertificateLabel }}
  CertificateLabel={{ .CertificateLabel }}
  KeyRepository={{ .KeyRepository }}
  {{ if .CipherSpec }}
  CipherSpec={{ .CipherSpec }}
  {{- end }}
  {{- end }}
 NativeHAInstance:
  Name={{ .NativeHAInstance0_Name }}
  ReplicationAddress={{ .NativeHAInstance0_ReplicationAddress }}
 NativeHAInstance:
  Name={{ .NativeHAInstance1_Name }}
  ReplicationAddress={{ .NativeHAInstance1_ReplicationAddress }}
 NativeHAInstance:
  Name={{ .NativeHAInstance2_Name }}
  ReplicationAddress={{ .NativeHAInstance2_ReplicationAddress }}
--- a/incubating/mqadvanced-server-dev/20-dev-tls.mqsc.tpl
+++ b/incubating/mqadvanced-server-dev/20-dev-tls.mqsc.tpl
@@ -1,4 +1,4 @@
-* © Copyright IBM Corporation 2018, 2022
+* © Copyright IBM Corporation 2018, 2019
 *
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,5 +14,5 @@
 * limitations under the License.
 * Set the cipherspec for dev channels
-ALTER CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12_OR_HIGHER) SSLCAUTH(OPTIONAL)
+ALTER CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12) SSLCAUTH(OPTIONAL)
-ALTER CHANNEL('DEV.ADMIN.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12_OR_HIGHER) SSLCAUTH(OPTIONAL)
+ALTER CHANNEL('DEV.ADMIN.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12) SSLCAUTH(OPTIONAL)
--- a/incubating/mqadvanced-server-dev/install-extra-packages.sh
+++ b/incubating/mqadvanced-server-dev/install-extra-packages.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # -*- mode: sh -*-
-# © Copyright IBM Corporation 2019, 2021
+# © Copyright IBM Corporation 2019
 #
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,17 +25,17 @@ test -f /usr/bin/apt-get && UBUNTU=true || UBUNTU=false
 if ($UBUNTU); then
    export DEBIAN_FRONTEND=noninteractive
    apt-get update
-    apt-get install -y --no-install-recommends libaprutil1
+    apt-get install -y --no-install-recommends sudo
    rm -rf /var/lib/apt/lists/*
 fi
 if ($YUM); then
-    yum -y install apr-util-openssl
+    yum -y install sudo
    yum -y clean all
    rm -rf /var/cache/yum/*
 fi
 if ($MICRODNF); then
-    microdnf --disableplugin=subscription-manager install apr-util-openssl
+    microdnf install sudo
-    microdnf --disableplugin=subscription-manager clean all
+    microdnf clean all
 fi
--- a/incubating/mqadvanced-server-dev/web/installations/Installation1/servers/mqweb/mqwebuser.xml
+++ b/incubating/mqadvanced-server-dev/web/installations/Installation1/servers/mqweb/mqwebuser.xml
@@ -36,9 +36,5 @@
    </basicRegistry>
    <variable name="httpHost" value="*"/>
    <variable name="managementMode" value="externallyprovisioned"/>
    <variable name="mqConsoleRemoteSupportEnabled" value="false"/>
    <variable name="mqConsoleEnableUnsafeInline" value="true"/>
    <jndiEntry jndiName="mqConsoleDefaultCCDTHostname" value="${env.MQ_CONSOLE_DEFAULT_CCDT_HOSTNAME}"/>
    <jndiEntry jndiName="mqConsoleDefaultCCDTPort" value="${env.MQ_CONSOLE_DEFAULT_CCDT_PORT}"/>
    <include location="tls.xml"/>
 </server>
--- a/install-build-deps.sh
+++ b/install-build-deps.sh
@@ -21,8 +21,6 @@ set -ex
 sudo curl -Lo /usr/local/bin/dep https://github.com/golang/dep/releases/download/v0.5.1/dep-linux-$ARCH
 sudo chmod +x /usr/local/bin/dep
 sudo apt-get update || :
 sudo apt-get install -y jq
-go install golang.org/x/lint/golint@latest
+go get -u golang.org/x/lint/golint
 curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $GOPATH/bin 2.0.0 || echo "Gosec not installed. Platform may not be supported."
--- a/install-mq-server-prereqs.sh
+++ b/install-mq-server-prereqs.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # -*- mode: sh -*-
-# © Copyright IBM Corporation 2015, 2022
+# © Copyright IBM Corporation 2015, 2020
 #
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,7 +22,6 @@ test -f /usr/bin/yum && YUM=true || YUM=false
 test -f /usr/bin/microdnf && MICRODNF=true || MICRODNF=false
 test -f /usr/bin/rpm && RPM=true || RPM=false
 test -f /usr/bin/apt-get && UBUNTU=true || UBUNTU=false
 CPU_ARCH=$(uname -m)
 if ($UBUNTU); then
  export DEBIAN_FRONTEND=noninteractive
@@ -30,7 +29,8 @@ if ($UBUNTU); then
  # This ensures no unsupported code gets installed, and makes the build faster
  source /etc/os-release
  # Figure out the correct apt URL based on the CPU architecture
-  if [ "${CPU_ARCH}" == "x86_64" ]; then
+  CPU_ARCH=$(uname -p)
  if [ ${CPU_ARCH} == "x86_64" ]; then
     APT_URL="http://archive.ubuntu.com/ubuntu/"
  else
     APT_URL="http://ports.ubuntu.com/ubuntu-ports/"
@@ -41,25 +41,32 @@ if ($UBUNTU); then
  echo "deb ${APT_URL} ${UBUNTU_CODENAME}-updates main restricted" >> /etc/apt/sources.list
  echo "deb ${APT_URL} ${UBUNTU_CODENAME}-security main restricted" >> /etc/apt/sources.list
  # Install additional packages required by MQ, this install process and the runtime scripts
  EXTRA_DEBS="bash bc ca-certificates coreutils curl debianutils file findutils gawk grep libc-bin mount passwd procps sed tar util-linux"
  # On ARM CPUs, there is no IBM JRE, so install another one
  if [ "${CPU_ARCH}" == "aarch64" ]; then
    EXTRA_DEBS="${EXTRA_DEBS} openjdk-8-jre"
  fi
  apt-get update
-  apt-get install -y --no-install-recommends ${EXTRA_DEBS}
+  apt-get install -y --no-install-recommends \
    bash \
    bc \
    ca-certificates \
    coreutils \
    curl \
    debianutils \
    file \
    findutils \
    gawk \
    grep \
    libc-bin \
    mount \
    passwd \
    procps \
    sed \
    tar \
    util-linux 
 fi
 if ($RPM); then
  EXTRA_RPMS="bash bc ca-certificates file findutils gawk glibc-common grep ncurses-compat-libs passwd procps-ng sed shadow-utils tar util-linux which"
  # On ARM CPUs, there is no IBM JRE, so install another one
  if [ "${CPU_ARCH}" == "aarch64" ]; then
    EXTRA_RPMS="${EXTRA_RPMS} java-1.8.0-openjdk-headless"
  fi
  # Install additional packages required by MQ, this install process and the runtime scripts
  $YUM && yum -y install --setopt install_weak_deps=false ${EXTRA_RPMS}
-  $MICRODNF && microdnf --disableplugin=subscription-manager install ${EXTRA_RPMS}
+  $MICRODNF && microdnf install ${EXTRA_RPMS}
 fi
 # Apply any bug fixes not included in base Ubuntu or MQ image.
@@ -71,4 +78,4 @@ $UBUNTU && apt-get install -y libapparmor1 libsystemd0 systemd systemd-sysv libu
 $UBUNTU && rm -rf /var/lib/apt/lists/*
 $YUM && yum -y clean all
 $YUM && rm -rf /var/cache/yum/*
-$MICRODNF && microdnf --disableplugin=subscription-manager clean all
+$MICRODNF && microdnf clean all
--- a/install-mq.sh
+++ b/install-mq.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # -*- mode: sh -*-
-# © Copyright IBM Corporation 2015, 2022
+# © Copyright IBM Corporation 2015, 2020
 #
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,11 +21,17 @@ set -ex
 test -f /usr/bin/rpm && RPM=true || RPM=false
 test -f /usr/bin/apt-get && UBUNTU=true || UBUNTU=false
 # Only install the SDK package as part of the build stage
 INSTALL_SDK=${INSTALL_SDK:-0}
 # Download and extract the MQ unzippable server
 DIR_TMP=/tmp/mq
 mkdir -p ${DIR_TMP}
 cd ${DIR_TMP}
-curl --fail --location $MQ_URL | tar --extract --gunzip
+curl -LO $MQ_URL
 tar -xzf ./*.tar.gz
 rm -f ./*.tar.gz
 ls -la ${DIR_TMP}
 # Generate MQ package in INSTALLATION_DIR
@@ -47,7 +53,7 @@ export genmqpkg_incmqxr=0
 export genmqpkg_incnls=1
 export genmqpkg_incras=1
 export genmqpkg_incsamp=1
-export genmqpkg_incsdk=0
+export genmqpkg_incsdk=$INSTALL_SDK
 export genmqpkg_inctls=1
 export genmqpkg_incunthrd=0
 export genmqpkg_incweb=1
@@ -91,8 +97,8 @@ $RPM && PAM_FILE=/etc/pam.d/password-auth
 sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' $PAM_FILE
 # List all the installed packages, for the build log
-$RPM && (rpm -q --all | sort) || true
+$RPM && rpm -q --all || true
-$UBUNTU && (dpkg --list | sort) || true
+$UBUNTU && dpkg --list || true
 #Update the license file to include UBI 8 instead of UBI 7
 sed -i 's/v7.0/v8.0/g' /opt/mqm/licenses/non_ibm_license.txt
--- a/internal/command/command.go
+++ b/internal/command/command.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -18,7 +18,6 @@ limitations under the License.
 package command
 import (
 	"context"
 	"fmt"
 	"os/exec"
 )
@@ -28,13 +27,9 @@ import (
 // Do not use this function to run shell built-ins (like "cd"), because
 // the error handling works differently
 func Run(name string, arg ...string) (string, int, error) {
 	return RunContext(context.Background(), name, arg...)
 }
 func RunContext(ctx context.Context, name string, arg ...string) (string, int, error) {
 	// Run the command and wait for completion
 	// #nosec G204
-	cmd := exec.CommandContext(ctx, name, arg...)
+	cmd := exec.Command(name, arg...)
 	out, err := cmd.CombinedOutput()
 	rc := cmd.ProcessState.ExitCode()
 	if err != nil {
--- a/internal/ha/ha.go
+++ b/internal/ha/ha.go
@@ -1,68 +0,0 @@
 /*
 © Copyright IBM Corporation 2020, 2021
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 // Package ha contains code for high availability
 package ha
 import (
 	"os"
 	"github.com/ibm-messaging/mq-container/internal/mqtemplate"
 	"github.com/ibm-messaging/mq-container/internal/tls"
 	"github.com/ibm-messaging/mq-container/pkg/logger"
 )
 // ConfigureNativeHA configures native high availability
 func ConfigureNativeHA(log *logger.Logger) error {
 	file := "/etc/mqm/native-ha.ini"
 	templateFile := file + ".tpl"
 	templateMap := map[string]string{}
 	templateMap["Name"] = os.Getenv("HOSTNAME")
 	templateMap["NativeHAInstance0_Name"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_0_NAME")
 	templateMap["NativeHAInstance1_Name"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_1_NAME")
 	templateMap["NativeHAInstance2_Name"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_2_NAME")
 	templateMap["NativeHAInstance0_ReplicationAddress"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_0_REPLICATION_ADDRESS")
 	templateMap["NativeHAInstance1_ReplicationAddress"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_1_REPLICATION_ADDRESS")
 	templateMap["NativeHAInstance2_ReplicationAddress"] = os.Getenv("MQ_NATIVE_HA_INSTANCE_2_REPLICATION_ADDRESS")
 	if os.Getenv("MQ_NATIVE_HA_TLS") == "true" {
 		keyLabel, _, _, err := tls.ConfigureHATLSKeystore()
 		if err != nil {
 			return err
 		}
 		templateMap["CertificateLabel"] = keyLabel
 		keyRepository, ok := os.LookupEnv("MQ_NATIVE_HA_KEY_REPOSITORY")
 		if !ok {
 			keyRepository = "/run/runmqserver/ha/tls/key"
 		}
 		templateMap["KeyRepository"] = keyRepository
 		cipherSpec, ok := os.LookupEnv("MQ_NATIVE_HA_CIPHERSPEC")
 		if ok {
 			templateMap["CipherSpec"] = cipherSpec
 		}
 	}
 	err := mqtemplate.ProcessTemplateFile(templateFile, file, templateMap, log)
 	if err != nil {
 		return err
 	}
 	return nil
 }
--- a/internal/htpasswd/htpasswd.go
+++ b/internal/htpasswd/htpasswd.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2020, 2021
+© Copyright IBM Corporation 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -110,3 +110,44 @@ func (htpfile mapHtPasswd) updateHtPasswordFile(isTest bool) error {
 	}
 	return ioutil.WriteFile(file, htpfile.GetBytes(), 0660)
 }
 // AuthenticateUser verifies if the given user password match with htpasswrd
 func AuthenticateUser(user string, password string, isTest bool) (bool, bool, error) {
 	passwords := mapHtPasswd(map[string]string{})
 	if len(strings.TrimSpace(user)) == 0 || len(strings.TrimSpace(password)) == 0 {
 		return false, false, fmt.Errorf("UserId or Password are empty")
 	}
 	err := passwords.ReadHtPasswordFile(isTest)
 	if err != nil {
 		return false, false, err
 	}
 	ok := false
 	value, found := passwords[user]
 	if !found {
 		return found, ok, fmt.Errorf("User not found in the mq.htpasswd file")
 	}
 	err = bcrypt.CompareHashAndPassword([]byte(value), []byte(password))
 	return found, err == nil, err
 }
 // ValidateUser validates the given user
 func ValidateUser(user string, isTest bool) (bool, error) {
 	passwords := mapHtPasswd(map[string]string{})
 	if len(strings.TrimSpace(user)) == 0 {
 		return false, fmt.Errorf("Userid is empty for AuthenticateUser")
 	}
 	err := passwords.ReadHtPasswordFile(isTest)
 	if err != nil {
 		return false, err
 	}
 	_, found := passwords[strings.TrimSpace(user)]
 	return found, nil
 }
--- a/internal/htpasswd/htpasswd_test.go
+++ b/internal/htpasswd/htpasswd_test.go
@@ -0,0 +1,62 @@
 /*
 © Copyright IBM Corporation 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package htpasswd
 import (
 	"testing"
 )
 // TestCheckUser verifies Htpassword's use
 func TestCheckUser(t *testing.T) {
 	err := SetPassword("guest", "guestpw", true)
 	if err != nil {
 		t.Fatalf("htpassword test failed due to error:%s\n", err.Error())
 	}
 	found, ok, err := AuthenticateUser("guest", "guestpw", true)
 	if err != nil {
 		t.Fatalf("htpassword test1 failed as user could not be found:%s\n", err.Error())
 	}
 	if found == false || ok == false {
 		t.Fatalf("htpassword test1 failed as user could not be found:%v, ok:%v\n", found, ok)
 	}
 	found, ok, err = AuthenticateUser("myguest", "guestpw", true)
 	if err == nil {
 		t.Fatalf("htpassword test2 failed as no error received for non-existing user\n")
 	}
 	if found == true || ok == true {
 		t.Fatalf("htpassword test2 failed for non-existing user found :%v, ok:%v\n", found, ok)
 	}
 	found, ok, err = AuthenticateUser("guest", "guest", true)
 	if err == nil {
 		t.Fatalf("htpassword test3 failed as incorrect password of user did not return error\n")
 	}
 	if found == false || ok == true {
 		t.Fatalf("htpassword test3 failed for existing user with incorrect passwored found :%v, ok:%v\n", found, ok)
 	}
 	found, err = ValidateUser("guest", true)
 	if err != nil || found == false {
 		t.Fatalf("htpassword test4 failed as user could not be found:%v, ok:%v\n", found, ok)
 	}
 	found, err = ValidateUser("myguest", true)
 	if err != nil || found == true {
 		t.Fatalf("htpassword test5 failed as non-existing user returned to be found:%v, ok:%v\n", found, ok)
 	}
 }
--- a/internal/htpasswd/my.htpasswd
+++ b/internal/htpasswd/my.htpasswd
@@ -0,0 +1 @@
 guest:$2y$05$ifFP0nCmFed6.m4iB9CHRuHFps2YeeuwopmOvszWt0GRnN59p8qxW
--- a/internal/keystore/keystore.go
+++ b/internal/keystore/keystore.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -171,8 +171,8 @@ func (ks *KeyStore) GetCertificateLabels() ([]string, error) {
 	var labels []string
 	for scanner.Scan() {
 		s := scanner.Text()
-		if strings.HasPrefix(s, "-") || strings.HasPrefix(s, "*-") || strings.HasPrefix(s, "!") {
+		if strings.HasPrefix(s, "-") || strings.HasPrefix(s, "*-") {
-			s := strings.TrimLeft(s, "-*!")
+			s := strings.TrimLeft(s, "-*")
 			labels = append(labels, strings.TrimSpace(s))
 		}
 	}
--- a/internal/metrics/metrics.go
+++ b/internal/metrics/metrics.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -23,10 +23,9 @@ import (
 	"net/http"
 	"time"
 	"github.com/ibm-messaging/mq-container/internal/ready"
 	"github.com/ibm-messaging/mq-container/pkg/logger"
 	"github.com/ibm-messaging/mq-container/internal/ready"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 )
 const (
@@ -43,7 +42,7 @@ func GatherMetrics(qmName string, log *logger.Logger) {
 	// If running in standby mode - wait until the queue manager becomes active
 	for {
-		active, _ := ready.IsRunningAsActiveQM(context.Background(), qmName)
+		active, _ := ready.IsRunningAsActiveQM(qmName)
 		if active {
 			break
 		}
@@ -84,7 +83,7 @@ func startMetricsGathering(qmName string, log *logger.Logger) error {
 	}
 	// Setup HTTP server to handle requests from Prometheus
-	http.Handle("/metrics", promhttp.Handler())
+	http.Handle("/metrics", prometheus.Handler())
 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(200)
 		// #nosec G104
--- a/internal/mqversion/mqversion.go
+++ b/internal/mqversion/mqversion.go
@@ -1,51 +0,0 @@
 /*
 © Copyright IBM Corporation 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package mqversion
 import (
 	"fmt"
 	"strings"
 	"github.com/ibm-messaging/mq-container/internal/command"
 )
 // Get will return the current MQ version
 func Get() (string, error) {
 	mqVersion, _, err := command.Run("dspmqver", "-b", "-f", "2")
 	if err != nil {
 		return "", fmt.Errorf("Error Getting MQ version: %v", err)
 	}
 	return strings.TrimSpace(mqVersion), nil
 }
 // Compare returns an integer comparing two MQ version strings lexicographically. The result will be 0 if currentVersion==checkVersion, -1 if currentVersion < checkVersion, and +1 if currentVersion > checkVersion
 func Compare(checkVersion string) (int, error) {
 	currentVersion, err := Get()
 	if err != nil {
 		return 0, err
 	}
 	// trim any suffix from MQ version x.x.x.x
 	currentVersion = currentVersion[0:7]
 	if currentVersion < checkVersion {
 		return -1, nil
 	} else if currentVersion == checkVersion {
 		return 0, nil
 	} else if currentVersion > checkVersion {
 		return 1, nil
 	}
 	return 0, fmt.Errorf("Failed to compare MQ versions")
 }
--- a/internal/mqversion/mqversion_test.go
+++ b/internal/mqversion/mqversion_test.go
@@ -1,55 +0,0 @@
 /*
 © Copyright IBM Corporation 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package mqversion
 import "testing"
 func TestCompareLower(t *testing.T) {
 	checkVersion := "9.9.9.9"
 	mqVersionCheck, err := Compare(checkVersion)
 	if err != nil {
 		t.Fatalf("Failed to compare MQ versions: %v", err)
 	}
 	if mqVersionCheck != -1 {
 		t.Errorf("MQ version compare result failed. Expected -1, Got %v", mqVersionCheck)
 	}
 }
 func TestCompareHigher(t *testing.T) {
 	checkVersion := "1.1.1.1"
 	mqVersionCheck, err := Compare(checkVersion)
 	if err != nil {
 		t.Fatalf("Failed to compare MQ versions: %v", err)
 	}
 	if mqVersionCheck != 1 {
 		t.Errorf("MQ version compare result failed. Expected 1, Got %v", mqVersionCheck)
 	}
 }
 func TestCompareEqual(t *testing.T) {
 	checkVersion, err := Get()
 	if err != nil {
 		t.Fatalf("Failed to get current MQ version: %v", err)
 	}
 	mqVersionCheck, err := Compare(checkVersion)
 	if err != nil {
 		t.Fatalf("Failed to compare MQ versions: %v", err)
 	}
 	if mqVersionCheck != 0 {
 		t.Errorf("MQ version compare result failed. Expected 0, Got %v", mqVersionCheck)
 	}
 }
--- a/internal/qmgrauth/pas.go
+++ b/internal/qmgrauth/pas.go
@@ -0,0 +1,299 @@
 /*
 © Copyright IBM Corporation 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 //This is a developer only configuration and not recommended for production usage.
 package main
 /*
 #cgo !windows CFLAGS: -I/opt/mqm/lib64 -D_REENTRANT
 #cgo !windows,!darwin LDFLAGS: -L/opt/mqm/lib64 -lmqm_r -Wl,-rpath,/opt/mqm/lib64 -Wl,-rpath,/usr/lib64
 #cgo darwin   LDFLAGS:         -L/opt/mqm/lib64 -lmqm_r -Wl,-rpath,/opt/mqm/lib64 -Wl,-rpath,/usr/lib64
 #cgo  windows CFLAGS:  -I"C:/Program Files/IBM/MQ/Tools/c/include"
 #cgo windows LDFLAGS: -L "C:/Program Files/IBM/MQ/bin64" -lmqm
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <cmqc.h>
 #include <cmqxc.h>
 #include <cmqzc.h>
 #include <cmqec.h>
 #include <time.h>
 static MQZ_INIT_AUTHORITY           PASStart;
 static MQZ_AUTHENTICATE_USER        OAAuthUser;
 static MQZ_FREE_USER                OAFreeUser;
 static MQZ_TERM_AUTHORITY           OATermAuth;
 extern int Authenticate(char *, char *);
 extern int CheckAuthority(char *);
 static char *OAEnvStr(MQLONG);
 static void FindSize();
 static void PrintDateTime();
 static FILE *fp = NULL;
 static int primary_process = 0;
 static void MQENTRY PASStart(
  MQHCONFIG hc,
  MQLONG    Options,
  MQCHAR48   QMgrName,
  MQLONG    ComponentDataLength,
  PMQBYTE   ComponentData,
  PMQLONG   Version,
  PMQLONG   pCompCode,
  PMQLONG   pReason) {
  MQLONG CC       = MQCC_OK;
  MQLONG Reason   = MQRC_NONE;
  if ((Options & MQZIO_PRIMARY) == MQZIO_PRIMARY)
    primary_process = 1;
  fp=fopen("/var/mqm/errors/amqpasdev.log","a");
  if (CC == MQCC_OK)
    hc->MQZEP_Call(hc, MQZID_INIT_AUTHORITY,(PMQFUNC)PASStart,&CC,&Reason);
  if (CC == MQCC_OK)
    hc->MQZEP_Call(hc,MQZID_TERM_AUTHORITY,(PMQFUNC)OATermAuth,&CC,&Reason);
  if (CC == MQCC_OK)
    hc->MQZEP_Call(hc,MQZID_AUTHENTICATE_USER,(PMQFUNC)OAAuthUser,&CC,&Reason);
  if (CC == MQCC_OK)
    hc->MQZEP_Call(hc,MQZID_FREE_USER,(PMQFUNC)OAFreeUser,&CC,&Reason);
  *Version   = MQZAS_VERSION_5;
  *pCompCode = CC;
  *pReason   = Reason;
  PrintDateTime();
  fprintf(fp, "Pluggable OAM Initialized.\n");
  fprintf(fp, "THIS IS A DEVELOPER ONLY CONFIGURATION AND NOT RECOMMENDED FOR PRODUCTION USAGE");
  return;
 }
 static char *authuserfmt =
  "\tUser    : \"%12.12s\"\n"\
  "\tEffUser : \"%12.12s\"\n"\
  "\tAppName : \"%28.28s\"\n"\
  "\tApIdDt  : \"%32.32s\"\n"\
  "\tEnv     : \"%s\"\n"\
  "\tApp Pid : %d\n"\
  "\tApp Tid : %d\n"\
  ;
 static void MQENTRY OAAuthUser (
     PMQCHAR  pQMgrName,
     PMQCSP   pSecurityParms,
     PMQZAC   pApplicationContext,
     PMQZIC   pIdentityContext,
     PMQPTR   pCorrelationPtr,
     PMQBYTE  pComponentData,
     PMQLONG  pContinuation,
     PMQLONG  pCompCode,
     PMQLONG  pReason)
 {
  char *spuser = NULL;
  char *sppass = NULL;
  int gorc = MQRC_NOT_AUTHORIZED;
  if ((pSecurityParms->CSPUserIdLength) > 0) {
    //Grab the user creds from csp.
    spuser = malloc(pSecurityParms->CSPUserIdLength+1);
    strncpy(spuser,pSecurityParms->CSPUserIdPtr,pSecurityParms->CSPUserIdLength);
    spuser[pSecurityParms->CSPUserIdLength]=0;
    sppass =  malloc(pSecurityParms->CSPPasswordLength+1);
    strncpy(sppass,pSecurityParms->CSPPasswordPtr,pSecurityParms->CSPPasswordLength);
    sppass[pSecurityParms->CSPPasswordLength]=0;
    gorc = Authenticate(spuser,sppass);
    if (gorc == MQRC_NONE) {
      *pCompCode = MQCC_OK;
      *pReason = MQRC_NONE;
      *pContinuation = MQZCI_CONTINUE;
      memcpy( pIdentityContext->UserIdentifier
        , spuser
        , sizeof(pIdentityContext->UserIdentifier) );
    } else {
      *pCompCode = MQCC_WARNING;
      *pReason = MQRC_NONE;
      *pContinuation = MQZCI_CONTINUE;
      //we print to error file only if error'd
      PrintDateTime();
      if (fp) {
        fprintf(fp, authuserfmt,
          pIdentityContext->UserIdentifier,
          pApplicationContext->EffectiveUserID,
          pApplicationContext->ApplName,
          pIdentityContext->ApplIdentityData,
          OAEnvStr(pApplicationContext->Environment),
          pApplicationContext->ProcessId,
          pApplicationContext->ThreadId);
          fprintf(fp,"\tCSP UserId  : %s\n", spuser);
          fprintf(fp,"\tCSP Password : %s\n", "****..");
          fprintf(fp,"\tPAS-Compcode:%d\n",*pCompCode);
          fprintf(fp,"\tPAS-Reasoncode:%d\n",*pReason);
      }
    }
    free(spuser);
    free(sppass);
  } else {
    //this is only a normal UID authentication.
    spuser = malloc(sizeof(PMQCHAR12));
    strncpy(spuser,pApplicationContext->EffectiveUserID,strlen(pApplicationContext->EffectiveUserID));
    spuser[sizeof(PMQCHAR12)]=0;
    gorc = CheckAuthority(spuser);
    if (gorc == MQRC_NONE){
        *pCompCode = MQCC_OK;
        *pReason = MQRC_NONE;
        *pContinuation = MQZCI_CONTINUE;
        memcpy( pIdentityContext->UserIdentifier
                , spuser
                , sizeof(pIdentityContext->UserIdentifier) );
    } else {
        *pCompCode = MQCC_WARNING;
        *pReason = MQRC_NONE;
        *pContinuation = MQZCI_CONTINUE;
        //we print only if error'd
        PrintDateTime();
        if (fp)
        {
          fprintf(fp, authuserfmt,
 	        pIdentityContext->UserIdentifier,
 	        pApplicationContext->EffectiveUserID,
 	        pApplicationContext->ApplName,
 	        pIdentityContext->ApplIdentityData,
 	        OAEnvStr(pApplicationContext->Environment),
 	        pApplicationContext->ProcessId,
 	        pApplicationContext->ThreadId
 	        );
          fprintf(fp,"\tUID  : %s\n", spuser);
          fprintf(fp,"\tPAS-Compcode:%d\n",*pCompCode);
          fprintf(fp,"\tPAS-Reasoncode:%d\n",*pReason);
        }
    }
  }
  return;
 }
 static void MQENTRY OAFreeUser (
     PMQCHAR  pQMgrName,
     PMQZFP   pFreeParms,
     PMQBYTE  pComponentData,
     PMQLONG  pContinuation,
     PMQLONG  pCompCode,
     PMQLONG  pReason)
 {
  *pCompCode = MQCC_WARNING;
  *pReason   = MQRC_NONE;
  *pContinuation = MQZCI_CONTINUE;
  return;
 }
 static void MQENTRY OATermAuth(
  MQHCONFIG  hc,
  MQLONG     Options,
  PMQCHAR    pQMgrName,
  PMQBYTE    pComponentData,
  PMQLONG    pCompCode,
  PMQLONG    pReason)
 {
  if ((primary_process) && ((Options & MQZTO_PRIMARY) == MQZTO_PRIMARY) ||
 	                   ((Options & MQZTO_SECONDARY) == MQZTO_SECONDARY))
  {
    if (fp)
    {
      fclose(fp);
      fp = NULL;
    }
  }
  *pCompCode = MQCC_OK;
  *pReason   = MQRC_NONE;
 }
 static void PrintDateTime() {
  FindSize();
  struct tm *local;
    time_t t;
    t = time(NULL);
    local = localtime(&t);
    if (fp) {
      fprintf(fp, "-------------------------------------------------\n");
      fprintf(fp, "Local time: %s", asctime(local));
      local = gmtime(&t);
      fprintf(fp, "UTC time: %s", asctime(local));
    }
    return;
 }
 static char *OAEnvStr(MQLONG x)
 {
   switch (x)
   {
   case MQXE_OTHER:          return "Application";
   case MQXE_MCA:            return "Channel";
   case MQXE_MCA_SVRCONN:    return "Channel SvrConn";
   case MQXE_COMMAND_SERVER: return "Command Server";
   case MQXE_MQSC:           return "MQSC";
   default:                  return "Invalid Environment";
   }
 }
 static void FindSize()
 {
  int sz = 0;
  int prev=ftell(fp);
  fseek(fp, 0L, SEEK_END);
  sz=ftell(fp);
  //if log file size goes over 1mb, rewind it.
  if (sz > 1000000) {
    rewind(fp);
  } else {
    fseek(fp, prev, SEEK_SET);
  }
 }
 */
 import "C"
 import "github.com/ibm-messaging/mq-container/internal/htpasswd"
 //export MQStart
 func MQStart(hc C.MQHCONFIG, Options C.MQLONG, QMgrName C.PMQCHAR, ComponentDataLength C.MQLONG, ComponentData C.PMQBYTE, Version C.PMQLONG, pCompCode C.PMQLONG, pReason C.PMQLONG) {
 	C.PASStart(hc, Options, QMgrName, ComponentDataLength, ComponentData, Version, pCompCode, pReason)
 }
 //export Authenticate
 func Authenticate(x *C.char, y *C.char) C.int {
 	user := C.GoString(x)
 	pwd := C.GoString(y)
 	found, ok, err := htpasswd.AuthenticateUser(user, pwd, false)
 	if !found || !ok || err != nil {
 		return C.MQRC_UNKNOWN_OBJECT_NAME
 	}
 	return C.MQRC_NONE
 }
 //export CheckAuthority
 func CheckAuthority(x *C.char) C.int {
 	user := C.GoString(x)
 	found, err := htpasswd.ValidateUser(user, false)
 	if !found || err != nil {
 		return C.MQRC_UNKNOWN_OBJECT_NAME
 	}
 	return C.MQRC_NONE
 }
 func main() {}
--- a/internal/ready/ready.go
+++ b/internal/ready/ready.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -18,7 +18,6 @@ limitations under the License.
 package ready
 import (
 	"context"
 	"io/ioutil"
 	"os"
 	"strings"
@@ -68,22 +67,17 @@ func Check() (bool, error) {
 }
 // IsRunningAsActiveQM returns true if the queue manager is running in active mode
-func IsRunningAsActiveQM(ctx context.Context, name string) (bool, error) {
+func IsRunningAsActiveQM(name string) (bool, error) {
-	return isRunningQM(ctx, name, "(RUNNING)")
+	return isRunningQM(name, "(RUNNING)")
 }
 // IsRunningAsStandbyQM returns true if the queue manager is running in standby mode
-func IsRunningAsStandbyQM(ctx context.Context, name string) (bool, error) {
+func IsRunningAsStandbyQM(name string) (bool, error) {
-	return isRunningQM(ctx, name, "(RUNNING AS STANDBY)")
+	return isRunningQM(name, "(RUNNING AS STANDBY)")
 }
-// IsRunningAsReplicaQM returns true if the queue manager is running in replica mode
+func isRunningQM(name string, status string) (bool, error) {
-func IsRunningAsReplicaQM(ctx context.Context, name string) (bool, error) {
+	out, _, err := command.Run("dspmq", "-n", "-m", name)
 	return isRunningQM(ctx, name, "(REPLICA)")
 }
 func isRunningQM(ctx context.Context, name string, status string) (bool, error) {
 	out, _, err := command.RunContext(ctx, "dspmq", "-n", "-m", name)
 	if err != nil {
 		return false, err
 	}
--- a/internal/tls/tls.go
+++ b/internal/tls/tls.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2019, 2022
+© Copyright IBM Corporation 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -43,20 +43,14 @@ const cmsKeystoreName = "key.kdb"
 // p12TruststoreName is the name of the PKCS#12 Truststore
 const p12TruststoreName = "trust.p12"
-// keystoreDirDefault is the location for the default CMS Keystore & PKCS#12 Truststore
+// keystoreDir is the location for the CMS Keystore & PKCS#12 Truststore
-const keystoreDirDefault = "/run/runmqserver/tls/"
+const keystoreDir = "/run/runmqserver/tls/"
-// keystoreDirHA is the location for the HA CMS Keystore
+// keyDir is the location of the keys to import
-const keystoreDirHA = "/run/runmqserver/ha/tls/"
+const keyDir = "/etc/mqm/pki/keys"
-// keyDirDefault is the location of the default keys to import
+// trustDir is the location of the trust certificates to import
-const keyDirDefault = "/etc/mqm/pki/keys"
+const trustDir = "/etc/mqm/pki/trust"
 // keyDirHA is the location of the HA keys to import
 const keyDirHA = "/etc/mqm/ha/pki/keys"
 // trustDirDefault is the location of the trust certificates to import
 const trustDirDefault = "/etc/mqm/pki/trust"
 type KeyStoreData struct {
 	Keystore          *keystore.KeyStore
@@ -71,45 +65,28 @@ type P12KeyFiles struct {
 	Password  string
 }
-type TLSStore struct {
+// ConfigureTLSKeystores configures the CMS Keystore & PKCS#12 Truststore
-	Keystore   KeyStoreData
+func ConfigureTLSKeystores() (string, KeyStoreData, KeyStoreData, error) {
 	Truststore KeyStoreData
 }
-func configureTLSKeystores(keystoreDir, keyDir, trustDir string, p12TruststoreRequired bool, nativeTLSHA bool) (string, KeyStoreData, KeyStoreData, error) {
+	// Create the CMS Keystore & PKCS#12 Truststore
-	var keyLabel string
+	cmsKeystore, p12Truststore, err := generateAllKeystores()
 	// Create the CMS Keystore & PKCS#12 Truststore (if required)
 	tlsStore, err := generateAllKeystores(keystoreDir, p12TruststoreRequired, nativeTLSHA)
 	if err != nil {
-		return "", tlsStore.Keystore, tlsStore.Truststore, err
+		return "", cmsKeystore, p12Truststore, err
 	}
-	if tlsStore.Keystore.Keystore != nil {
+	// Process all keys - add them to the CMS KeyStore
-		// Process all keys - add them to the CMS KeyStore
+	keyLabel, err := processKeys(&cmsKeystore, &p12Truststore)
 		keyLabel, err = processKeys(&tlsStore, keystoreDir, keyDir)
 		if err != nil {
 			return "", tlsStore.Keystore, tlsStore.Truststore, err
 		}
 	}
 	// Process all trust certificates - add them to the CMS KeyStore & PKCS#12 Truststore (if required)
 	err = processTrustCertificates(&tlsStore, trustDir)
 	if err != nil {
-		return "", tlsStore.Keystore, tlsStore.Truststore, err
+		return "", cmsKeystore, p12Truststore, err
 	}
-	return keyLabel, tlsStore.Keystore, tlsStore.Truststore, err
+	// Process all trust certificates - add them to the CMS KeyStore & PKCS#12 Truststore
-}
+	err = processTrustCertificates(&cmsKeystore, &p12Truststore)
 	if err != nil {
 		return "", cmsKeystore, p12Truststore, err
 	}
-// ConfigureDefaultTLSKeystores configures the CMS Keystore & PKCS#12 Truststore
+	return keyLabel, cmsKeystore, p12Truststore, err
 func ConfigureDefaultTLSKeystores() (string, KeyStoreData, KeyStoreData, error) {
 	return configureTLSKeystores(keystoreDirDefault, keyDirDefault, trustDirDefault, true, false)
 }
 // ConfigureHATLSKeystore configures the CMS Keystore & PKCS#12 Truststore
 func ConfigureHATLSKeystore() (string, KeyStoreData, KeyStoreData, error) {
 	// *.crt files mounted to the HA TLS dir keyDirHA will be processed as trusted in the CMS keystore
 	return configureTLSKeystores(keystoreDirHA, keyDirHA, keyDirHA, false, true)
 }
 // ConfigureTLS configures TLS for the queue manager
@@ -117,18 +94,9 @@ func ConfigureTLS(keyLabel string, cmsKeystore KeyStoreData, devMode bool, log *
 	const mqsc string = "/etc/mqm/15-tls.mqsc"
 	const mqscTemplate string = mqsc + ".tpl"
 	sslKeyRing := ""
 	// Don't set SSLKEYR if no keys or crts are not supplied
 	// Key label will be blank if no certs were added during processing keys and certs.
 	if cmsKeystore.Keystore != nil {
 		certList, _ := cmsKeystore.Keystore.ListAllCertificates()
 		if len(certList) > 0 {
 			sslKeyRing = strings.TrimSuffix(cmsKeystore.Keystore.Filename, ".kdb")
 		}
 	}
 	err := mqtemplate.ProcessTemplateFile(mqscTemplate, mqsc, map[string]string{
-		"SSLKeyR":          sslKeyRing,
+		"SSLKeyR":          strings.TrimSuffix(cmsKeystore.Keystore.Filename, ".kdb"),
 		"CertificateLabel": keyLabel,
 	}, log)
 	if err != nil {
@@ -169,9 +137,8 @@ func configureTLSDev(log *logger.Logger) error {
 	return nil
 }
-// generateAllKeystores creates the CMS Keystore & PKCS#12 Truststore (if required)
+// generateAllKeystores creates the CMS Keystore & PKCS#12 Truststore
-func generateAllKeystores(keystoreDir string, p12TruststoreRequired bool, nativeTLSHA bool) (TLSStore, error) {
+func generateAllKeystores() (KeyStoreData, KeyStoreData, error) {
 	var cmsKeystore, p12Truststore KeyStoreData
 	// Generate a pasword for use with both the CMS Keystore & PKCS#12 Truststore
@@ -183,38 +150,28 @@ func generateAllKeystores(keystoreDir string, p12TruststoreRequired bool, native
 	// #nosec G301 - write group permissions are required
 	err := os.MkdirAll(keystoreDir, 0770)
 	if err != nil {
-		return TLSStore{cmsKeystore, p12Truststore}, fmt.Errorf("Failed to create Keystore directory: %v", err)
+		return cmsKeystore, p12Truststore, fmt.Errorf("Failed to create Keystore directory: %v", err)
 	}
-	// Search the default keys directory for any keys/certs.
+	// Create the CMS Keystore
-	keysDirectory := keyDirDefault
+	cmsKeystore.Keystore = keystore.NewCMSKeyStore(filepath.Join(keystoreDir, cmsKeystoreName), cmsKeystore.Password)
-	// Change to default native HA TLS directory if we are configuring nativeHA
+	err = cmsKeystore.Keystore.Create()
-	if nativeTLSHA {
+	if err != nil {
-		keysDirectory = keyDirHA
+		return cmsKeystore, p12Truststore, fmt.Errorf("Failed to create CMS Keystore: %v", err)
 	}
 	// Create the CMS Keystore if we have been provided keys and certificates
 	if haveKeysAndCerts(keysDirectory) || haveKeysAndCerts(trustDirDefault) {
 		cmsKeystore.Keystore = keystore.NewCMSKeyStore(filepath.Join(keystoreDir, cmsKeystoreName), cmsKeystore.Password)
 		err = cmsKeystore.Keystore.Create()
 		if err != nil {
 			return TLSStore{cmsKeystore, p12Truststore}, fmt.Errorf("Failed to create CMS Keystore: %v", err)
 		}
 	}
-	// Create the PKCS#12 Truststore (if required)
+	// Create the PKCS#12 Truststore
-	if p12TruststoreRequired {
+	p12Truststore.Keystore = keystore.NewPKCS12KeyStore(filepath.Join(keystoreDir, p12TruststoreName), p12Truststore.Password)
-		p12Truststore.Keystore = keystore.NewPKCS12KeyStore(filepath.Join(keystoreDir, p12TruststoreName), p12Truststore.Password)
+	err = p12Truststore.Keystore.Create()
-		err = p12Truststore.Keystore.Create()
+	if err != nil {
-		if err != nil {
+		return cmsKeystore, p12Truststore, fmt.Errorf("Failed to create PKCS#12 Truststore: %v", err)
 			return TLSStore{cmsKeystore, p12Truststore}, fmt.Errorf("Failed to create PKCS#12 Truststore: %v", err)
 		}
 	}
-	return TLSStore{cmsKeystore, p12Truststore}, nil
+	return cmsKeystore, p12Truststore, nil
 }
 // processKeys processes all keys - adding them to the CMS KeyStore
-func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string, error) {
+func processKeys(cmsKeystore, p12Truststore *KeyStoreData) (string, error) {
 	// Key label - will be set to the label of the first set of keys
 	keyLabel := ""
@@ -222,6 +179,7 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 	// Process all keys
 	keyList, err := ioutil.ReadDir(keyDir)
 	if err == nil && len(keyList) > 0 {
 		// Process each set of keys - each set should contain files: *.key & *.crt
 		for _, keySet := range keyList {
 			keys, _ := ioutil.ReadDir(filepath.Join(keyDir, keySet.Name()))
@@ -232,7 +190,7 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 			}
 			// Process private key (*.key)
-			privateKey, keyPrefix, err := processPrivateKey(keyDir, keySet.Name(), keys)
+			privateKey, keyPrefix, err := processPrivateKey(keySet.Name(), keys)
 			if err != nil {
 				return "", err
 			}
@@ -243,13 +201,13 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 			}
 			// Process certificates (*.crt) - public certificate & optional CA certificate
-			publicCertificate, caCertificate, err := processCertificates(keyDir, keySet.Name(), keyPrefix, keys, &tlsStore.Keystore, &tlsStore.Truststore)
+			publicCertificate, caCertificate, err := processCertificates(keySet.Name(), keyPrefix, keys, cmsKeystore, p12Truststore)
 			if err != nil {
 				return "", err
 			}
 			// Create a new PKCS#12 Keystore - containing private key, public certificate & optional CA certificate
-			file, err := pkcs.Encode(rand.Reader, privateKey, publicCertificate, caCertificate, tlsStore.Keystore.Password)
+			file, err := pkcs.Encode(rand.Reader, privateKey, publicCertificate, caCertificate, cmsKeystore.Password)
 			if err != nil {
 				return "", fmt.Errorf("Failed to encode PKCS#12 Keystore %s: %v", keySet.Name()+".p12", err)
 			}
@@ -259,13 +217,13 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 			}
 			// Import the new PKCS#12 Keystore into the CMS Keystore
-			err = tlsStore.Keystore.Keystore.Import(filepath.Join(keystoreDir, keySet.Name()+".p12"), tlsStore.Keystore.Password)
+			err = cmsKeystore.Keystore.Import(filepath.Join(keystoreDir, keySet.Name()+".p12"), cmsKeystore.Password)
 			if err != nil {
-				return "", fmt.Errorf("Failed to import keys from %s into CMS Keystore: %v", filepath.Join(keystoreDir, keySet.Name()+".p12"), err)
+				return "", fmt.Errorf("Failed tp import keys from %s into CMS Keystore: %v", filepath.Join(keystoreDir, keySet.Name()+".p12"), err)
 			}
 			// Relabel the certificate in the CMS Keystore
-			err = relabelCertificate(keySet.Name(), &tlsStore.Keystore)
+			err = relabelCertificate(keySet.Name(), cmsKeystore)
 			if err != nil {
 				return "", err
 			}
@@ -280,8 +238,8 @@ func processKeys(tlsStore *TLSStore, keystoreDir string, keyDir string) (string,
 	return keyLabel, nil
 }
-// processTrustCertificates processes all trust certificates - adding them to the CMS KeyStore & PKCS#12 Truststore (if required)
+// processTrustCertificates processes all trust certificates - adding them to the CMS KeyStore & PKCS#12 Truststore
-func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
+func processTrustCertificates(cmsKeystore, p12Truststore *KeyStoreData) error {
 	// Process all trust certiifcates
 	trustList, err := ioutil.ReadDir(trustDir)
@@ -307,17 +265,15 @@ func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
 						}
 						// Add to known certificates for the CMS Keystore
-						err = addToKnownCertificates(block, &tlsStore.Keystore, true)
+						err = addToKnownCertificates(block, cmsKeystore, true)
 						if err != nil {
 							return fmt.Errorf("Failed to add to know certificates for CMS Keystore")
 						}
-						if tlsStore.Truststore.Keystore != nil {
+						// Add to known certificates for the PKCS#12 Truststore
-							// Add to known certificates for the PKCS#12 Truststore
+						err = addToKnownCertificates(block, p12Truststore, true)
-							err = addToKnownCertificates(block, &tlsStore.Truststore, true)
+						if err != nil {
-							if err != nil {
+							return fmt.Errorf("Failed to add to know certificates for PKCS#12 Truststore")
 								return fmt.Errorf("Failed to add to know certificates for PKCS#12 Truststore")
 							}
 						}
 					}
 				}
@@ -325,17 +281,17 @@ func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
 		}
 	}
-	// Add all trust certificates to PKCS#12 Truststore (if required)
+	// Add all trust certificates to PKCS#12 Truststore
-	if tlsStore.Truststore.Keystore != nil && len(tlsStore.Truststore.TrustedCerts) > 0 {
+	if len(p12Truststore.TrustedCerts) > 0 {
-		err = addCertificatesToTruststore(&tlsStore.Truststore)
+		err = addCertificatesToTruststore(p12Truststore)
 		if err != nil {
 			return err
 		}
 	}
 	// Add all trust certificates to CMS Keystore
-	if len(tlsStore.Keystore.TrustedCerts) > 0 {
+	if len(cmsKeystore.TrustedCerts) > 0 {
-		err = addCertificatesToCMSKeystore(&tlsStore.Keystore)
+		err = addCertificatesToCMSKeystore(cmsKeystore)
 		if err != nil {
 			return err
 		}
@@ -345,7 +301,7 @@ func processTrustCertificates(tlsStore *TLSStore, trustDir string) error {
 }
 // processPrivateKey processes the private key (*.key) from a set of keys
-func processPrivateKey(keyDir string, keySetName string, keys []os.FileInfo) (interface{}, string, error) {
+func processPrivateKey(keySetName string, keys []os.FileInfo) (interface{}, string, error) {
 	var privateKey interface{}
 	keyPrefix := ""
@@ -380,7 +336,7 @@ func processPrivateKey(keyDir string, keySetName string, keys []os.FileInfo) (in
 }
 // processCertificates processes the certificates (*.crt) from a set of keys
-func processCertificates(keyDir string, keySetName, keyPrefix string, keys []os.FileInfo, cmsKeystore, p12Truststore *KeyStoreData) (*x509.Certificate, []*x509.Certificate, error) {
+func processCertificates(keySetName, keyPrefix string, keys []os.FileInfo, cmsKeystore, p12Truststore *KeyStoreData) (*x509.Certificate, []*x509.Certificate, error) {
 	var publicCertificate *x509.Certificate
 	var caCertificate []*x509.Certificate
@@ -428,12 +384,10 @@ func processCertificates(keyDir string, keySetName, keyPrefix string, keys []os.
 					return nil, nil, fmt.Errorf("Failed to add to know certificates for CMS Keystore")
 				}
-				if p12Truststore.Keystore != nil {
+				// Add to known certificates for the PKCS#12 Truststore
-					// Add to known certificates for the PKCS#12 Truststore
+				err = addToKnownCertificates(block, p12Truststore, true)
-					err = addToKnownCertificates(block, p12Truststore, true)
+				if err != nil {
-					if err != nil {
+					return nil, nil, fmt.Errorf("Failed to add to know certificates for PKCS#12 Truststore")
 						return nil, nil, fmt.Errorf("Failed to add to know certificates for PKCS#12 Truststore")
 					}
 				}
 				certificate, err := x509.ParseCertificate(block.Bytes)
@@ -620,23 +574,3 @@ func writeCertificatesToFile(file string, certificates []*pem.Block) error {
 	}
 	return nil
 }
 // Search the specified directory for .key and .crt files.
 // Return true if at least one .key or .crt file is found else false
 func haveKeysAndCerts(keyDir string) bool {
 	fileList, err := os.ReadDir(keyDir)
 	if err == nil && len(fileList) > 0 {
 		for _, fileInfo := range fileList {
 			// Keys and certs will be supplied in an user defined subdirectory.
 			// Do a listing of the subdirectory and then search for .key and .cert files
 			keys, _ := ioutil.ReadDir(filepath.Join(keyDir, fileInfo.Name()))
 			for _, key := range keys {
 				if strings.Contains(key.Name(), ".key") || strings.Contains(key.Name(), ".crt") {
 					// We found at least one key/crt file.
 					return true
 				}
 			}
 		}
 	}
 	return false
 }
--- a/internal/tls/tls_web.go
+++ b/internal/tls/tls_web.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2019, 2021
+© Copyright IBM Corporation 2019, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -60,11 +60,12 @@ func ConfigureWebKeystore(p12Truststore KeyStoreData, webKeystore string) (strin
 	if webKeystore == "" {
 		webKeystore = webKeystoreDefault
 	}
-	webKeystoreFile := filepath.Join(keystoreDirDefault, webKeystore)
+	webKeystoreFile := filepath.Join(keystoreDir, webKeystore)
 	// Check if a new self-signed certificate should be generated
 	genHostName := os.Getenv("MQ_GENERATE_CERTIFICATE_HOSTNAME")
 	if genHostName != "" {
 		// Create the Web Keystore
 		newWebKeystore := keystore.NewPKCS12KeyStore(webKeystoreFile, p12Truststore.Password)
 		err := newWebKeystore.Create()
--- a/pkg/logger/logger.go
+++ b/pkg/logger/logger.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2021
+© Copyright IBM Corporation 2018, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -117,22 +117,14 @@ func (l *Logger) log(level string, msg string) {
 // Debug logs a line as debug
 func (l *Logger) Debug(args ...interface{}) {
 	if l.debug {
-		if l.json {
+		l.log(debugLevel, fmt.Sprint(args...))
 			l.log(debugLevel, fmt.Sprint(args...))
 		} else {
 			l.log(debugLevel, "DEBUG: "+fmt.Sprint(args...))
 		}
 	}
 }
 // Debugf logs a line as debug using format specifiers
 func (l *Logger) Debugf(format string, args ...interface{}) {
 	if l.debug {
-		if l.json {
+		l.log(debugLevel, fmt.Sprintf(format, args...))
 			l.log(debugLevel, fmt.Sprintf(format, args...))
 		} else {
 			l.log(debugLevel, fmt.Sprintf("DEBUG: "+format, args...))
 		}
 	}
 }
--- a/source-branch.env
+++ b/source-branch.env
@@ -1,7 +0,0 @@
 ###########################################################################################################################################################
 # SOURCE_BRANCH is the repository branch name for this release stream. 
 # It should be updated when a new release fork is created but not for testing of personal builds or pre-fork updates.
 SOURCE_BRANCH ?= v9.3.1
 ###########################################################################################################################################################
--- a/test/docker/Gopkg.lock
+++ b/test/docker/Gopkg.lock
@@ -0,0 +1,114 @@
 # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
 [[projects]]
  branch = "master"
  name = "github.com/Azure/go-ansiterm"
  packages = [
    ".",
    "winterm"
  ]
  revision = "d6e3b3328b783f23731bc4d058875b0371ff8109"
 [[projects]]
  name = "github.com/Microsoft/go-winio"
  packages = ["."]
  revision = "7da180ee92d8bd8bb8c37fc560e673e6557c392f"
  version = "v0.4.7"
 [[projects]]
  name = "github.com/Sirupsen/logrus"
  packages = ["."]
  revision = "c155da19408a8799da419ed3eeb0cb5db0ad5dbc"
  version = "v1.0.5"
 [[projects]]
  name = "github.com/docker/distribution"
  packages = [
    "digest",
    "reference"
  ]
  revision = "48294d928ced5dd9b378f7fd7c6f5da3ff3f2c89"
  version = "v2.6.2"
 [[projects]]
  name = "github.com/docker/docker"
  packages = [
    "api/types",
    "api/types/blkiodev",
    "api/types/container",
    "api/types/events",
    "api/types/filters",
    "api/types/mount",
    "api/types/network",
    "api/types/reference",
    "api/types/registry",
    "api/types/strslice",
    "api/types/swarm",
    "api/types/time",
    "api/types/versions",
    "api/types/volume",
    "client",
    "pkg/jsonlog",
    "pkg/jsonmessage",
    "pkg/stdcopy",
    "pkg/term",
    "pkg/term/windows",
    "pkg/tlsconfig"
  ]
  revision = "f5ec1e2936dcbe7b5001c2b817188b095c700c27"
  version = "v17.03.2-ce"
 [[projects]]
  name = "github.com/docker/go-connections"
  packages = [
    "nat",
    "sockets",
    "tlsconfig"
  ]
  revision = "3ede32e2033de7505e6500d6c868c2b9ed9f169d"
  version = "v0.3.0"
 [[projects]]
  name = "github.com/docker/go-units"
  packages = ["."]
  revision = "0dadbb0345b35ec7ef35e228dabb8de89a65bf52"
  version = "v0.3.2"
 [[projects]]
  name = "github.com/pkg/errors"
  packages = ["."]
  revision = "645ef00459ed84a119197bfb8d8205042c6df63d"
  version = "v0.8.0"
 [[projects]]
  branch = "master"
  name = "golang.org/x/crypto"
  packages = ["ssh/terminal"]
  revision = "88942b9c40a4c9d203b82b3731787b672d6e809b"
 [[projects]]
  branch = "master"
  name = "golang.org/x/net"
  packages = [
    "context",
    "context/ctxhttp",
    "proxy"
  ]
  revision = "6078986fec03a1dcc236c34816c71b0e05018fda"
 [[projects]]
  branch = "master"
  name = "golang.org/x/sys"
  packages = [
    "unix",
    "windows"
  ]
  revision = "13d03a9a82fba647c21a0ef8fba44a795d0f0835"
 [solve-meta]
  analyzer-name = "dep"
  analyzer-version = 1
  inputs-digest = "c792836365447209421d5dc68a75fa77063408b8a6a2f9325b976581a0d60107"
  solver-name = "gps-cdcl"
  solver-version = 1
--- a/travis-build-scripts/cleanup-cache.sh
+++ b/travis-build-scripts/cleanup-cache.sh
@@ -1,6 +1,4 @@
-#!/bin/bash
+# © Copyright IBM Corporation 2017, 2018
 # © Copyright IBM Corporation 2020
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +12,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
-echo 'Cleaning up remote cache' && echo -en 'travis_fold:start:cleanup\\r'
+[[constraint]]
-./travis-build-scripts/artifact-util.sh -c ${CACHE_PATH} -u ${REPOSITORY_USER} -p ${REPOSITORY_CREDENTIAL} -f cache/${TAGCACHE_FILE} --delete
+  name = "github.com/docker/docker"
-echo -en 'travis_fold:end:cleanup\\r' 
+  version = "=v17.03.2-ce"
 [[constraint]]
  name = "github.com/docker/go-connections"
  version = "0.4.0"
 [prune]
  go-tests = true
--- a/test/docker/devconfig_test.go
+++ b/test/docker/devconfig_test.go
@@ -1,8 +1,7 @@
 //go:build mqdev
 // +build mqdev
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -35,7 +34,7 @@ import (
 func TestDevGoldenPath(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -44,7 +43,6 @@ func TestDevGoldenPath(t *testing.T) {
 		Env: []string{
 			"LICENSE=accept",
 			"MQ_QMGR_NAME=" + qm,
 			"DEBUG=true",
 		},
 	}
 	id := runContainerWithPorts(t, cli, &containerConfig, []int{9443})
@@ -52,10 +50,8 @@ func TestDevGoldenPath(t *testing.T) {
 	waitForReady(t, cli, id)
 	waitForWebReady(t, cli, id, insecureTLSConfig)
 	t.Run("JMS", func(t *testing.T) {
-		// Run the JMS tests, with no password specified.
+		// Run the JMS tests, with no password specified
-		// Use OpenJDK JRE for running testing, pass false for 7th parameter.
+		runJMSTests(t, cli, id, false, "app", defaultAppPasswordOS)
 		// Last parameter is blank as the test doesn't use TLS.
 		runJMSTests(t, cli, id, false, "app", defaultAppPasswordOS, "false", "")
 	})
 	t.Run("REST admin", func(t *testing.T) {
 		testRESTAdmin(t, cli, id, insecureTLSConfig)
@@ -72,7 +68,7 @@ func TestDevGoldenPath(t *testing.T) {
 func TestDevSecure(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -86,8 +82,6 @@ func TestDevSecure(t *testing.T) {
 			"MQ_QMGR_NAME=" + qm,
 			"MQ_APP_PASSWORD=" + appPassword,
 			"DEBUG=1",
 			"WLP_LOGGING_MESSAGE_FORMAT=JSON",
 			"MQ_ENABLE_EMBEDDED_WEB_SERVER_LOG=true",
 		},
 		Image: imageName(),
 	}
@@ -118,9 +112,7 @@ func TestDevSecure(t *testing.T) {
 	waitForWebReady(t, cli, ctr.ID, createTLSConfig(t, cert, tlsPassPhrase))
 	t.Run("JMS", func(t *testing.T) {
-		// OpenJDK is used for running tests, hence pass "false" for 7th parameter.
+		runJMSTests(t, cli, ctr.ID, true, "app", appPassword)
 		// Cipher name specified is compliant with non-IBM JRE naming.
 		runJMSTests(t, cli, ctr.ID, true, "app", appPassword, "false", "TLS_RSA_WITH_AES_256_CBC_SHA256")
 	})
 	t.Run("REST admin", func(t *testing.T) {
 		testRESTAdmin(t, cli, ctr.ID, insecureTLSConfig)
@@ -136,7 +128,7 @@ func TestDevSecure(t *testing.T) {
 func TestDevWebDisabled(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -158,9 +150,7 @@ func TestDevWebDisabled(t *testing.T) {
 	})
 	t.Run("JMS", func(t *testing.T) {
 		// Run the JMS tests, with no password specified
-		// OpenJDK is used for running tests, hence pass "false" for 7th parameter.
+		runJMSTests(t, cli, id, false, "app", defaultAppPasswordOS)
 		// Last parameter is blank as the test doesn't use TLS.
 		runJMSTests(t, cli, id, false, "app", defaultAppPasswordOS, "false", "")
 	})
 	// Stop the container cleanly
 	stopContainer(t, cli, id)
@@ -169,7 +159,7 @@ func TestDevWebDisabled(t *testing.T) {
 func TestDevConfigDisabled(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -191,131 +181,3 @@ func TestDevConfigDisabled(t *testing.T) {
 	// Stop the container cleanly
 	stopContainer(t, cli, id)
 }
 // Test if SSLKEYR and CERTLABL attributes are not set when key and certificate
 // are not supplied.
 func TestSSLKEYRBlank(t *testing.T) {
 	t.Parallel()
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	containerConfig := container.Config{
 		Env: []string{
 			"LICENSE=accept",
 			"MQ_QMGR_NAME=qm1",
 			"MQ_ENABLE_EMBEDDED_WEB_SERVER=false",
 		},
 	}
 	id := runContainerWithPorts(t, cli, &containerConfig, []int{9443})
 	defer cleanContainer(t, cli, id)
 	waitForReady(t, cli, id)
 	// execute runmqsc to display qmgr SSLKEYR and CERTLABL attibutes.
 	// Search the console output for exepcted values
 	_, sslkeyROutput := execContainer(t, cli, id, "", []string{"bash", "-c", "echo 'DISPLAY QMGR SSLKEYR CERTLABL' | runmqsc"})
 	if !strings.Contains(sslkeyROutput, "SSLKEYR( )") && !strings.Contains(sslkeyROutput, "CERTLABL( )") {
 		t.Errorf("Expected SSLKEYR to be blank but it is not; got \"%v\"", sslkeyROutput)
 	}
 	// Stop the container cleanly
 	stopContainer(t, cli, id)
 }
 // Test if SSLKEYR and CERTLABL attributes are set when key and certificate
 // are supplied.
 func TestSSLKEYRWithSuppliedKeyAndCert(t *testing.T) {
 	t.Parallel()
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	containerConfig := container.Config{
 		Env: []string{
 			"LICENSE=accept",
 			"MQ_QMGR_NAME=QM1",
 			"MQ_ENABLE_EMBEDDED_WEB_SERVER=false",
 		},
 		Image: imageName(),
 	}
 	hostConfig := container.HostConfig{
 		Binds: []string{
 			coverageBind(t),
 			tlsDir(t, false) + ":/etc/mqm/pki/keys/default",
 		},
 	}
 	networkingConfig := network.NetworkingConfig{}
 	ctr, err := cli.ContainerCreate(context.Background(), &containerConfig, &hostConfig, &networkingConfig, t.Name())
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer cleanContainer(t, cli, ctr.ID)
 	startContainer(t, cli, ctr.ID)
 	waitForReady(t, cli, ctr.ID)
 	// execute runmqsc to display qmgr SSLKEYR and CERTLABL attibutes.
 	// Search the console output for exepcted values
 	_, sslkeyROutput := execContainer(t, cli, ctr.ID, "", []string{"bash", "-c", "echo 'DISPLAY QMGR SSLKEYR CERTLABL' | runmqsc"})
 	if !strings.Contains(sslkeyROutput, "SSLKEYR(/run/runmqserver/tls/key)") && !strings.Contains(sslkeyROutput, "CERTLABL(default)") {
 		t.Errorf("Expected SSLKEYR to be '/run/runmqserver/tls/key' but it is not; got \"%v\"", sslkeyROutput)
 	}
 	// Stop the container cleanly
 	stopContainer(t, cli, ctr.ID)
 }
 // Test with CA cert
 func TestSSLKEYRWithCACert(t *testing.T) {
 	t.Parallel()
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	containerConfig := container.Config{
 		Env: []string{
 			"LICENSE=accept",
 			"MQ_QMGR_NAME=QM1",
 			"MQ_ENABLE_EMBEDDED_WEB_SERVER=false",
 		},
 		Image: imageName(),
 	}
 	hostConfig := container.HostConfig{
 		Binds: []string{
 			coverageBind(t),
 			tlsDirWithCA(t, false) + ":/etc/mqm/pki/keys/QM1CA",
 		},
 		// Assign a random port for the web server on the host
 		PortBindings: nat.PortMap{
 			"9443/tcp": []nat.PortBinding{
 				{
 					HostIP: "0.0.0.0",
 				},
 			},
 		},
 	}
 	networkingConfig := network.NetworkingConfig{}
 	ctr, err := cli.ContainerCreate(context.Background(), &containerConfig, &hostConfig, &networkingConfig, t.Name())
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer cleanContainer(t, cli, ctr.ID)
 	startContainer(t, cli, ctr.ID)
 	waitForReady(t, cli, ctr.ID)
 	// execute runmqsc to display qmgr SSLKEYR and CERTLABL attibutes.
 	// Search the console output for exepcted values
 	_, sslkeyROutput := execContainer(t, cli, ctr.ID, "", []string{"bash", "-c", "echo 'DISPLAY QMGR SSLKEYR CERTLABL' | runmqsc"})
 	if !strings.Contains(sslkeyROutput, "SSLKEYR(/run/runmqserver/tls/key)") {
 		t.Errorf("Expected SSLKEYR to be '/run/runmqserver/tls/key' but it is not; got \"%v\"", sslkeyROutput)
 	}
 	if !strings.Contains(sslkeyROutput, "CERTLABL(QM1CA)") {
 		t.Errorf("Expected CERTLABL to be 'QM1CA' but it is not; got \"%v\"", sslkeyROutput)
 	}
 	// Stop the container cleanly
 	stopContainer(t, cli, ctr.ID)
 }
--- a/test/docker/devconfig_test_util.go
+++ b/test/docker/devconfig_test_util.go
@@ -1,8 +1,7 @@
 //go:build mqdev
 // +build mqdev
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -19,7 +18,6 @@ limitations under the License.
 package main
 import (
 	"bufio"
 	"bytes"
 	"context"
 	"crypto/tls"
@@ -28,8 +26,8 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/http/httputil"
 	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"testing"
 	"time"
@@ -50,9 +48,8 @@ var insecureTLSConfig *tls.Config = &tls.Config{
 }
 func waitForWebReady(t *testing.T, cli *client.Client, ID string, tlsConfig *tls.Config) {
 	t.Logf("%s Waiting for web server to be ready", time.Now().Format(time.RFC3339))
 	httpClient := http.Client{
-		Timeout: time.Duration(10 * time.Second),
+		Timeout: time.Duration(3 * time.Second),
 		Transport: &http.Transport{
 			TLSClientConfig: tlsConfig,
 		},
@@ -66,13 +63,13 @@ func waitForWebReady(t *testing.T, cli *client.Client, ID string, tlsConfig *tls
 		case <-time.After(1 * time.Second):
 			req, err := http.NewRequest("GET", url, nil)
 			req.SetBasicAuth("admin", defaultAdminPassword)
-			resp, err := httpClient.Do(req)
+			resp, err := httpClient.Do(req.WithContext(ctx))
 			if err == nil && resp.StatusCode == http.StatusOK {
-				t.Logf("%s MQ web server is ready", time.Now().Format(time.RFC3339))
+				t.Log("MQ web server is ready")
 				return
 			}
 		case <-ctx.Done():
-			t.Fatalf("%s Timed out waiting for web server to become ready", time.Now().Format(time.RFC3339))
+			t.Fatal("Timed out waiting for web server to become ready")
 		}
 	}
 }
@@ -82,19 +79,15 @@ func tlsDir(t *testing.T, unixPath bool) string {
 	return filepath.Join(getCwd(t, unixPath), "../tls")
 }
 func tlsDirWithCA(t *testing.T, unixPath bool) string {
 	return filepath.Join(getCwd(t, unixPath), "../tlscacert")
 }
 // runJMSTests runs a container with a JMS client, which connects to the queue manager container with the specified ID
-func runJMSTests(t *testing.T, cli *client.Client, ID string, tls bool, user, password string, ibmjre string, cipherName string) {
+func runJMSTests(t *testing.T, cli *client.Client, ID string, tls bool, user, password string) {
 	containerConfig := container.Config{
 		// -e MQ_PORT_1414_TCP_ADDR=9.145.14.173 -e MQ_USERNAME=app -e MQ_PASSWORD=passw0rd -e MQ_CHANNEL=DEV.APP.SVRCONN -e MQ_TLS_TRUSTSTORE=/tls/test.p12 -e MQ_TLS_PASSPHRASE=passw0rd -v /Users/arthurbarr/go/src/github.com/ibm-messaging/mq-container/test/tls:/tls msgtest
 		Env: []string{
 			"MQ_PORT_1414_TCP_ADDR=" + getIPAddress(t, cli, ID),
 			"MQ_USERNAME=" + user,
 			"MQ_CHANNEL=DEV.APP.SVRCONN",
-			"IBMJRE=" + ibmjre,
+			"IBMJRE=" + os.Getenv("IBMJRE"),
 		},
 		Image: imageNameDevJMS(),
 	}
@@ -107,7 +100,6 @@ func runJMSTests(t *testing.T, cli *client.Client, ID string, tls bool, user, pa
 		containerConfig.Env = append(containerConfig.Env, []string{
 			"MQ_TLS_TRUSTSTORE=/var/tls/client-trust.jks",
 			"MQ_TLS_PASSPHRASE=passw0rd",
 			"MQ_TLS_CIPHER=" + cipherName,
 		}...)
 	}
 	hostConfig := container.HostConfig{
@@ -126,57 +118,9 @@ func runJMSTests(t *testing.T, cli *client.Client, ID string, tls bool, user, pa
 	if rc != 0 {
 		t.Errorf("JUnit container failed with rc=%v", rc)
 	}
 	// Get console output of the container and process the lines
 	// to see if we have any failures
 	scanner := bufio.NewScanner(strings.NewReader(inspectLogs(t, cli, ctr.ID)))
 	for scanner.Scan() {
 		s := scanner.Text()
 		if processJunitLogLine(s) {
 			t.Errorf("JUnit container tests failed. Reason: %s", s)
 		}
 	}
 	defer cleanContainer(t, cli, ctr.ID)
 }
 // Parse JUnit log line and return true if line contains failed or aborted tests
 func processJunitLogLine(outputLine string) bool {
 	var failedLine bool
 	// Sample JUnit test run output
 	//[         2 containers found      ]
 	//[         0 containers skipped    ]
 	//[         2 containers started    ]
 	//[         0 containers aborted    ]
 	//[         2 containers successful ]
 	//[         0 containers failed     ]
 	//[         0 tests found           ]
 	//[         0 tests skipped         ]
 	//[         0 tests started         ]
 	//[         0 tests aborted         ]
 	//[         0 tests successful      ]
 	//[         0 tests failed          ]
 	// Consider only those lines that begin with '[' and with ']'
 	if strings.HasPrefix(outputLine, "[") && strings.HasSuffix(outputLine, "]") {
 		// Strip off [] and whitespaces
 		trimmed := strings.Trim(outputLine, "[] ")
 		if strings.Contains(trimmed, "aborted") || strings.Contains(trimmed, "failed") {
 			// Tokenize on whitespace
 			tokens := strings.Split(trimmed, " ")
 			// Determine the count of aborted or failed tests
 			count, err := strconv.Atoi(tokens[0])
 			if err == nil {
 				if count > 0 {
 					failedLine = true
 				}
 			}
 		}
 	}
 	return failedLine
 }
 // createTLSConfig creates a tls.Config which trusts the specified certificate
 func createTLSConfig(t *testing.T, certFile, password string) *tls.Config {
 	// Get the SystemCertPool, continue with an empty pool on error
--- a/test/docker/docker_api_test.go
+++ b/test/docker/docker_api_test.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -38,7 +38,7 @@ import (
 func TestLicenseNotSet(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -52,12 +52,10 @@ func TestLicenseNotSet(t *testing.T) {
 	expectTerminationMessage(t, cli, id)
 }
 //Start container with LICENSE environment variable set to view.
 //Check that container starts and display license text
 func TestLicenseView(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -81,7 +79,7 @@ func TestLicenseView(t *testing.T) {
 //Check that when the container is stopped that the command endmqm has option -tp and x
 func TestEndMQMOpts(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -116,7 +114,7 @@ func TestGoldenPathNoMetrics(t *testing.T) {
 // Actual test function for TestGoldenPathNoMetrics & TestGoldenPathWithMetrics
 func goldenPath(t *testing.T, metric bool) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -134,10 +132,46 @@ func goldenPath(t *testing.T, metric bool) {
 	stopContainer(t, cli, id)
 }
 // TestSecurityVulnerabilities checks for any vulnerabilities in the image, as reported
 // by Red Hat
 func TestSecurityVulnerabilities(t *testing.T) {
 	t.Parallel()
 	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
 	rc, _ := runContainerOneShot(t, cli, "bash", "-c", "command -v microdnf && test -e /etc/yum.repos.d/ubi.repo")
 	if rc != 0 {
 		t.Skip("Skipping test because container is based on ubi-minimal, which doesn't include yum")
 	}
 	// id, _, err := command.Run("sudo", "buildah", "from", imageName())
 	// if err != nil {
 	// 	t.Log(id)
 	// 	t.Fatal(err)
 	// }
 	// id = strings.TrimSpace(id)
 	// defer command.Run("buildah", "rm", id)
 	// mnt, _, err := command.Run("sudo", "buildah", "mount", id)
 	// if err != nil {
 	// 	t.Log(mnt)
 	// 	t.Fatal(err)
 	// }
 	// mnt = strings.TrimSpace(mnt)
 	// out, _, err := command.Run("bash", "-c", "sudo cp /etc/yum.repos.d/* "+filepath.Join(mnt, "/etc/yum.repos.d/"))
 	// if err != nil {
 	// 	t.Log(out)
 	// 	t.Fatal(err)
 	// }
 	// out, ret, _ := command.Run("bash", "-c", "yum --installroot="+mnt+" updateinfo list sec | grep /Sec")
 	// if ret != 1 {
 	// 	t.Errorf("Expected no vulnerabilities, found the following:\n%v", out)
 	// }
 }
 func utilTestNoQueueManagerName(t *testing.T, hostName string, expectedName string) {
 	search := "QMNAME(" + expectedName + ")"
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -153,7 +187,6 @@ func utilTestNoQueueManagerName(t *testing.T, hostName string, expectedName stri
 		t.Errorf("Expected result of running dspmq to contain name=%v, got name=%v", search, out)
 	}
 }
 func TestNoQueueManagerName(t *testing.T) {
 	t.Parallel()
@@ -184,7 +217,7 @@ func TestWithVolumeNoMetrics(t *testing.T) {
 // Actual test function for TestWithVolumeNoMetrics & TestWithVolumeAndMetrics
 func withVolume(t *testing.T, metric bool) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -228,7 +261,7 @@ func withVolume(t *testing.T, metric bool) {
 // TestWithSplitVolumesLogsData starts a queue manager with separate log/data mounts
 func TestWithSplitVolumesLogsData(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -248,7 +281,7 @@ func TestWithSplitVolumesLogsData(t *testing.T) {
 // TestWithSplitVolumesLogsOnly starts a queue manager with a separate log mount
 func TestWithSplitVolumesLogsOnly(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -266,7 +299,7 @@ func TestWithSplitVolumesLogsOnly(t *testing.T) {
 // TestWithSplitVolumesDataOnly starts a queue manager with a separate data mount
 func TestWithSplitVolumesDataOnly(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -287,7 +320,7 @@ func TestWithSplitVolumesDataOnly(t *testing.T) {
 func TestNoVolumeWithRestart(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -307,7 +340,7 @@ func TestNoVolumeWithRestart(t *testing.T) {
 // where `runmqserver -i` is run to initialize the storage.  Then the
 // container can be run as normal.
 func TestVolumeRequiresRoot(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -370,7 +403,7 @@ func TestVolumeRequiresRoot(t *testing.T) {
 func TestCreateQueueManagerFail(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -403,7 +436,7 @@ func TestCreateQueueManagerFail(t *testing.T) {
 func TestStartQueueManagerFail(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -439,7 +472,7 @@ func TestStartQueueManagerFail(t *testing.T) {
 func TestVolumeUnmount(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -488,7 +521,7 @@ func TestVolumeUnmount(t *testing.T) {
 func TestZombies(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -525,7 +558,7 @@ func TestZombies(t *testing.T) {
 func TestMQSC(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -572,7 +605,7 @@ func TestMQSC(t *testing.T) {
 func TestLargeMQSC(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -624,7 +657,7 @@ func TestLargeMQSC(t *testing.T) {
 func TestRedactValidMQSC(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -702,7 +735,7 @@ func TestRedactValidMQSC(t *testing.T) {
 func TestRedactInvalidMQSC(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -775,7 +808,7 @@ func TestRedactInvalidMQSC(t *testing.T) {
 // tries to start a container based on that image, and checks that container terminates
 func TestInvalidMQSC(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -809,7 +842,7 @@ func TestInvalidMQSC(t *testing.T) {
 func TestSimpleMQIniMerge(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -847,7 +880,7 @@ func TestSimpleMQIniMerge(t *testing.T) {
 }
 func TestMultipleIniMerge(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -896,7 +929,7 @@ func TestMultipleIniMerge(t *testing.T) {
 }
 func TestMQIniMergeOnTheSameVolumeButTwoContainers(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -958,7 +991,7 @@ func TestMQIniMergeOnTheSameVolumeButTwoContainers(t *testing.T) {
 		RUN chmod 0660 /etc/mqm/test1.ini
 		USER 1001`, imageName())},
 		{"test1.ini",
-			"Log:\n   LogBufferPages=128"},
+			"Log:\n   LogFilePages=5000"},
 	}
 	secondImage := createImage(t, cli, filesSecondContainer)
@@ -978,7 +1011,7 @@ func TestMQIniMergeOnTheSameVolumeButTwoContainers(t *testing.T) {
 	waitForReady(t, cli, ctr2.ID)
 	_, test2 := execContainer(t, cli, ctr2.ID, "", []string{"bash", "-c", catIniFileCommand})
-	changedStanza := strings.Contains(test2, "LogBufferPages=128")
+	changedStanza := strings.Contains(test2, "LogFilePages=5000")
 	//check if stanza that was merged in the first container doesnt exist in this one.
 	firstMergedStanza := strings.Contains(test2, "ApplicationTrace:\n   ApplName=amqsact*\n   Trace=OFF")
@@ -994,7 +1027,7 @@ func TestMQIniMergeOnTheSameVolumeButTwoContainers(t *testing.T) {
 func TestReadiness(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1054,10 +1087,9 @@ func TestReadiness(t *testing.T) {
 }
 func TestErrorLogRotation(t *testing.T) {
 	t.Skipf("Skipping %v until test defect fixed", t.Name())
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1147,7 +1179,7 @@ func TestJSONLogFormatNoMetrics(t *testing.T) {
 // Actual test function for TestJSONLogFormatWithMetrics & TestJSONLogFormatNoMetrics
 func jsonLogFormat(t *testing.T, metric bool) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1183,7 +1215,7 @@ func jsonLogFormat(t *testing.T, metric bool) {
 func TestBadLogFormat(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1207,7 +1239,7 @@ func TestBadLogFormat(t *testing.T) {
 func TestMQJSONDisabled(t *testing.T) {
 	t.SkipNow()
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1235,7 +1267,7 @@ func TestCorrectLicense(t *testing.T) {
 		t.Fatal("Required test environment variable 'EXPECTED_LICENSE' was not set.")
 	}
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1260,7 +1292,7 @@ func TestCorrectLicense(t *testing.T) {
 func TestVersioning(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1381,7 +1413,7 @@ func TestVersioning(t *testing.T) {
 func TestTraceStrmqm(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1401,85 +1433,3 @@ func TestTraceStrmqm(t *testing.T) {
 		t.Fatalf("No trace files found in trace directory /var/mqm/trace. RC=%d.", rc)
 	}
 }
 // utilTestHealthCheck is used by TestHealthCheck* to run a container with
 // privileges enabled or disabled.  Otherwise the same as the golden path tests.
 func utilTestHealthCheck(t *testing.T, nonewpriv bool) {
 	t.Parallel()
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	containerConfig := container.Config{
 		Env: []string{"LICENSE=accept", "MQ_QMGR_NAME=qm1"},
 	}
 	hostConfig := getDefaultHostConfig(t, cli)
 	hostConfig.SecurityOpt = append(hostConfig.SecurityOpt, fmt.Sprintf("no-new-privileges:%v", nonewpriv))
 	id := runContainerWithHostConfig(t, cli, &containerConfig, hostConfig)
 	defer cleanContainer(t, cli, id)
 	waitForReady(t, cli, id)
 	rc, out := execContainer(t, cli, id, "", []string{"chkmqhealthy"})
 	t.Log(out)
 	if rc != 0 {
 		t.Errorf("Expected chkmqhealthy to return with exit code 0; got \"%v\"", rc)
 		t.Logf("Output from chkmqhealthy:\n%v", out)
 	}
 	// Stop the container cleanly
 	stopContainer(t, cli, id)
 }
 // TestHealthCheckWithNoNewPrivileges tests golden path start/stop plus
 // chkmqhealthy, when running in a container where no new privileges are
 // allowed (i.e. setuid is disabled)
 func TestHealthCheckWithNoNewPrivileges(t *testing.T) {
 	utilTestHealthCheck(t, true)
 }
 // TestHealthCheckWithNoNewPrivileges tests golden path start/stop plus
 // chkmqhealthy when running in a container where new privileges are
 // allowed (i.e. setuid is allowed)
 // See https://github.com/ibm-messaging/mq-container/issues/428
 func TestHealthCheckWithNewPrivileges(t *testing.T) {
 	utilTestHealthCheck(t, false)
 }
 // utilTestStartedCheck is used by TestStartedCheck* to run a container with
 // privileges enabled or disabled.  Otherwise the same as the golden path tests.
 func utilTestStartedCheck(t *testing.T, nonewpriv bool) {
 	t.Parallel()
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	containerConfig := container.Config{
 		Env: []string{"LICENSE=accept", "MQ_QMGR_NAME=qm1"},
 	}
 	hostConfig := getDefaultHostConfig(t, cli)
 	hostConfig.SecurityOpt = append(hostConfig.SecurityOpt, fmt.Sprintf("no-new-privileges:%v", nonewpriv))
 	id := runContainerWithHostConfig(t, cli, &containerConfig, hostConfig)
 	defer cleanContainer(t, cli, id)
 	waitForReady(t, cli, id)
 	rc, out := execContainer(t, cli, id, "", []string{"chkmqstarted"})
 	t.Log(out)
 	if rc != 0 {
 		t.Errorf("Expected chkmqstarted to return with exit code 0; got \"%v\"", rc)
 		t.Logf("Output from chkmqstarted:\n%v", out)
 	}
 	// Stop the container cleanly
 	stopContainer(t, cli, id)
 }
 // TestStartedCheckWithNoNewPrivileges tests golden path start/stop plus
 // chkmqstarted, when running in a container where no new privileges are
 // allowed (i.e. setuid is disabled)
 func TestStartedCheckWithNoNewPrivileges(t *testing.T) {
 	utilTestStartedCheck(t, true)
 }
 // TestStartedCheckWithNoNewPrivileges tests golden path start/stop plus
 // chkmqstarted when running in a container where new privileges are
 // allowed (i.e. setuid is allowed)
 // See https://github.com/ibm-messaging/mq-container/issues/428
 func TestStartedCheckWithNewPrivileges(t *testing.T) {
 	utilTestStartedCheck(t, false)
 }
--- a/test/docker/docker_api_test_util.go
+++ b/test/docker/docker_api_test_util.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2017, 2022
+© Copyright IBM Corporation 2017, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -267,8 +267,20 @@ func generateRandomUID() string {
 	return fmt.Sprint(rand.Intn(max-min) + min)
 }
-// getDefaultHostConfig creates a HostConfig and populates it with the defaults used in testing
+// runContainerWithPorts creates and starts a container, exposing the specified ports on the host.
-func getDefaultHostConfig(t *testing.T, cli *client.Client) *container.HostConfig {
+// If no image is specified in the container config, then the image name is retrieved from the TEST_IMAGE
 // environment variable.
 func runContainerWithPorts(t *testing.T, cli *client.Client, containerConfig *container.Config, ports []int) string {
 	if containerConfig.Image == "" {
 		containerConfig.Image = imageName()
 	}
 	// Always run as a random user, unless the test has specified otherwise
 	if containerConfig.User == "" {
 		containerConfig.User = generateRandomUID()
 	}
 	// if coverage
 	containerConfig.Env = append(containerConfig.Env, "COVERAGE_FILE="+t.Name()+".cov")
 	containerConfig.Env = append(containerConfig.Env, "EXIT_CODE_FILE="+getExitCodeFilename(t))
 	hostConfig := container.HostConfig{
 		Binds: []string{
 			coverageBind(t),
@@ -287,62 +299,6 @@ func getDefaultHostConfig(t *testing.T, cli *client.Client) *container.HostConfi
 	} else {
 		t.Logf("Detected MQ Advanced image - dropping all capabilities")
 	}
 	return &hostConfig
 }
 // runContainerWithHostConfig creates and starts a container, using the supplied HostConfig.
 // Note that a default HostConfig can be created using getDefaultHostConfig.
 func runContainerWithHostConfig(t *testing.T, cli *client.Client, containerConfig *container.Config, hostConfig *container.HostConfig) string {
 	if containerConfig.Image == "" {
 		containerConfig.Image = imageName()
 	}
 	// Always run as a random user, unless the test has specified otherwise
 	if containerConfig.User == "" {
 		containerConfig.User = generateRandomUID()
 	}
 	// if coverage
 	containerConfig.Env = append(containerConfig.Env, "COVERAGE_FILE="+t.Name()+".cov")
 	containerConfig.Env = append(containerConfig.Env, "EXIT_CODE_FILE="+getExitCodeFilename(t))
 	networkingConfig := network.NetworkingConfig{}
 	t.Logf("Running container (%s)", containerConfig.Image)
 	ctr, err := cli.ContainerCreate(context.Background(), containerConfig, hostConfig, &networkingConfig, t.Name())
 	if err != nil {
 		t.Fatal(err)
 	}
 	startContainer(t, cli, ctr.ID)
 	return ctr.ID
 }
 // runContainerWithAllConfig creates and starts a container, using the supplied ContainerConfig, HostConfig,
 // NetworkingConfig, and container name (or the value of t.Name if containerName="").
 func runContainerWithAllConfig(t *testing.T, cli *client.Client, containerConfig *container.Config, hostConfig *container.HostConfig, networkingConfig *network.NetworkingConfig, containerName string) string {
 	if containerName == "" {
 		containerName = t.Name()
 	}
 	if containerConfig.Image == "" {
 		containerConfig.Image = imageName()
 	}
 	// Always run as a random user, unless the test has specified otherwise
 	if containerConfig.User == "" {
 		containerConfig.User = generateRandomUID()
 	}
 	// if coverage
 	containerConfig.Env = append(containerConfig.Env, "COVERAGE_FILE="+t.Name()+".cov")
 	containerConfig.Env = append(containerConfig.Env, "EXIT_CODE_FILE="+getExitCodeFilename(t))
 	t.Logf("Running container (%s)", containerConfig.Image)
 	ctr, err := cli.ContainerCreate(context.Background(), containerConfig, hostConfig, networkingConfig, containerName)
 	if err != nil {
 		t.Fatal(err)
 	}
 	startContainer(t, cli, ctr.ID)
 	return ctr.ID
 }
 // runContainerWithPorts creates and starts a container, exposing the specified ports on the host.
 // If no image is specified in the container config, then the image name is retrieved from the TEST_IMAGE
 // environment variable.
 func runContainerWithPorts(t *testing.T, cli *client.Client, containerConfig *container.Config, ports []int) string {
 	hostConfig := getDefaultHostConfig(t, cli)
 	for _, p := range ports {
 		port := nat.Port(fmt.Sprintf("%v/tcp", p))
 		hostConfig.PortBindings[port] = []nat.PortBinding{
@@ -351,7 +307,14 @@ func runContainerWithPorts(t *testing.T, cli *client.Client, containerConfig *co
 			},
 		}
 	}
-	return runContainerWithHostConfig(t, cli, containerConfig, hostConfig)
+	networkingConfig := network.NetworkingConfig{}
 	t.Logf("Running container (%s)", containerConfig.Image)
 	ctr, err := cli.ContainerCreate(context.Background(), containerConfig, &hostConfig, &networkingConfig, t.Name())
 	if err != nil {
 		t.Fatal(err)
 	}
 	startContainer(t, cli, ctr.ID)
 	return ctr.ID
 }
 // runContainer creates and starts a container.  If no image is specified in
@@ -548,14 +511,9 @@ func getCoverageExitCode(t *testing.T, orig int64) int64 {
 func waitForContainer(t *testing.T, cli *client.Client, ID string, timeout time.Duration) int64 {
 	c, cancel := context.WithTimeout(context.Background(), timeout)
 	defer cancel()
-	t.Logf("Waiting for container for %s", timeout)
+	rc, err := cli.ContainerWait(c, ID)
-	okC, errC := cli.ContainerWait(c, ID, container.WaitConditionNotRunning)
+	if err != nil {
 	var rc int64
 	select {
 	case err := <-errC:
 		t.Fatal(err)
 	case ok := <-okC:
 		rc = ok.StatusCode
 	}
 	if coverage() {
 		// COVERAGE: When running coverage, the exit code is written to a file,
@@ -568,7 +526,6 @@ func waitForContainer(t *testing.T, cli *client.Client, ID string, timeout time.
 // execContainer runs a command in a running container, and returns the exit code and output
 func execContainer(t *testing.T, cli *client.Client, ID string, user string, cmd []string) (int, string) {
 	t.Logf("Running command: %v", cmd)
 	config := types.ExecConfig{
 		User:        user,
 		Privileged:  false,
@@ -584,7 +541,7 @@ func execContainer(t *testing.T, cli *client.Client, ID string, user string, cmd
 	if err != nil {
 		t.Fatal(err)
 	}
-	hijack, err := cli.ContainerExecAttach(context.Background(), resp.ID, types.ExecStartCheck{})
+	hijack, err := cli.ContainerExecAttach(context.Background(), resp.ID, config)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -652,9 +609,6 @@ func waitForReady(t *testing.T, cli *client.Client, ID string) {
 			} else if rc == 10 {
 				t.Log("MQ Readiness: Queue Manager Running as Standby")
 				return
 			} else if rc == 20 {
 				t.Log("MQ Readiness: Queue Manager Running as Replica")
 				return
 			}
 		case <-ctx.Done():
 			t.Fatal("Timed out waiting for container to become ready")
@@ -691,7 +645,7 @@ func removeNetwork(t *testing.T, cli *client.Client, ID string) {
 }
 func createVolume(t *testing.T, cli *client.Client, name string) types.Volume {
-	v, err := cli.VolumeCreate(context.Background(), volume.VolumeCreateBody{
+	v, err := cli.VolumeCreate(context.Background(), volume.VolumesCreateBody{
 		Driver:     "local",
 		DriverOpts: map[string]string{},
 		Labels:     map[string]string{},
@@ -831,23 +785,12 @@ func copyFromContainer(t *testing.T, cli *client.Client, id string, file string)
 }
 func getPort(t *testing.T, cli *client.Client, ID string, port int) string {
-	var inspectInfo types.ContainerJSON
+	i, err := cli.ContainerInspect(context.Background(), ID)
-	var err error
+	if err != nil {
-	for attemptsRemaining := 3; attemptsRemaining > 0; attemptsRemaining-- {
+		t.Fatal(err)
 		inspectInfo, err = cli.ContainerInspect(context.Background(), ID)
 		if err != nil {
 			t.Fatal(err)
 		}
 		portNat := nat.Port(fmt.Sprintf("%d/tcp", port))
 		if inspectInfo.NetworkSettings.Ports[portNat] == nil || len(inspectInfo.NetworkSettings.Ports[portNat]) == 0 {
 			t.Log("Container port not yet bound")
 			time.Sleep(1 * time.Second)
 			continue
 		}
 		return inspectInfo.NetworkSettings.Ports[portNat][0].HostPort
 	}
-	t.Fatal("Failed to get port")
+	portNat := nat.Port(fmt.Sprintf("%d/tcp", port))
-	return ""
+	return i.NetworkSettings.Ports[portNat][0].HostPort
 }
 func countLines(t *testing.T, r io.Reader) int {
@@ -880,12 +823,3 @@ func countTarLines(t *testing.T, b []byte) int {
 	}
 	return total
 }
 func getMQVersion(t *testing.T, cli *client.Client) (string, error) {
 	inspect, _, err := cli.ImageInspectWithRaw(context.Background(), imageName())
 	if err != nil {
 		return "", err
 	}
 	version := inspect.ContainerConfig.Labels["version"]
 	return version, nil
 }
--- a/test/docker/go.mod
+++ b/test/docker/go.mod
@@ -1,22 +0,0 @@
 module github.com/ibm-messaging/mq-container/test/docker
 go 1.16
 require (
 	github.com/containerd/containerd v1.6.6 // indirect
 	github.com/docker/distribution v2.8.1+incompatible // indirect
 	// Note: This is not actually Docker v17.12!
 	// Go modules require the use of semver, but Docker does not use semver and has not
 	// [opted-in to use Go modules](https://github.com/golang/go/wiki/Modules#can-a-module-consume-a-package-that-has-not-opted-in-to-modules)
 	// This means that when you `go get` Docker, you need to do so based on a commit,
 	// e.g. `go get -v github.com/docker/docker@420b1d36250f9cfdc561f086f25a213ecb669b6f`,
 	// which uses the commit for [Docker v19.03.15](https://github.com/moby/moby/releases/tag/v19.03.15)
 	// Go will then find the latest tag with a semver-compatible tag.  In Docker's case,
 	// v17.12.0 is valid semver, but v18.09 and v19.03 are not.
 	// Also note: Docker v20.10 is valid semver, but the v20.10 client API requires use of Docker API
 	// version 1.41 on the server, which is currently too new for the version of Docker in Travis (Ubuntu Bionic)
 	github.com/docker/docker v17.12.0-ce-rc1.0.20210128214336-420b1d36250f+incompatible
 	github.com/docker/go-connections v0.4.0
 	golang.org/x/sys v0.0.0-20220422013727-9388b58f7150 // indirect
 	google.golang.org/grpc v1.46.0 // indirect
 )
--- a/test/docker/go.sum
+++ b/test/docker/go.sum
--- a/test/docker/mq_multi_instance_test.go
+++ b/test/docker/mq_multi_instance_test.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2019, 2022
+© Copyright IBM Corporation 2019, 2020
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -16,7 +16,6 @@ limitations under the License.
 package main
 import (
 	"context"
 	"strings"
 	"testing"
 	"time"
@@ -33,8 +32,7 @@ var miEnv = []string{
 // TestMultiInstanceStartStop creates 2 containers in a multi instance queue manager configuration
 // and starts/stop them checking we always have an active and standby
 func TestMultiInstanceStartStop(t *testing.T) {
-	t.Skipf("Skipping %v until test defect fixed", t.Name())
+	cli, err := client.NewEnvClient()
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -76,7 +74,7 @@ func TestMultiInstanceStartStop(t *testing.T) {
 // TestMultiInstanceContainerStop starts 2 containers in a multi instance queue manager configuration,
 // stops the active queue manager, then checks to ensure the backup queue manager becomes active
 func TestMultiInstanceContainerStop(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -93,28 +91,15 @@ func TestMultiInstanceContainerStop(t *testing.T) {
 	waitForReady(t, cli, qm1aId)
 	waitForReady(t, cli, qm1bId)
-	err, originalActive, originalStandby := getActiveStandbyQueueManager(t, cli, qm1aId, qm1bId)
+	err, active, standby := getActiveStandbyQueueManager(t, cli, qm1aId, qm1bId)
 	if err != nil {
 		t.Fatal(err)
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	stopContainer(t, cli, active)
 	defer cancel()
 	stopContainer(t, cli, originalActive)
-	for {
+	if status := getQueueManagerStatus(t, cli, standby, "QM1"); strings.Compare(status, "Running") != 0 {
-		status := getQueueManagerStatus(t, cli, originalStandby, "QM1")
+		t.Fatalf("Expected QM1 to be running as active queue manager, dspmq returned status of %v", status)
 		select {
 		case <-time.After(1 * time.Second):
 			if status == "Running" {
 				t.Logf("Original standby is now the active")
 				return
 			} else if status == "Starting" {
 				t.Logf("Original standby is starting")
 			}
 		case <-ctx.Done():
 			t.Fatalf("%s Timed out waiting for standby to become the active.  Status=%v", time.Now().Format(time.RFC3339), status)
 		}
 	}
 }
@@ -123,7 +108,7 @@ func TestMultiInstanceContainerStop(t *testing.T) {
 func TestMultiInstanceRace(t *testing.T) {
 	t.Skipf("Skipping %v until file lock is implemented", t.Name())
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -169,7 +154,7 @@ func TestMultiInstanceRace(t *testing.T) {
 // mounts, then checks to ensure that the container terminates with the expected message
 func TestMultiInstanceNoSharedMounts(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -188,7 +173,7 @@ func TestMultiInstanceNoSharedMounts(t *testing.T) {
 // TestMultiInstanceNoSharedLogs starts 2 multi instance queue managers without providing a shared log
 // mount, then checks to ensure that the container terminates with the expected message
 func TestMultiInstanceNoSharedLogs(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -210,7 +195,7 @@ func TestMultiInstanceNoSharedLogs(t *testing.T) {
 // TestMultiInstanceNoSharedData starts 2 multi instance queue managers without providing a shared data
 // mount, then checks to ensure that the container terminates with the expected message
 func TestMultiInstanceNoSharedData(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -232,7 +217,7 @@ func TestMultiInstanceNoSharedData(t *testing.T) {
 // TestMultiInstanceNoMounts starts 2 multi instance queue managers without providing a shared data
 // mount, then checks to ensure that the container terminates with the expected message
 func TestMultiInstanceNoMounts(t *testing.T) {
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/test/docker/mq_multi_instance_test_util.go
+++ b/test/docker/mq_multi_instance_test_util.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2019, 2022
+© Copyright IBM Corporation 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -77,7 +77,6 @@ func getActiveStandbyQueueManager(t *testing.T, cli *client.Client, qm1aId strin
 func getQueueManagerStatus(t *testing.T, cli *client.Client, containerID string, queueManagerName string) string {
 	_, dspmqOut := execContainer(t, cli, containerID, "", []string{"bash", "-c", "dspmq", "-m", queueManagerName})
 	t.Logf("dspmq for %v (%v) returned: %v", containerID, queueManagerName, dspmqOut)
 	regex := regexp.MustCompile(`STATUS\(.*\)`)
 	status := regex.FindString(dspmqOut)
 	status = strings.TrimSuffix(strings.TrimPrefix(status, "STATUS("), ")")
--- a/test/docker/mq_native_ha_test.go
+++ b/test/docker/mq_native_ha_test.go
@@ -1,219 +0,0 @@
 /*
 © Copyright IBM Corporation 2021, 2022
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"testing"
 	"github.com/docker/docker/client"
 )
 // TestNativeHABasic creates 3 containers in a Native HA queue manager configuration
 // and ensures the queue manger and replicas start as expected
 func TestNativeHABasic(t *testing.T) {
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	version, err := getMQVersion(t, cli)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if version < "9.2.2.0" {
 		t.Skipf("Skipping %s as test requires at least MQ 9.2.2.0, but image is version %s", t.Name(), version)
 	}
 	containerNames := [3]string{"QM1_1", "QM1_2", "QM1_3"}
 	qmReplicaIDs := [3]string{}
 	qmVolumes := []string{}
 	qmNetwork, err := createBridgeNetwork(cli, t)
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer removeBridgeNetwork(cli, qmNetwork.ID)
 	for i := 0; i <= 2; i++ {
 		vol := createVolume(t, cli, containerNames[i])
 		defer removeVolume(t, cli, vol.Name)
 		qmVolumes = append(qmVolumes, vol.Name)
 		containerConfig := getNativeHAContainerConfig(containerNames[i], containerNames, defaultHAPort)
 		hostConfig := getHostConfig(t, 1, "", "", vol.Name)
 		networkingConfig := getNativeHANetworkConfig(qmNetwork.ID)
 		ctr := runContainerWithAllConfig(t, cli, &containerConfig, &hostConfig, &networkingConfig, containerNames[i])
 		defer cleanContainer(t, cli, ctr)
 		qmReplicaIDs[i] = ctr
 	}
 	waitForReadyHA(t, cli, qmReplicaIDs)
 	_, err = getActiveReplicaInstances(t, cli, qmReplicaIDs)
 	if err != nil {
 		t.Fatal(err)
 	}
 }
 // TestNativeHAFailover creates 3 containers in a Native HA queue manager configuration,
 // stops the active queue manager, checks a replica becomes active, and ensures the stopped
 // queue manager comes back as a replica
 func TestNativeHAFailover(t *testing.T) {
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	version, err := getMQVersion(t, cli)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if version < "9.2.2.0" {
 		t.Skipf("Skipping %s as test requires at least MQ 9.2.2.0, but image is version %s", t.Name(), version)
 	}
 	containerNames := [3]string{"QM1_1", "QM1_2", "QM1_3"}
 	qmReplicaIDs := [3]string{}
 	qmVolumes := []string{}
 	qmNetwork, err := createBridgeNetwork(cli, t)
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer removeBridgeNetwork(cli, qmNetwork.ID)
 	for i := 0; i <= 2; i++ {
 		vol := createVolume(t, cli, containerNames[i])
 		defer removeVolume(t, cli, vol.Name)
 		qmVolumes = append(qmVolumes, vol.Name)
 		containerConfig := getNativeHAContainerConfig(containerNames[i], containerNames, defaultHAPort)
 		hostConfig := getHostConfig(t, 1, "", "", vol.Name)
 		networkingConfig := getNativeHANetworkConfig(qmNetwork.ID)
 		ctr := runContainerWithAllConfig(t, cli, &containerConfig, &hostConfig, &networkingConfig, containerNames[i])
 		defer cleanContainer(t, cli, ctr)
 		qmReplicaIDs[i] = ctr
 	}
 	waitForReadyHA(t, cli, qmReplicaIDs)
 	haStatus, err := getActiveReplicaInstances(t, cli, qmReplicaIDs)
 	if err != nil {
 		t.Fatal(err)
 	}
 	stopContainer(t, cli, haStatus.Active)
 	waitForFailoverHA(t, cli, haStatus.Replica)
 	startContainer(t, cli, haStatus.Active)
 	waitForReady(t, cli, haStatus.Active)
 	_, err = getActiveReplicaInstances(t, cli, qmReplicaIDs)
 	if err != nil {
 		t.Fatal(err)
 	}
 }
 // TestNativeHASecure creates 3 containers in a Native HA queue manager configuration
 // with HA TLS enabled, and ensures the queue manger and replicas start as expected
 func TestNativeHASecure(t *testing.T) {
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	version, err := getMQVersion(t, cli)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if version < "9.2.2.0" {
 		t.Skipf("Skipping %s as test requires at least MQ 9.2.2.0, but image is version %s", t.Name(), version)
 	}
 	containerNames := [3]string{"QM1_1", "QM1_2", "QM1_3"}
 	qmReplicaIDs := [3]string{}
 	qmNetwork, err := createBridgeNetwork(cli, t)
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer removeBridgeNetwork(cli, qmNetwork.ID)
 	for i := 0; i <= 2; i++ {
 		containerConfig := getNativeHAContainerConfig(containerNames[i], containerNames, defaultHAPort)
 		containerConfig.Env = append(containerConfig.Env, "MQ_NATIVE_HA_TLS=true")
 		hostConfig := getNativeHASecureHostConfig(t)
 		networkingConfig := getNativeHANetworkConfig(qmNetwork.ID)
 		ctr := runContainerWithAllConfig(t, cli, &containerConfig, &hostConfig, &networkingConfig, containerNames[i])
 		defer cleanContainer(t, cli, ctr)
 		qmReplicaIDs[i] = ctr
 	}
 	waitForReadyHA(t, cli, qmReplicaIDs)
 	_, err = getActiveReplicaInstances(t, cli, qmReplicaIDs)
 	if err != nil {
 		t.Fatal(err)
 	}
 }
 // TestNativeHASecure creates 3 containers in a Native HA queue manager configuration
 // with HA TLS enabled, overrides the default CipherSpec, and ensures the queue manger
 // and replicas start as expected
 func TestNativeHASecureCipherSpec(t *testing.T) {
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		t.Fatal(err)
 	}
 	version, err := getMQVersion(t, cli)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if version < "9.2.2.0" {
 		t.Skipf("Skipping %s as test requires at least MQ 9.2.2.0, but image is version %s", t.Name(), version)
 	}
 	containerNames := [3]string{"QM1_1", "QM1_2", "QM1_3"}
 	qmReplicaIDs := [3]string{}
 	qmNetwork, err := createBridgeNetwork(cli, t)
 	if err != nil {
 		t.Fatal(err)
 	}
 	defer removeBridgeNetwork(cli, qmNetwork.ID)
 	for i := 0; i <= 2; i++ {
 		containerConfig := getNativeHAContainerConfig(containerNames[i], containerNames, defaultHAPort)
 		containerConfig.Env = append(containerConfig.Env, "MQ_NATIVE_HA_TLS=true", "MQ_NATIVE_HA_CIPHERSPEC=TLS_AES_256_GCM_SHA384")
 		hostConfig := getNativeHASecureHostConfig(t)
 		networkingConfig := getNativeHANetworkConfig(qmNetwork.ID)
 		ctr := runContainerWithAllConfig(t, cli, &containerConfig, &hostConfig, &networkingConfig, containerNames[i])
 		defer cleanContainer(t, cli, ctr)
 		qmReplicaIDs[i] = ctr
 	}
 	waitForReadyHA(t, cli, qmReplicaIDs)
 	_, err = getActiveReplicaInstances(t, cli, qmReplicaIDs)
 	if err != nil {
 		t.Fatal(err)
 	}
 }
--- a/test/docker/mq_native_ha_test_util.go
+++ b/test/docker/mq_native_ha_test_util.go
@@ -1,149 +0,0 @@
 /*
 © Copyright IBM Corporation 2021
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package main
 import (
 	"context"
 	"fmt"
 	"path/filepath"
 	"testing"
 	"time"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/network"
 	"github.com/docker/docker/client"
 )
 const defaultHAPort = 9414
 // HAReplicaStatus represents the Active/Replica/Replica container status of the queue manager
 type HAReplicaStatus struct {
 	Active  string
 	Replica [2]string
 }
 func createBridgeNetwork(cli *client.Client, t *testing.T) (types.NetworkCreateResponse, error) {
 	return cli.NetworkCreate(context.Background(), t.Name(), types.NetworkCreate{})
 }
 func removeBridgeNetwork(cli *client.Client, networkID string) error {
 	return cli.NetworkRemove(context.Background(), networkID)
 }
 func getNativeHAContainerConfig(containerName string, replicaNames [3]string, haPort int) container.Config {
 	return container.Config{
 		Env: []string{
 			"LICENSE=accept",
 			"MQ_QMGR_NAME=QM1",
 			"AMQ_CLOUD_PAK=true",
 			"MQ_NATIVE_HA=true",
 			fmt.Sprintf("HOSTNAME=%s", containerName),
 			fmt.Sprintf("MQ_NATIVE_HA_INSTANCE_0_NAME=%s", replicaNames[0]),
 			fmt.Sprintf("MQ_NATIVE_HA_INSTANCE_1_NAME=%s", replicaNames[1]),
 			fmt.Sprintf("MQ_NATIVE_HA_INSTANCE_2_NAME=%s", replicaNames[2]),
 			fmt.Sprintf("MQ_NATIVE_HA_INSTANCE_0_REPLICATION_ADDRESS=%s(%d)", replicaNames[0], haPort),
 			fmt.Sprintf("MQ_NATIVE_HA_INSTANCE_1_REPLICATION_ADDRESS=%s(%d)", replicaNames[1], haPort),
 			fmt.Sprintf("MQ_NATIVE_HA_INSTANCE_2_REPLICATION_ADDRESS=%s(%d)", replicaNames[2], haPort),
 		},
 	}
 }
 func getNativeHASecureHostConfig(t *testing.T) container.HostConfig {
 	return container.HostConfig{
 		Binds: []string{
 			coverageBind(t),
 			filepath.Join(getCwd(t, true), "../tls") + ":/etc/mqm/ha/pki/keys/ha",
 		},
 	}
 }
 func getNativeHANetworkConfig(networkID string) network.NetworkingConfig {
 	return network.NetworkingConfig{
 		EndpointsConfig: map[string]*network.EndpointSettings{
 			networkID: &network.EndpointSettings{},
 		},
 	}
 }
 func getActiveReplicaInstances(t *testing.T, cli *client.Client, qmReplicaIDs [3]string) (HAReplicaStatus, error) {
 	var actives []string
 	var replicas []string
 	for _, id := range qmReplicaIDs {
 		qmReplicaStatus := getQueueManagerStatus(t, cli, id, "QM1")
 		if qmReplicaStatus == "Running" {
 			actives = append(actives, id)
 		} else if qmReplicaStatus == "Replica" {
 			replicas = append(replicas, id)
 		} else {
 			err := fmt.Errorf("Expected status to be Running or Replica, got status: %s", qmReplicaStatus)
 			return HAReplicaStatus{}, err
 		}
 	}
 	if len(actives) != 1 || len(replicas) != 2 {
 		err := fmt.Errorf("Expected 1 Active and 2 Replicas, got: %d Active and %d Replica", len(actives), len(replicas))
 		return HAReplicaStatus{}, err
 	}
 	return HAReplicaStatus{actives[0], [2]string{replicas[0], replicas[1]}}, nil
 }
 func waitForReadyHA(t *testing.T, cli *client.Client, qmReplicaIDs [3]string) {
 	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
 	defer cancel()
 	for {
 		select {
 		case <-time.After(1 * time.Second):
 			for _, id := range qmReplicaIDs {
 				rc, _ := execContainer(t, cli, id, "", []string{"chkmqready"})
 				if rc == 0 {
 					t.Log("MQ is ready")
 					rc, _ := execContainer(t, cli, id, "", []string{"chkmqstarted"})
 					if rc == 0 {
 						t.Log("MQ has started")
 						return
 					}
 				}
 			}
 		case <-ctx.Done():
 			t.Fatal("Timed out waiting for HA Queue Manager to become ready")
 		}
 	}
 }
 func waitForFailoverHA(t *testing.T, cli *client.Client, replicas [2]string) {
 	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
 	defer cancel()
 	for {
 		select {
 		case <-time.After(1 * time.Second):
 			for _, id := range replicas {
 				if status := getQueueManagerStatus(t, cli, id, "QM1"); status == "Running" {
 					return
 				}
 			}
 		case <-ctx.Done():
 			t.Fatal("Timed out waiting for Native HA Queue Manager to failover to an available replica")
 		}
 	}
 }
--- a/test/docker/mqmetric_test.go
+++ b/test/docker/mqmetric_test.go
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018, 2019
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -28,7 +28,7 @@ import (
 func TestGoldenPathMetric(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -55,7 +55,7 @@ func TestGoldenPathMetric(t *testing.T) {
 func TestMetricNames(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -100,7 +100,7 @@ func TestMetricLabels(t *testing.T) {
 	t.Parallel()
 	requiredLabels := []string{"qmgr"}
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -148,7 +148,7 @@ func TestMetricLabels(t *testing.T) {
 func TestRapidFirePrometheus(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -182,7 +182,7 @@ func TestRapidFirePrometheus(t *testing.T) {
 func TestSlowPrometheus(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -213,7 +213,7 @@ func TestSlowPrometheus(t *testing.T) {
 func TestContainerRestart(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -261,7 +261,7 @@ func TestContainerRestart(t *testing.T) {
 func TestQMRestart(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -319,7 +319,7 @@ func TestQMRestart(t *testing.T) {
 func TestValidValues(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -355,7 +355,7 @@ func TestValidValues(t *testing.T) {
 func TestChangingValues(t *testing.T) {
 	t.Parallel()
-	cli, err := client.NewClientWithOpts(client.FromEnv)
+	cli, err := client.NewEnvClient()
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/test/messaging/Dockerfile
+++ b/test/messaging/Dockerfile
@@ -1,4 +1,4 @@
-# © Copyright IBM Corporation 2018, 2022
+# © Copyright IBM Corporation 2018, 2019
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,24 +15,22 @@
 ###############################################################################
 # Application build environment (Maven)
 ###############################################################################
-FROM registry.access.redhat.com/ubi8/openjdk-8 as builder
+FROM docker.io/maven:3-ibmjava as builder
-COPY pom.xml ./
+COPY pom.xml /usr/src/mymaven/
-#WORKDIR /usr/src/mymaven
+WORKDIR /usr/src/mymaven
 # Download dependencies separately, so Docker caches them
 RUN mvn dependency:go-offline install
 # Copy source
-COPY src ./src
+COPY src /usr/src/mymaven/src
 # Run the main build
 RUN mvn --offline install
 # Print a list of all the files (useful for debugging)
-RUN find ./
+RUN find /usr/src/mymaven
 ###############################################################################
 # Application runtime (JRE only, no build environment)
 ###############################################################################
-# OpenJDK is not technically supported with the MQ client, but is good enough for these tests
+FROM docker.io/ibmjava:8-jre
-FROM registry.access.redhat.com/ubi8/openjdk-8-runtime
+COPY --from=builder /usr/src/mymaven/target/*.jar /opt/app/
-COPY --from=builder /home/jboss/target/*.jar /opt/app/
+COPY --from=builder /usr/src/mymaven/target/lib/*.jar /opt/app/
-COPY --from=builder /home/jboss/target/lib/*.jar /opt/app/
+ENTRYPOINT ["java", "-classpath", "/opt/app/*", "org.junit.platform.console.ConsoleLauncher", "-p", "com.ibm.mqcontainer.test", "--details", "verbose"]
 USER 1001
 ENTRYPOINT ["java", "-classpath", "/opt/app/*", "org.junit.platform.console.ConsoleLauncher", "--fail-if-no-tests", "-p", "com.ibm.mqcontainer.test", "--details", "verbose"]
--- a/test/messaging/pom.xml
+++ b/test/messaging/pom.xml
@@ -1,5 +1,5 @@
 <!--
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,25 +26,25 @@ limitations under the License.
    <dependency>
      <groupId>com.ibm.mq</groupId>
      <artifactId>com.ibm.mq.allclient</artifactId>
-      <version>9.3.0.0</version>
+      <version>9.1.3.0</version>
      <scope>compile</scope>
    </dependency>
    <dependency>
      <groupId>org.junit.jupiter</groupId>
      <artifactId>junit-jupiter-api</artifactId>
-      <version>5.8.2</version>
+      <version>5.5.2</version>
      <scope>compile</scope>
    </dependency>
    <dependency>
      <groupId>org.junit.jupiter</groupId>
      <artifactId>junit-jupiter-engine</artifactId>
-      <version>5.8.2</version>
+      <version>5.5.2</version>
      <scope>runtime</scope>
    </dependency>
    <dependency>
      <groupId>org.junit.platform</groupId>
      <artifactId>junit-platform-console-standalone</artifactId>
-      <version>1.8.2</version>
+      <version>1.5.2</version>
      <scope>runtime</scope>
    </dependency>
  </dependencies>
@@ -65,9 +65,5 @@ limitations under the License.
        </executions>
      </plugin>
    </plugins>
-  </build>
+</build>
  <properties>
      <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
      <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
  </properties>
 </project>
--- a/test/messaging/src/main/java/com/ibm/mqcontainer/test/JMSTests.java
+++ b/test/messaging/src/main/java/com/ibm/mqcontainer/test/JMSTests.java
@@ -1,5 +1,5 @@
 /*
-© Copyright IBM Corporation 2018, 2022
+© Copyright IBM Corporation 2018
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -15,7 +15,7 @@ limitations under the License.
 */
 package com.ibm.mqcontainer.test;
-import static org.junit.jupiter.api.Assertions.*;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 import java.io.FileInputStream;
 import java.io.IOException;
@@ -32,12 +32,9 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocketFactory;
 import javax.net.ssl.TrustManagerFactory;
 import com.ibm.mq.MQException;
 import com.ibm.mq.constants.MQConstants;
 import com.ibm.mq.jms.MQConnectionFactory;
 import com.ibm.mq.jms.MQQueue;
 import com.ibm.msg.client.wmq.WMQConstants;
 import com.ibm.msg.client.jms.DetailedJMSSecurityRuntimeException;
 import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.AfterEach;
@@ -60,18 +57,27 @@ class JMSTests {
    static SSLSocketFactory createSSLSocketFactory() throws IOException, GeneralSecurityException {
        KeyStore ts=KeyStore.getInstance("jks");
        ts.load(new FileInputStream(TRUSTSTORE), PASSPHRASE.toCharArray());
        // KeyManagerFactory kmf=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        TrustManagerFactory tmf=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(ts);
        // tmf.init();
        SSLContext ctx = SSLContext.getInstance("TLSv1.2");
        // Security.setProperty("crypto.policy", "unlimited");
        ctx.init(null, tmf.getTrustManagers(), null);
        return ctx.getSocketFactory();
    }
-    static MQConnectionFactory createMQConnectionFactory(String channel, String addr) throws JMSException, IOException, GeneralSecurityException {
+    static JMSContext create(String channel, String addr, String user, String password) throws JMSException, IOException, GeneralSecurityException {
        LOGGER.info(String.format("Connecting to %s/TCP/%s(1414) as %s", channel, addr, user));
        MQConnectionFactory factory = new MQConnectionFactory();
        factory.setTransportType(WMQConstants.WMQ_CM_CLIENT);
        factory.setChannel(channel);
        factory.setConnectionNameList(String.format("%s(1414)", addr));
        // If a password is set, make sure it gets sent to the queue manager for authentication
        if (password != null) {
            factory.setBooleanProperty(WMQConstants.USER_AUTHENTICATION_MQCSP, true);
        }
        // factory.setClientReconnectOptions(WMQConstants.WMQ_CLIENT_RECONNECT);
        if (TRUSTSTORE == null) {
            LOGGER.info("Not using TLS");
        }
@@ -82,38 +88,18 @@ class JMSTests {
            boolean ibmjre = System.getenv("IBMJRE").equals("true");
            if (ibmjre){
                System.setProperty("com.ibm.mq.cfg.useIBMCipherMappings", "true");
                factory.setSSLCipherSuite("SSL_RSA_WITH_AES_128_CBC_SHA256");
            } else {
                 System.setProperty("com.ibm.mq.cfg.useIBMCipherMappings", "false");
                 factory.setSSLCipherSuite("TLS_RSA_WITH_AES_128_CBC_SHA256");
            }
            factory.setSSLCipherSuite(System.getenv("MQ_TLS_CIPHER"));
        }
-        return factory;
+        // Give up if unable to reconnect for 10 minutes
-    }
+        // factory.setClientReconnectTimeout(600);
-
+        // LOGGER.info(String.format("user=%s pw=%s", user, password));
    /**
     * Create a JMSContext with the supplied user and password.
     */
    static JMSContext create(String channel, String addr, String user, String password) throws JMSException, IOException, GeneralSecurityException {
        LOGGER.info(String.format("Connecting to %s/TCP/%s(1414) as %s", channel, addr, user));
        MQConnectionFactory factory = createMQConnectionFactory(channel, addr);
        // If a password is set, make sure it gets sent to the queue manager for authentication
        if (password != null) {
            factory.setBooleanProperty(WMQConstants.USER_AUTHENTICATION_MQCSP, true);
        }
        LOGGER.info(String.format("CSP authentication: %s", factory.getBooleanProperty(WMQConstants.USER_AUTHENTICATION_MQCSP)));
        return factory.createContext(user, password);
    }
    /**
     * Create a JMSContext with the default user identity (from the OS)
     */
    static JMSContext create(String channel, String addr) throws JMSException, IOException, GeneralSecurityException {
        LOGGER.info(String.format("Connecting to %s/TCP/%s(1414) as OS user '%s'", channel, addr, System.getProperty("user.name")));
        MQConnectionFactory factory = createMQConnectionFactory(channel, addr);
        LOGGER.info(String.format("CSP authentication: %s", factory.getBooleanProperty(WMQConstants.USER_AUTHENTICATION_MQCSP)));
        return factory.createContext();
    }
    @BeforeAll
    private static void waitForQueueManager() {
        for (int i = 0; i < 20; i++) {
@@ -130,34 +116,28 @@ class JMSTests {
        }
    }
-    @Test
+    @BeforeEach
-    void putGetTest(TestInfo t) throws Exception {
+    void connect() throws Exception {
        context = create(CHANNEL, ADDR, USER, PASSWORD);
    }
    @Test
    void succeedingTest(TestInfo t) throws JMSException {
        Queue queue = new MQQueue("DEV.QUEUE.1");
        context.createProducer().send(queue, t.getDisplayName());
        Message m = context.createConsumer(queue).receive();
        assertNotNull(m.getBody(String.class));
    }
    // @Test
    // void failingTest() {
    //     fail("a failing test");
    // }
    @Test
-    void defaultIdentityTest(TestInfo t) throws Exception {
+    @Disabled("for demonstration purposes")
-        LOGGER.info(String.format("Password='%s'", PASSWORD));
+    void skippedTest() {
-        try {
+        // not executed
            // Don't pass a user/password, which should cause the default identity to be used
            context = create(CHANNEL, ADDR);
        } catch (DetailedJMSSecurityRuntimeException ex) {
            Throwable cause = ex.getCause();
            assertNotNull(cause);
            assertTrue(cause instanceof MQException);
            assertEquals(MQConstants.MQRC_NOT_AUTHORIZED, ((MQException)cause).getReason());
            return;
        }
        // The default developer config allows any user to appear as "app", and use a blank password.  This is done with the MCAUSER on the channel.
        // If this test is run on a queue manager without a password set, then it should be possible to connect without exception.
        // If this test is run on a queue manager with a password set, then an exception should be thrown, because this test doesn't send a password.
        if ((PASSWORD != null) && (PASSWORD != "")) {
            fail("Exception not thrown");
        }
    }
    @AfterEach
@@ -166,4 +146,9 @@ class JMSTests {
            context.close();
        }
    }
    @AfterAll
    static void tearDownAll() {
    }
 }
--- a/test/tls/client-trust.jks
+++ b/test/tls/client-trust.jks
--- a/test/tls/generate-test-cert.sh
+++ b/test/tls/generate-test-cert.sh
@@ -1,6 +1,6 @@
-#!/bin/bash -ex
+#!/bin/bash
 # -*- mode: sh -*-
-# © Copyright IBM Corporation 2018, 2021
+# © Copyright IBM Corporation 2018
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -23,7 +23,6 @@ PASSWORD=passw0rd
 openssl req \
       -newkey rsa:2048 -nodes -keyout ${KEY} \
       -subj "/CN=localhost" \
       -addext "subjectAltName = DNS:localhost" \
       -x509 -days 3650 -out ${CERT}
 # Add the key and certificate to a PKCS #12 key store, for the server to use
--- a/test/tls/server.crt
+++ b/test/tls/server.crt
@@ -1,17 +1,17 @@
 -----BEGIN CERTIFICATE-----
-MIICwzCCAaugAwIBAgIJAKnwG0VGiDelMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
+MIICpDCCAYwCCQC6vpJFnfYO6TANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAls
-BAMMCWxvY2FsaG9zdDAeFw0yMTA5MDYxNTIyMDlaFw0zMTA5MDQxNTIyMDlaMBQx
+b2NhbGhvc3QwHhcNMTkwMzIxMTYxMzUxWhcNMjkwMzE4MTYxMzUxWjAUMRIwEAYD
-EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+VQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu
-ggEBALLmDX3OB/4DlzJzKz/Edc5qVdjdIN/u8pApSQPevT0mAsSK1uw2MObeOo4C
+48qtIDwmihFqj2HY3dZjPfROA1MJ+D0c6aEA08ooOczthLB7XdZBQDapj8LFldyt
-DCBmabYeuvGzZ4t3SiejdsHK+qAYMFW51lxTbulv5kUPvTBOY2JCENkVDFjqcK8S
+4ZMbTkqtF5QtPXmJY0wi39foLYlcGXPL1b7y3mypaFou88BcSM3VmfILKXhNeAlt
-9ItI/UzTmnBolvZmUKzROHzA/pFb/jkhlzqJO+TqIBXKLF5gdFFTiHHcqfoUyVOV
+rXevnuT5kDU7sLVgKGhGwas20T1MU7d0I3bQ5z5c7egL76Hk9fYucjN6RkbwlrJ3
-n+49V8z6W2rokz4QIWa5Dlh6VS1B6VXdihJv5P9HV8P8FOtefhA85yaSVKlFS/AC
+TrCXrGIziofn3Zq1t51ygv21c80JD3XJ44YmuCrede4rhOS/4NpwRuZyiwpJ6tlv
-XRb5FmtmYHBnghLktHS71s/KcPeX27Q1NcKhmZMvHRH95hqEcP25S6SGu69eiCLk
+0L0QSDGCmt2JT3ty28UAsGznFzC5Qu9KyaR+9Gk4aftiyKxrYWZkgtJmMRU+C1X2
-xpbJKqG3fntfooLUDfR2PHQUJ7UCAwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxo
+kFLOHsucGmJswjwubSR7AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAEdlmXVGy86P
-b3N0MA0GCSqGSIb3DQEBCwUAA4IBAQBamIH23oDh1XxOeMPUEyPLHm5M8LM8FNhT
+XIX5a4ZmHQ5Ns4wm7rY8vzUxlymEQ86En1PN1zAO9gV94tLyNeMptjsFEEo/uJhC
-GEpf1ICy4TSLipSFhIs3hGzVt22zBBzU59apQ8rXUME5SK+9PLag/t/48rG1SfUA
+Yvg3l5TIr/WCiY2+2XsSHvnbXrlbF3S0fRHa9VaCMRKjzRT68uq2Y891906YGtUE
-VyYvaeu/cA5NQMWwuyCLqZL1MWn+BLsdAiNtbNHANesnl0i+vUb0GPzSP8soe3PP
+m6fCjHqVzX8qaplDf79aVkPydYaYOIZ1a/mCfQcD9XMZ/v5zI9IUDhdoq97bgPhB
-N7Fh8SO3Qq6e9zT3iE2tP2OFxzcpg538Xn3qoVPJwmLIfBtvsiK07zqAWdqBWtt6
+gBOzWLI+hkzyU8jxKAFw1Hwi9lD/P6RXL5arNb/+arOgA3vTW+xGWGevgjVK1Ay9
-cBXyagnmgKvOyv6sKAlTpwP9HqVem3XxZVrhm1KiPHs4Dnks6e79txmB8lqzvWu5
+81beWiQmn0KbeLZxj+WJ9Nntlf1M4EqPYgsSYs/IlJTYS8W1B0mDJEoovPdFTryY
-tu4h2ePGJjqUy5JkkoDY0j6hALwEe3ZXBvJ6XUQDi9Hou2k+MaQd
+GyIuQEVcjUE=
 -----END CERTIFICATE-----
--- a/test/tls/server.key
+++ b/test/tls/server.key
@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCy5g19zgf+A5cy
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCu48qtIDwmihFq
-cys/xHXOalXY3SDf7vKQKUkD3r09JgLEitbsNjDm3jqOAgwgZmm2Hrrxs2eLd0on
+j2HY3dZjPfROA1MJ+D0c6aEA08ooOczthLB7XdZBQDapj8LFldyt4ZMbTkqtF5Qt
-o3bByvqgGDBVudZcU27pb+ZFD70wTmNiQhDZFQxY6nCvEvSLSP1M05pwaJb2ZlCs
+PXmJY0wi39foLYlcGXPL1b7y3mypaFou88BcSM3VmfILKXhNeAltrXevnuT5kDU7
-0Th8wP6RW/45IZc6iTvk6iAVyixeYHRRU4hx3Kn6FMlTlZ/uPVfM+ltq6JM+ECFm
+sLVgKGhGwas20T1MU7d0I3bQ5z5c7egL76Hk9fYucjN6RkbwlrJ3TrCXrGIziofn
-uQ5YelUtQelV3YoSb+T/R1fD/BTrXn4QPOcmklSpRUvwAl0W+RZrZmBwZ4IS5LR0
+3Zq1t51ygv21c80JD3XJ44YmuCrede4rhOS/4NpwRuZyiwpJ6tlv0L0QSDGCmt2J
-u9bPynD3l9u0NTXCoZmTLx0R/eYahHD9uUukhruvXogi5MaWySqht357X6KC1A30
+T3ty28UAsGznFzC5Qu9KyaR+9Gk4aftiyKxrYWZkgtJmMRU+C1X2kFLOHsucGmJs
-djx0FCe1AgMBAAECggEAagD5A49+mtwjzigB+4H80Def8KVuomIi5psgAaQM+9u3
+wjwubSR7AgMBAAECggEAH9t6teKjUlngJksMBdcTEGzerb9JRw2jBDtCisYJkx5E
-DiC6ozKlHVeW2KiL6PLmNpzU5v0IINKpZP1uE/yjLxPGKDW6t/BUKww8JLXjw2jf
+SBfdlftX5fbufiCj2B4eXsYyZ8zxKWqcIUmLdA1Udx3TVIXG+bHhOAYtjEwb+xf5
-aMx+0TKwo0sfRA32S0YPmWNVAsBmm1AbA5vhXcK51QXuiInH406H5+d25ZJrYevF
+JYhdR/IzHG+4eXQKaAIvpXztyl3lU9iC+eaMg4GYzRrGN2wSAG9XgZ5cLF2TLJYU
-liKWSjx9CM/0XO7t20j18mCa8RjBEdsZoHxHsoWNvFJ6DCR25cFShAhR7s4OtkUk
+jPxp7goz9X6V57aL2G/EFlbFsMaI/6cW7+XoRdo0I4N2Z766gz7GgyxtTVwR5Peq
-yELm1tYYrFOffUM0Q/Fp9uSlCHWMSqPtf/6NEfnszfFEtzDh/N+YqC1Bexv0XPsD
+LjOpqSNS0W57KJxReURfySok9CP1DfyigopsYW8O4jGVDDRLdiN3I8+JhWya2E0j
-dBPOkUZjWA2Sc8Se1t2GLfrRURzj3GvWH1+GssjsAQKBgQDeIdyzQSqce4Kn0opa
+96hHpN04Oz6HnMm7bdZDVtkZCOiu6xIzLJJxZ4o+kQKBgQDYqOA/hSod7s7w4LBE
-vdS5moCiv3pyfNd0nYe0awgVos4kHY7/nBq0eyMZAatRHeD3DunVsw3LmvWyEw53
+A6Mp+e0//PYH6/N9SKmSIgQNec9bMGI4yanoblMbg4GM1g7pkvjlC0nTdjnUbLkB
-app7MTTjVrYaadoBlB6jy2elyF5RcW2jGchZExoNh+0ZQWUiMbYEozPLQTy9ZxMz
+vIvtVh3XwTIlrZ/4lc7VB23/hmKU+lRc+NJP5fgasAQu0W3+qp2cXo0pnHVwBEku
-t0OcZ1hHPngGgmj5TELZKkwEtQKBgQDOLLh7pdKrdudtim+o4H20jl5yYKl25Iq/
+Z7FwDPX0JNDIi/Or2I7dt8JojQKBgQDOpU1AnIXv1/cToYK4nz8BWLxRxwLTxy5A
-DKVodwUd94cM7xAIOQJrx2XK/YPCfRkKRN1wxzAhYdIVkaaKDVhI8Jeu+H18QOa6
+ucafNKacPlxb5luZRCExiPZwAM8Z3zI9o99rYXOPQmsnknZWJV66Zx0Vo0yTD1CT
-5OlzzZcqJCtACpbVqLaDcmq8pRrAYekiwMIKwC95llvktjilvLfoUnQoXAaX8E8B
+DWMUj0ugI1wORNMhwZP6YBYWjAeupyU9a7FyU1Geg4sdQt5rMyAEQOoECc8x8foP
-yCSUvDh3AQKBgQCxa0h04DLho4Da/D3HdmHHERF3bAqoEPCh0wTF5MsjRNLzY6yI
+rySHuO/TJwKBgBjMM2ZxymFErQDa5rHSLMGoLmRtgodjlSnYwDfOluIn9/i67/MJ
-mq11w/hni77C3mOF0SKRrh7xpcZiQfhHBx12EfpVLjfq5uraYe0LFHanol87G6bf
+d11iyOSCKji8y/+t2gXw6plVLcgfohZWTaf7ah9H006sx2Tn+m4APoHGo9sm21M
-I8Oy6Z/geNW2W1YktqHUGGpRCL0z5nUe1FyrOpv2431Ibbbcj73A6JipFQKBgHdl
+uV2Vt7DuRnxJUiqcwo9cLxH9K1/Xzbx299MYWKpJ8G+TvR8FGUz9NE4dAoGAM5gs
-vJyWpk73+AQe1JUnFIU4oYd5ZQpeRd9n8m5x5ru4+jPKSi2I3lcOTWvlrqU2Dwc8
+KKSsAE1QwFMEG2qPRZvNMTHaL9w8XSbFQ7zWmI4tazihyCutifujZCWfj9sdZSyE
-ZEUIhV3/qUsmYxy1p7ft5NnGO912NGhtYqjWmcEk2wsmVr17C99JpniC4OAik4G1
+PQBQ5QT1UiUMbMfZ1fqm1V83YERjnsOp6Fk6zZnmgx2GBZiahNn2ydxekqni72nz
-wWm6bIPsSGFGCb4pcROQlIY+7O6WkxqEDnM4ITcBAoGAHXBKmadFpupUeGSkCwEo
+HRNWfphjZIPsmqFiLg2zIBz+4X6EK+RT35s6LeMCgYEAwF/9jX8kONW5KKZdoNHa
-/VjeI4QoKKcWj9K8z8ifCVPz1FiQ1AJ91WMTM7PAmpEDX058Hor9xxJ2bEtQFwUS
+opkLpa9qkwTGQ9M3AZiRUjM4rtvggYt8FBEP+3BLDLHqfUOkPq82MCRXm+6Cz+sT
-QKvjeU+/Ig0TWjsJBgBPvc0xYLaJptAbjvG4a5nBn7hwbRzLTcKx2OVTmdAkz00H
+gyPnsPlAh/sr3Pys3olJbUDE9H24k1LU0CI/sSwAFkka0+Q7PVTTe/Dcavitrcrm
-1lq8cwizfwNgt8ldFFDDRvw=
+fyiT2oSPZeHSjQE9iIW3OY=
 -----END PRIVATE KEY-----
--- a/test/tls/server.p12
+++ b/test/tls/server.p12
--- a/test/tlscacert/cacert.crt
+++ b/test/tlscacert/cacert.crt
@@ -1,23 +0,0 @@
 -----BEGIN CERTIFICATE-----
 MIIDxTCCAq2gAwIBAgIUc5EKoPi8cg2M2n+SqCPn44LFjoAwDQYJKoZIhvcNAQEL
 BQAwcjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9y
 azEMMAoGA1UECgwDSUJNMQwwCgYDVQQLDANJQk0xDDAKBgNVBAMMA0lCTTEZMBcG
 CSqGSIb3DQEJARYKbXFAaWJtLmNvbTAeFw0yMjEwMDYxMzA2NTVaFw0zMjEwMDMx
 MzA2NTVaMHIxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOWTERMA8GA1UEBwwITmV3
 IFlvcmsxDDAKBgNVBAoMA0lCTTEMMAoGA1UECwwDSUJNMQwwCgYDVQQDDANJQk0x
 GTAXBgkqhkiG9w0BCQEWCm1xQGlibS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
 DwAwggEKAoIBAQCls3oNIDxzKct0NXVsoz1Hng3BcaDPcBRYCNgAEwDOVe3rEEbZ
 d2KFliDgCG3hCHMM1Yaabx3iTVsKklubBxr1JFmyDtgb4z9mJpMVYXS+gsKsZOs/
 vNSmzpt5VlbEadHKJ/aFf/EWxvoOP80UiEeUJt36aWFUTyjjyArd2xS8fD1DATFB
 U2bteaWfkpuLeFiTtwftZhsLv1s5T35+Ex087eX1tkm/TArxZsNl/9RrSWsbJh/t
 bjiRKn+fCZdirFsurP3Si5Jd9laCW0RBKAKYEh40XYDgjLhvcazDPTBueTHXQPG5
 S0hCOhCJiCWpPCsh8rIOCz0D9YIByZADR1WvAgMBAAGjUzBRMB0GA1UdDgQWBBS5
 OsiPqZXlMwpMqGKczUg3qVvy0zAfBgNVHSMEGDAWgBS5OsiPqZXlMwpMqGKczUg3
 qVvy0zAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBfwYRcckke
 /NzDHlFb8TBlUDqERmlT/qTWamVZO2Zuo4Y0BFOYFEA23F5sQU2s2MFSEZcAKe5v
 mJroFE2rr4aY4bJ4Z0UXlOAYyqNxVOTI4MIxwbg3GVr8c8oWBnAmgqI9W9OpgZ52
 /bN24XL9s6I3TeOTtYI9z5O70Kl/E3nG8GcfMw0EtNIy0UPUWvJH8FgEsotsRO9v
 tPtlZklEK/D+Keozbs2shdNhKgVnDatpdTBqvwLztb1+te5AckuOnJsnG+iIrG2D
 Ehoq2O3gktIVdAk4sv2BoONzegLWB+GSxGVZsemfYF4PkN9/w+znz0LK/ATAtabK
 rikk0yC+Xg8z
 -----END CERTIFICATE-----
--- a/test/tlscacert/generate-test-cert.sh
+++ b/test/tlscacert/generate-test-cert.sh
@@ -1,34 +0,0 @@
 #!/bin/bash -ex
 # -*- mode: sh -*-
 # © Copyright IBM Corporation 2018, 2022
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 # http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 KEY=server.key
 CERT=server.crt
 CACERT=cacert.crt
 CAPEM=rootcakey.pem
 # Create a private key and certificate in PEM format, for the server to use
 openssl req \
       -newkey rsa:2048 -nodes -keyout ${KEY} \
       -subj "/CN=localhost" \
       -addext "subjectAltName = DNS:localhost" \
       -x509 -days 3650 -out ${CERT}
 # Generate the private key of the root CA
 openssl genrsa -out ${CAPEM} 2048
 #Generate the self-signed root CA certificate. Manual input is required when prompted
 openssl req -x509 -sha256 -new -nodes -key ${CAPEM} -days 3650 -out ${CACERT}
--- a/test/tlscacert/rootcakey.pem
+++ b/test/tlscacert/rootcakey.pem
@@ -1,27 +0,0 @@
 -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEApbN6DSA8cynLdDV1bKM9R54NwXGgz3AUWAjYABMAzlXt6xBG
 2XdihZYg4Aht4QhzDNWGmm8d4k1bCpJbmwca9SRZsg7YG+M/ZiaTFWF0voLCrGTr
 P7zUps6beVZWxGnRyif2hX/xFsb6Dj/NFIhHlCbd+mlhVE8o48gK3dsUvHw9QwEx
 QVNm7Xmln5Kbi3hYk7cH7WYbC79bOU9+fhMdPO3l9bZJv0wK8WbDZf/Ua0lrGyYf
 7W44kSp/nwmXYqxbLqz90ouSXfZWgltEQSgCmBIeNF2A4Iy4b3Gswz0wbnkx10Dx
 uUtIQjoQiYglqTwrIfKyDgs9A/WCAcmQA0dVrwIDAQABAoIBAQCcL9ZltPMF4mlh
 +lnasuu6K+LvafmYTh7+9CcVutPRqfF+1nLR3NRC8sW+JnPb36kCeepMe1yByUR9
 bINoV4QzebYKPi+56bQCx21wg9IVGRACi4WrKISRTsIB1z4mGVCj6pNWNsi7HYbq
 E31tUx+VKCWoOdiCLbNvMUn84Npk5npK9P9F86qypSJqJv3HORgOa58x7qZiD2fk
 TroLuGHKFWGtSiK1vvgax8gBwMi9JvWoPhwHagINh0WwT820+3/4KbqcsvRNSIu8
 qA+ltk/Vt0ftwPMpxPYnvRFrSvzYIRE04fbWqA3mxhPr/oP3xXrwyd1hnX6GzPIR
 KXeX1i7BAoGBANGV6XtL8cq8tu/4emOYDn4tncMRICQ8uMWZqnIQAvX8PBx1w9E2
 Wbkl0oBHJ/gDtU+feDvbHI0JBvXerce2cxj4+793TGLUl980dgq776x2fcxHjvYZ
 uZjJd4M95Lh+IhtWGZQ1FviiylDg62w+mrNydX8WiFjLGYPydQqCIAAxAoGBAMpl
 m/MDqpgPxiDU1O9DAq8C/0MQUOc/p+67aGsYxmPDdCouBLA/zckQh6Cp9Wo3n7MF
 X5UHOqn72q/4ahNEx+3YQoaLqRKTjUHl3r3zj+MsM0hIDp1uOxVzbANxazuLuqqA
 C+yJTmRU7uvNPH1AMFJBKRSmhd3MJwoHF/KZAhvfAoGAFaGPU3ZnIjGP//x5RUYw
 WL2EhtmBo7vQpjRR7yvP4muCGL3e0/z0DbPloe+2JFbdo7Ylxqe6rqO74Cx3ayFd
 h7pK4VwCukCO3C6h8EGtXvNr0GWiT6wgB7DjcNw2ewQpqQCd6zn/gPHsR6SvJ6De
 fp7VmaRNtjxgCcpAYjFD9EECgYAhEPaofjnZvAH/jSX4rPb8Rr4TY9AD58d03lNR
 4+tNkzogRgJoFRR2u+ecnQfGQa4qnj8eZt7ztHzm8OvLmBodxo4f0yNdMJQMZxS7
 7dXdJHSAY51XpRGsEH5eFaKSSOLHRkIsc8ZF6AZcqdwvDlSWq6SdhhMqyFa8cao8
 7TiF+wKBgADNZ4HoZDfnuH5jUvf7y+YlxDX3jxWR+BUTLCJmt082uT+8Xg5SALec
 B8GP5s6VKglD5Wzj8IhxvpQ5yzH9DRHwEeu3vFLBinIUlWdBiXwtnbmY0E9r3PSb
 pZQH5RZ5PyrJicIVBJSqdFu2HDl4heeLJE0LGh7SQnFaexxXn397
 -----END RSA PRIVATE KEY-----
--- a/test/tlscacert/server.crt
+++ b/test/tlscacert/server.crt
@@ -1,19 +0,0 @@
 -----BEGIN CERTIFICATE-----
 MIIDHzCCAgegAwIBAgIUUFCo8fUglrbfDY8ZUDnzAfWeq54wDQYJKoZIhvcNAQEL
 BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMTAwNjEzMDYwMloXDTMyMTAw
 MzEzMDYwMlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
 AAOCAQ8AMIIBCgKCAQEAxcja4TbshPj4tWgbRP73eDs2382j6Km5TNej6To13PJq
 Wyezg081ctmgFEMlgbRiowZmecpYOKjDKuVDtfLE6nZMmN+PjXXuOMGIPu67fx/4
 tnaMDYw96WIBEFNVZ7dC/pceaTIRbnjma89o1/mTudTAYPLAvKpeBqpJJFWPMDhz
 nK3NKeydTdUYc9jmEJWiFCI4bUdyvyUjp+7QrDbdODXo27/nVAV0Ih+OuU4ZnxT5
 cf1fzVV1ZqHd8jbLm25ZoAmkk+9DSXFNA2hbSepf70mRVD/Qyn8U6b5A2v+mWIfs
 B1+iAlPl7IX88W1Q9q1yu0uT8YWGWpeTbeOnJ4WJ8wIDAQABo2kwZzAdBgNVHQ4E
 FgQUEjp6AtPmpuLQyBPeiW4pW+VGb2wwHwYDVR0jBBgwFoAUEjp6AtPmpuLQyBPe
 iW4pW+VGb2wwDwYDVR0TAQH/BAUwAwEB/zAUBgNVHREEDTALgglsb2NhbGhvc3Qw
 DQYJKoZIhvcNAQELBQADggEBAL2bTWfTqxfN0YbBPjG05sR4nO8mhbNSGHDuGeiO
 OP0wPxkgAueScTpyhHWEAJmMQOMUM9KhByZj7LnqW8XY9BBS3zPAyzAdia8/o6Vl
 7El+M2JCfqz7hSupRK8M+r+XUq3hyEFjPLt+KO6D5VNzXiTM+36UueeQD3aaxxyo
 LpHSPeXFBkOrT/wt6FHi4NHvWls95PllncWZVYjxPMUUF/o30tOxSmgXwjUknrI8
 29ADKM1IbFuXd4vKYG9V+ukI6n5F86PYrN2ajPBKIidvTqU8tPzMHuJZ3YiIiv8p
 TARE2b5YLWuu+aF2z/V71MmIWr0uyOk6pZVGOCw7fwHx/wg=
 -----END CERTIFICATE-----
--- a/test/tlscacert/server.key
+++ b/test/tlscacert/server.key
@@ -1,28 +0,0 @@
 -----BEGIN PRIVATE KEY-----
 MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDFyNrhNuyE+Pi1
 aBtE/vd4OzbfzaPoqblM16PpOjXc8mpbJ7ODTzVy2aAUQyWBtGKjBmZ5ylg4qMMq
 5UO18sTqdkyY34+Nde44wYg+7rt/H/i2dowNjD3pYgEQU1Vnt0L+lx5pMhFueOZr
 z2jX+ZO51MBg8sC8ql4GqkkkVY8wOHOcrc0p7J1N1Rhz2OYQlaIUIjhtR3K/JSOn
 7tCsNt04Nejbv+dUBXQiH465ThmfFPlx/V/NVXVmod3yNsubblmgCaST70NJcU0D
 aFtJ6l/vSZFUP9DKfxTpvkDa/6ZYh+wHX6ICU+XshfzxbVD2rXK7S5PxhYZal5Nt
 46cnhYnzAgMBAAECggEBAKLRsZZbf6QLzbqRBHntJ04b+RWOlVOQfRHMJ4x1Nig4
 i+OUsEv1pftxOj3T9QlstRKdzziNociq7VffurkLLJ4TWwUybVu37K9easncABAs
 ArQ6rRruC32YB2YoJBOoowcw4oEZDY6TCqVP7nB1be46PVDSJmZqHdOA1YuKv8Ci
 FbzLZEKYy6QGmHp9xMzc3usQ+KRNIFcR3NJb0eCbfAXb0tP3F12i4ygnxifkOVQS
 hukTJlZVbAO3W9uUEzLh5bkLoPfob6Vrwv1tGQ48uFgzgPXc4bWOUDFXHW5+vQLD
 1MKFboozrNhRR+Q5xvbRnaWEv4hMHlUNggc5ErRj6CkCgYEA5m5f1VfhfqSvEF2c
 XcIfUDiCzREpllY2ZdBSfUlz/GA6f0QUyFJBCdd4ypipQcggn60de9DoKDcNcq32
 rfVfANpsciJq9s4+xLL8MGtUuoi4HK8LHP3tc8aJaAcCVjBFbz0orKXDUOcue6A5
 Z5riDjiXOE56XSLSSNSRjWh4psUCgYEA27sfaM4J0YkdFuth/Qu+X9PeroUZyC0T
 3glMN/7PU4jZg+2v4Psfe61gj8qOt0catuWvsD0wQTy3jt+svY/KfkbspK6/7CEG
 fKx1AB1xeMr4JuQp9POFVhKRn4sBUMbHOkbjzlNpGmUI2arlLRTwT8YpuMDjCK4l
 ZuUYB/IHOVcCgYAqexqryCHIKTAlAjz7g/gl3+UtTQavsoEg0AEFG++IDW17XN+/
 9noLCHA6WV6KxAxPo6iV1POXxl5yT+P0OhIjpCDuAa5ahbdIp/6aJo9ePCpFD3gr
 Bh0qhOV8Ch7CKPAEC/Bds8mINrZ5EBbFJOab3I70UHN6jBrcVmPm/+WOSQKBgQCW
 AbBWt1qCnu2qCPWzcAH+n8DFOf645vVKPuS20ZEuwR1l8K2ClU4P+/QRFkLKIpO9
 Sx7e3VcFInNZ6Z+fJfwiqz7AysAhbwZjtMSHWJJv2XkB7AAsxtc/RJv/5ED4qUu3
 oE/DOrRlHZamKwIb/dB1VZ6ED8Ku2VyVW09FlViTLwKBgEU21xqvP1+TXzsrZNGm
 /Hj/RAaA8B6tyo5Dj9glV80oakMSaxBsLP9xHkoZjkHaJnoFosKBQSnCcPnEY4gP
 22WEyGshu8sujLibLKWhARqjeubatXv+XBxiDdMbgcd/XTwbI4HTjXy5LF0o47UI
 W6itMOg9uCfBJM/i2jrAkmQR
 -----END PRIVATE KEY-----
--- a/travis-build-scripts/artifact-util.sh
+++ b/travis-build-scripts/artifact-util.sh
@@ -1,249 +0,0 @@
 #!/bin/bash
 # © Copyright IBM Corporation 2020
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 # http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 usage="
 Usage: artifact-util.sh -c my-registry.com/artifacts/my-project/builds/123 -u me@org.com -p top-secret -f tagcache -l ./.tagcache --upload \"
 Where:
 -c - Full artifact destination hostname and path
 -u - The username to access repository
 -p - The password or api-key to access repository
 -f - Name of the file in repository
 -l - The path and name to the file whose contents is to be pushed or retrieved into
 Then one action of either
 --check - Check if the file exists
 --upload - Upload the contents of a file [-l must be specified]
 --get - Get a file and write to a local file [-l must be specified]
 --delete - Delet the remote file from repository
 "
 GREEN="\033[32m"
 RED="\033[31m"
 END="\033[0m"
 RIGHTARROW="\xE2\x96\xB6"
 BLUERIGHTARROW=${BLUE}${RIGHTARROW}${END}
 GREENRIGHTARROW=${GREEN}${RIGHTARROW}${END}
 ERROR=${RED}
 TICK="\xE2\x9C\x94"
 CROSS="\xE2\x9C\x97"
 GREENTICK=${GREEN}${TICK}${END}
 REDCROSS=${RED}${CROSS}${END}
 SPACER="\n\n"
 USER=
 CREDENTIAL=
 FILE_NAME=
 BUILD_ID=
 REGISTRY_HOSTNAME=
 FILE_LOCATION=
 PROPERTY_NAME=
 CHECK=false
 UPLOAD=false
 GET=false
 GET_PROPERTY=false
 DELETE=false
 DELETE_NAMESPACE=false
 num_commands_selected=0
 while getopts "f:u:p:c:l:n:-:" flag
 do
    case "${flag}" in
        f) FILE_NAME=${OPTARG};;
        u) USER=${OPTARG};;
        p) CREDENTIAL=${OPTARG};;
        c) CACHE_PATH=${OPTARG};;
        l) FILE_LOCATION=${OPTARG};;
        n) PROPERTY_NAME=${OPTARG};;
        -)
            case "${OPTARG}" in
                check)
                    CHECK=true
                    num_commands_selected=$((num_commands_selected+1))
                    ;;
                upload)
                    UPLOAD=true
                    num_commands_selected=$((num_commands_selected+1))
                    ;;
                get)
                    GET=true
                    num_commands_selected=$((num_commands_selected+1))
                    ;;
                get-property)
                    GET_PROPERTY=true
                    num_commands_selected=$((num_commands_selected+1))
                    ;;
                delete) 
                    DELETE=true
                    num_commands_selected=$((num_commands_selected+1))
                    ;;
                delete-namespace)
                    DELETE_NAMESPACE=true
                    num_commands_selected=$((num_commands_selected+1))
                    ;;
                *)
                    if [ "$OPTERR" = 1 ] && [ "${optspec:0:1}" != ":" ]; then
                        echo "Unknown option --${OPTARG}" >&2
                    fi
                    ;;
            esac;;
    esac
 done
 if [[ $num_commands_selected == 0 || $num_commands_selected -gt 1 ]]; then
    printf "${REDCROSS} ${ERROR}Too many actions specified. Should be one of ${END}--check${ERROR},${END} --get${ERROR},${END} --upload${ERROR} or${END} --delete${ERROR}!${END}\n"
    printf $SPACER
    printf "${ERROR}$usage${END}\n"
    exit 1
 fi
 if [ "$DELETE_NAMESPACE" != "true" ]; then
    if [[ -z $CACHE_PATH|| -z $USER || -z $CREDENTIAL || -z $FILE_NAME ]] ; then 
    printf "${REDCROSS} ${ERROR}Missing parameter!${END}\n"
    printf "Cache Path:"$CACHE_PATH"\n"
    printf "File name:"$FILE_NAME"\n"
    printf "User":$USER"\n"
    printf $SPACER
    printf "${ERROR}$usage${END}\n"
    exit 1
    fi
 fi
 REMOTE_PATH="https://${CACHE_PATH}/$TRAVIS_BUILD_ID"
 if [ "$CHECK" == "true" ]; then
    printf "${GREENRIGHTARROW} Checking to see if file ${FILE_NAME} exists in repository ${REMOTE_PATH}\n"
    FILE_FOUND=`curl -u ${USER}:${CREDENTIAL} -X GET  "${REMOTE_PATH}/${FILE_NAME}" -o /dev/null -w "%{http_code}" -s`
    if [ "$FILE_FOUND" != "200" ]; then
        printf "${REDCROSS} File ${FILE_NAME} was not found\n"
        exit 1
    else
        printf "${GREENTICK} File ${FILE_NAME} was found\n"
    fi
 fi
 if [ "$UPLOAD" == "true" ]; then
    printf "${GREENRIGHTARROW} Attempting to upload the file ${FILE_NAME} to repository ${REMOTE_PATH}\n"
    if [[ -z $FILE_LOCATION ]]; then
        printf "${REDCROSS} Location for ${FILE_NAME} was not supplied please do so\n"
        printf $SPACER
        printf "${ERROR}$usage${END}\n"
        exit 1
    fi
    if [ ! -f "$FILE_LOCATION" ]; then
        printf "${REDCROSS} Location supplied ${FILE_LOCATION } for file ${FILE_NAME} did not resolve to a file with contents to upload\n"
        printf $SPACER
        printf "${ERROR}$usage${END}\n"
        exit 1
    fi
    curl -u ${USER}:${CREDENTIAL} -X PUT "$REMOTE_PATH/${FILE_NAME}" -T ${FILE_LOCATION}
 fi
 if [ "$GET" == "true" ]; then
    printf "${GREENRIGHTARROW} Attempting to download file ${FILE_NAME} from repository ${REMOTE_PATH} to ${FILE_LOCATION}\n"
    if [[ -z $FILE_LOCATION ]]; then
        printf "${REDCROSS} Location for ${FILE_NAME} was not supplied please do so\n"
        printf $SPACER
        printf "${ERROR}$usage${END}\n"
        exit 1
    fi
    curl -u ${USER}:${CREDENTIAL} "$REMOTE_PATH/${FILE_NAME}" -o ${FILE_LOCATION} -s
    if [ $? != 0 ]; then
        printf "${REDCROSS} Failed download\n"
    else
        printf "${GREENTICK} File ${FILE_NAME} was downloaded to ${FILE_LOCATION}\n"
    fi
 fi
 if [ "$GET_PROPERTY" == "true" ]; then
    if [[ -z $PROPERTY_NAME ]]; then
        printf "${REDCROSS} Property name to retrieve from '${FILE_NAME}' was not supplied please do so\n"
        printf $SPACER
        printf "${ERROR}$usage${END}\n"
        exit 1
    fi
    if [[ -z $FILE_LOCATION ]]; then
        printf "${REDCROSS} File location to store property value in was not supplied please do so\n"
        printf $SPACER
        printf "${ERROR}$usage${END}\n"
        exit 1
    fi
    printf "${GREENRIGHTARROW} Attempting to retrieve ${PROPERTY_NAME} of ${FILE_NAME} from repository ${REMOTE_PATH} and store it in ${FILE_LOCATION}\n"
    query_url="${FILE_NAME}"
    query_url="${query_url/\/artifactory\//\/artifactory\/api\/storage\//}?properties=${PROPERTY_NAME}"
    request_result="$(curl -s -u ${USER}:${CREDENTIAL} "${query_url}")"
    if [ $? != 0 ]; then
        printf "Unable to retrieve properties from ${query_url}"
        exit 1
    else
        printf "${GREENTICK} Properties retrieved from ${query_url}"
    fi
    jq -r '.properties.snapshot|first' <<<"$request_result" > ${FILE_LOCATION}
    if [ $? != 0 ]; then
        printf "Unable to write snapshot property to ${FILE_LOCATION}"
        exit 1
    else
        printf "${GREENTICK} Property written to ${FILE_LOCATION}"
    fi
 fi
 if [ "$DELETE" == "true" ]; then
    printf "${GREENRIGHTARROW} Checking to see if file ${FILE_NAME} exists in repository ${REMOTE_PATH} before delete\n"
    FILE_FOUND=`curl -u ${USER}:${CREDENTIAL} -X GET  "${REMOTE_PATH}/${FILE_NAME}" -o /dev/null -w "%{http_code}" -s`
    if [ "$FILE_FOUND" != "200" ]; then
        printf "${REDCROSS} File ${FILE_NAME} was not found to delete\n"
        exit 1
    else
        printf "${GREENTICK} File ${FILE_NAME} was found\n"
        printf "${GREENRIGHTARROW} Attempting the delete of ${REMOTE_PATH}/${FILE_NAME}"
        curl -u ${USER}:${CREDENTIAL} -X DELETE  "${REMOTE_PATH}/${FILE_NAME}" -s
        if [ $? != 0 ]; then
            printf "${REDCROSS} Failed delete\n"
        else
            printf "${GREENTICK} File ${FILE_NAME} was deleted from "${REMOTE_PATH}"\n"
        fi
    fi
 fi
 if [ "$DELETE_NAMESPACE" == "true" ]; then
    printf "${GREENRIGHTARROW} Checking to see if repository ${REMOTE_PATH} exists before delete\n"
    DIR_FOUND=`curl -u ${USER}:${CREDENTIAL} -X GET  "${REMOTE_PATH}" -o /dev/null -w "%{http_code}" -s`
    if [ "$DIR_FOUND" != "200" ]; then
        printf "${REDCROSS} Namespace ${REMOTE_PATH} was not found to delete\n"
        exit 1
    else
        printf "${GREENTICK} Namespace ${REMOTE_PATH} was found\n"
        printf "${GREENRIGHTARROW} Attempting the delete of ${REMOTE_PATH}"
        curl -u ${USER}:${CREDENTIAL} -X DELETE  "${REMOTE_PATH}" -s
        if [ $? != 0 ]; then
            printf "${REDCROSS} Failed delete\n"
        else
            printf "${GREENTICK} Namespace ${REMOTE_PATH} deleted \n"
        fi
    fi
 fi
 exit 0
--- a/travis-build-scripts/build.sh
+++ b/travis-build-scripts/build.sh
@@ -16,68 +16,16 @@
 set -e
-archive_level_cache_dir="$(mktemp -d)"
+echo 'Building Developer JMS test image...' && echo -en 'travis_fold:start:build-devjmstest\\r'
-
+make build-devjmstest
-get_archive_level() {
+echo -en 'travis_fold:end:build-devjmstest\\r'
-  local level_path
+echo 'Building Developer image...' && echo -en 'travis_fold:start:build-devserver\\r'
-  local archive_variable
+make build-devserver
-  archive_variable="$1"
+echo -en 'travis_fold:end:build-devserver\\r'
-  MQ_ARCHIVE_LEVEL=""
+if [ "$BUILD_ALL" = true ] ; then
-  level_path="${archive_level_cache_dir}/${archive_variable}.level"
+    if [[ "$ARCH" = "amd64" || "$ARCH" = "s390x" ]] ; then
-
+        echo 'Building Production image...' && echo -en 'travis_fold:start:build-advancedserver\\r'
-  if [[ ! -f "$level_path" ]]; then
+        make build-advancedserver
-    if [[ -z "${REPOSITORY_USER}" || -z "${REPOSITORY_CREDENTIAL}" ]]; then
+        echo -en 'travis_fold:end:build-advancedserver\\r'
      echo 'Skipping level lookup as repository credentials not set'
      return
    fi
    if [[ -z "${!archive_variable}" ]]; then
      echo "Skipping level lookup as '\$${archive_variable}' is not set"
      return
    fi
    ./travis-build-scripts/artifact-util.sh -f "${!archive_variable}" -u "${REPOSITORY_USER}" -p "${REPOSITORY_CREDENTIAL}" -l "$level_path" -n snapshot --get-property
  fi
  read -r MQ_ARCHIVE_LEVEL < "$level_path"
  export MQ_ARCHIVE_LEVEL
 }
 if [ "$TRAVIS_BRANCH" = "$MAIN_BRANCH" ] && [ "$TRAVIS_PULL_REQUEST" = "false" ]; then
  echo 'Retrieving global tagcache' && echo -en 'travis_fold:start:tag-cache-retrieve\\r'
  ./travis-build-scripts/artifact-util.sh -c ${CACHE_PATH} -u ${REPOSITORY_USER} -p ${REPOSITORY_CREDENTIAL} -f cache/${TAGCACHE_FILE} -l ./.tagcache --check
  ./travis-build-scripts/artifact-util.sh -c ${CACHE_PATH} -u ${REPOSITORY_USER} -p ${REPOSITORY_CREDENTIAL} -f cache/${TAGCACHE_FILE} -l ./.tagcache --get
  echo -en 'travis_fold:end:tag-cache-retrieve\\r'
 fi
 if [ -z "$BUILD_INTERNAL_LEVEL" ] ; then
  if [ "$LTS" != true ] ; then
    echo 'Building Developer JMS test image...' && echo -en 'travis_fold:start:build-devjmstest\\r'
    make build-devjmstest
    echo -en 'travis_fold:end:build-devjmstest\\r'
    echo 'Building Developer image...' && echo -en 'travis_fold:start:build-devserver\\r'
    get_archive_level MQ_ARCHIVE_REPOSITORY_DEV
    make build-devserver
    echo -en 'travis_fold:end:build-devserver\\r'
  fi
  if [ "$BUILD_ALL" = true ] || [ "$LTS" = true ] ; then
      if [[ "$ARCH" = "amd64" || "$ARCH" = "s390x" || "$ARCH" = "ppc64le" ]] ; then
          echo 'Building Production image...' && echo -en 'travis_fold:start:build-advancedserver\\r'
          get_archive_level MQ_ARCHIVE_REPOSITORY
          make build-advancedserver
          echo -en 'travis_fold:end:build-advancedserver\\r'
      fi
  fi
 else
  echo 'Building Developer JMS test image...' && echo -en 'travis_fold:start:build-devjmstest\\r'
  make build-devjmstest
  echo -en 'travis_fold:end:build-devjmstest\\r'
  if [[ "$BUILD_INTERNAL_LEVEL" == *".DE"* ]]; then
    echo 'Building Developer image...' && echo -en 'travis_fold:start:build-devserver\\r'
    get_archive_level MQ_ARCHIVE_REPOSITORY_DEV
    make build-devserver
    echo -en 'travis_fold:end:build-devserver\\r'
  else
    echo 'Building Production image...' && echo -en 'travis_fold:start:build-advancedserver\\r'
    get_archive_level MQ_ARCHIVE_REPOSITORY
    make build-advancedserver
    echo -en 'travis_fold:end:build-advancedserver\\r'
  fi
 fi
--- a/travis-build-scripts/create-manifest-list.sh
+++ b/travis-build-scripts/create-manifest-list.sh
@@ -84,7 +84,7 @@ for digest in $DIGESTS ; do \
 done
 docker login $REGISTRY -u $USER -p $CREDENTIAL
-docker manifest create $REGISTRY/$NAMESPACE/$IMAGE:$TAG $MANIFESTS
+docker manifest create $REGISTRY/$NAMESPACE/$IMAGE:$TAG $MANIFESTS > /dev/null
 MANIFEST_DIGEST=$(docker manifest push --purge $REGISTRY/$NAMESPACE/$IMAGE:$TAG)
 echo $MANIFEST_DIGEST
--- a/travis-build-scripts/install-credential-helper.sh
+++ b/travis-build-scripts/install-credential-helper.sh
@@ -19,29 +19,15 @@ sudo add-apt-repository "deb [arch=$ARCH] https://download.docker.com/linux/ubun
 sudo apt update
 sudo apt -y install docker-ce pass
 echo "default-cache-ttl 1200" > /home/travis/.gnupg/gpg-agent.conf
 gpg-connect-agent reloadagent /bye
 mkdir -p $GOPATH/src/github.com/docker
 cd $GOPATH/src/github.com/docker
 git clone https://github.com/docker/docker-credential-helpers
 cd docker-credential-helpers
-
+make pass 
 # After https://github.com/docker/docker-credential-helpers/commit/fd0197473f0ecb29e73ccef9028057194ff463bc go 1.18 is required... Pin commit if earlier go installed
 go_version="$(go version | cut -f3 -d' ')"
 IFS=. read -a go_version_parts <<<"$go_version"
 go_major="${go_version_parts[0]##go}"
 go_minor="${go_version_parts[1]}"
 if [[ "$go_major" -eq 1 && "$go_minor" -lt 18 ]]; then
    echo "Go version ${go_major}.${go_minor} < 1.18... Pinning credential-helper commit"
    git checkout ab7fd12c67d83193072fa91e5648b036547f6323
 fi
 make pass
 cp bin/docker-credential-pass $GOPATH/bin/docker-credential-pass
 mkdir -p /home/travis/.docker
 echo '{ "credsStore": "pass" }' | tee /home/travis/.docker/config.json
-gpg2 --batch --gen-key <<-EOF
+gpg --batch --gen-key <<-EOF
 %echo generating a standard key
 Key-Type: DSA
 Key-Length: 1024
@@ -50,14 +36,13 @@ Subkey-Length: 1024
 Name-Real: Travis CI
 Name-Email: travis@osism.io
 Expire-Date: 0
 Passphrase: $REGISTRY_PASS
 %commit
 %echo done
 EOF
-key=$(gpg2 --list-secret-keys | grep uid -B 1 | head -n 1 | sed 's/^ *//g')
+key=$(gpg --no-auto-check-trustdb --list-secret-keys | grep ^sec | cut -d/ -f2 | cut -d" " -f1)
 gpg --export-secret-keys | gpg2 --import -
 pass init $key
 pass insert docker-credential-helpers/docker-pass-initialized-check <<-EOF
 pass is initialized
 pass is initialized
 EOF
 gpg2 --passphrase $REGISTRY_PASS --pinentry-mode=loopback --output doc --decrypt ~/.password-store/docker-credential-helpers/docker-pass-initialized-check.gpg
--- a/travis-build-scripts/push.sh
+++ b/travis-build-scripts/push.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
-# © Copyright IBM Corporation 2019, 2021
+# © Copyright IBM Corporation 2019, 2020
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,7 +21,7 @@ if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then
    exit 0
 fi
-if [ ! -z $2 ]; then
+if [ ! -z $2 ]; then 
    export ARCH=$2
 fi
@@ -32,9 +32,11 @@ function push_developer {
 }
 function push_production {
-    echo 'Pushing Production image...' && echo -en 'travis_fold:start:push-advancedserver\\r'
+    if [[ "$ARCH" = "amd64" || "$ARCH" = "s390x" ]] ; then
-    make push-advancedserver
+        echo 'Pushing Production image...' && echo -en 'travis_fold:start:push-advancedserver\\r'
-    echo -en 'travis_fold:end:push-advancedserver\\r'
+        make push-advancedserver
        echo -en 'travis_fold:end:push-advancedserver\\r'
    fi
 }
 # call relevant push function
@@ -48,7 +50,7 @@ if [ ! -z $1 ]; then
        exit 1
        ;;
    esac
-else
+else 
    echo "ERROR: Type ( developer | production ) must be passed to push.sh"
    exit 1
 fi
--- a/travis-build-scripts/run.sh
+++ b/travis-build-scripts/run.sh
@@ -18,18 +18,6 @@ set -e
 if [ "$(uname -m)" = "x86_64" ] ; then export ARCH="amd64" ; else export ARCH=$(uname -m) ; fi
 # if DOCKER_USER is set, authenticate with docker.io to mitigate rate limit (https://www.docker.com/increase-rate-limits)
 if [ -n "$DOCKER_USER" ] ; then echo 'Authenticating with docker.io...' && docker login -u $DOCKER_USER -p $DOCKER_PASS docker.io ; fi
 if [ "$PUSH_MANIFEST_ONLY" = true ] ; then
  echo 'Retrieving remote tagcache' && echo -en 'travis_fold:start:retrieve-tag-cache\\r'
  ./travis-build-scripts/artifact-util.sh -c ${CACHE_PATH} -u ${REPOSITORY_USER} -p ${REPOSITORY_CREDENTIAL} -f cache/${TAGCACHE_FILE} -l ./.tagcache --get
  echo -en 'travis_fold:end:retrieve-tag-cache\\r'
  make push-manifest
  ./travis-build-scripts/cleanup-cache.sh
  exit 0
 fi
 echo 'Downgrading Docker (if necessary)...' && echo -en 'travis_fold:start:docker-downgrade\\r'
 eval "$DOCKER_DOWNGRADE"
 echo -en 'travis_fold:end:docker-downgrade\\r'
@@ -41,19 +29,7 @@ echo -en 'travis_fold:end:docker-downgrade\\r'
 ./travis-build-scripts/test.sh
 ## Push images
-if [ -z "$BUILD_INTERNAL_LEVEL" ] ; then
+if [ "$BUILD_ALL" = true ] ; then
  if [ "$BUILD_ALL" = true ] ; then
    ./travis-build-scripts/push.sh developer
    ./travis-build-scripts/push.sh production
  fi
 else
  if [[ "$BUILD_INTERNAL_LEVEL" == *".DE"* ]]; then
    ./travis-build-scripts/push.sh developer
  else
    ./travis-build-scripts/push.sh production
  fi
 fi
 if [ "$LTS" = true ] ; then
    printf '\nIn CD stream but building LTS image. Do not push LTS image to artifactory\n'
 fi
--- a/travis-build-scripts/test.sh
+++ b/travis-build-scripts/test.sh
@@ -16,29 +16,15 @@
 set -e
-if [ -z "$BUILD_INTERNAL_LEVEL" ] ; then
+echo 'Testing Developer image...' && echo -en 'travis_fold:start:test-devserver\\r'
-  if [ "$LTS" != true ] ; then
+make test-devserver
-    echo 'Testing Developer image...' && echo -en 'travis_fold:start:test-devserver\\r'
+echo -en 'travis_fold:end:test-devserver\\r'
-    make test-devserver
+if [ "$BUILD_ALL" = true ] ; then
-    echo -en 'travis_fold:end:test-devserver\\r'
+    if [[ "$ARCH" = "amd64" || "$ARCH" = "s390x" ]] ; then
-  fi
+        echo 'Testing Production image...' && echo -en 'travis_fold:start:test-advancedserver\\r'
-  if [ "$BUILD_ALL" = true ] || [ "$LTS" = true ] ; then
+        make test-advancedserver
-      if [[ "$ARCH" = "amd64" || "$ARCH" = "s390x" || "$ARCH" = "ppc64le" ]] ; then
+        echo -en 'travis_fold:end:test-advancedserver\\r'
-          echo 'Testing Production image...' && echo -en 'travis_fold:start:test-advancedserver\\r'
+    fi
          make test-advancedserver
          echo -en 'travis_fold:end:test-advancedserver\\r'
      fi
  fi
 else
  if [[ "$BUILD_INTERNAL_LEVEL" == *".DE"* ]]; then
    echo 'Testing Developer image...' && echo -en 'travis_fold:start:test-devserver\\r'
    make test-devserver
    echo -en 'travis_fold:end:test-devserver\\r'
  else
    echo 'Testing Production image...' && echo -en 'travis_fold:start:test-advancedserver\\r'
    make test-advancedserver
    echo -en 'travis_fold:end:test-advancedserver\\r'
  fi
 fi
 echo 'Running gosec scan...' && echo -en 'travis_fold:start:gosec-scan\\r'
 if [ "$ARCH" = "amd64" ] ; then
--- a/vendor/github.com/beorn7/perks/.gitignore
+++ b/vendor/github.com/beorn7/perks/.gitignore
@@ -0,0 +1,2 @@
 *.test
 *.prof
--- a/vendor/github.com/beorn7/perks/README.md
+++ b/vendor/github.com/beorn7/perks/README.md
@@ -0,0 +1,31 @@
 # Perks for Go (golang.org)
 Perks contains the Go package quantile that computes approximate quantiles over
 an unbounded data stream within low memory and CPU bounds.
 For more information and examples, see:
 http://godoc.org/github.com/bmizerany/perks
 A very special thank you and shout out to Graham Cormode (Rutgers University),
 Flip Korn (AT&T Labs–Research), S. Muthukrishnan (Rutgers University), and
 Divesh Srivastava (AT&T Labs–Research) for their research and publication of
 [Effective Computation of Biased Quantiles over Data Streams](http://www.cs.rutgers.edu/~muthu/bquant.pdf)
 Thank you, also:
 * Armon Dadgar (@armon)
 * Andrew Gerrand (@nf)
 * Brad Fitzpatrick (@bradfitz)
 * Keith Rarick (@kr)
 FAQ:
 Q: Why not move the quantile package into the project root?
 A: I want to add more packages to perks later.
 Copyright (C) 2013 Blake Mizerany
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/vendor/github.com/beorn7/perks/histogram/bench_test.go
+++ b/vendor/github.com/beorn7/perks/histogram/bench_test.go
@@ -0,0 +1,26 @@
 package histogram
 import (
 	"math/rand"
 	"testing"
 )
 func BenchmarkInsert10Bins(b *testing.B) {
 	b.StopTimer()
 	h := New(10)
 	b.StartTimer()
 	for i := 0; i < b.N; i++ {
 		f := rand.ExpFloat64()
 		h.Insert(f)
 	}
 }
 func BenchmarkInsert100Bins(b *testing.B) {
 	b.StopTimer()
 	h := New(100)
 	b.StartTimer()
 	for i := 0; i < b.N; i++ {
 		f := rand.ExpFloat64()
 		h.Insert(f)
 	}
 }
--- a/vendor/github.com/beorn7/perks/histogram/histogram.go
+++ b/vendor/github.com/beorn7/perks/histogram/histogram.go
@@ -0,0 +1,108 @@
 // Package histogram provides a Go implementation of BigML's histogram package
 // for Clojure/Java. It is currently experimental.
 package histogram
 import (
 	"container/heap"
 	"math"
 	"sort"
 )
 type Bin struct {
 	Count int
 	Sum   float64
 }
 func (b *Bin) Update(x *Bin) {
 	b.Count += x.Count
 	b.Sum += x.Sum
 }
 func (b *Bin) Mean() float64 {
 	return b.Sum / float64(b.Count)
 }
 type Bins []*Bin
 func (bs Bins) Len() int           { return len(bs) }
 func (bs Bins) Less(i, j int) bool { return bs[i].Mean() < bs[j].Mean() }
 func (bs Bins) Swap(i, j int)      { bs[i], bs[j] = bs[j], bs[i] }
 func (bs *Bins) Push(x interface{}) {
 	*bs = append(*bs, x.(*Bin))
 }
 func (bs *Bins) Pop() interface{} {
 	return bs.remove(len(*bs) - 1)
 }
 func (bs *Bins) remove(n int) *Bin {
 	if n < 0 || len(*bs) < n {
 		return nil
 	}
 	x := (*bs)[n]
 	*bs = append((*bs)[:n], (*bs)[n+1:]...)
 	return x
 }
 type Histogram struct {
 	res *reservoir
 }
 func New(maxBins int) *Histogram {
 	return &Histogram{res: newReservoir(maxBins)}
 }
 func (h *Histogram) Insert(f float64) {
 	h.res.insert(&Bin{1, f})
 	h.res.compress()
 }
 func (h *Histogram) Bins() Bins {
 	return h.res.bins
 }
 type reservoir struct {
 	n       int
 	maxBins int
 	bins    Bins
 }
 func newReservoir(maxBins int) *reservoir {
 	return &reservoir{maxBins: maxBins}
 }
 func (r *reservoir) insert(bin *Bin) {
 	r.n += bin.Count
 	i := sort.Search(len(r.bins), func(i int) bool {
 		return r.bins[i].Mean() >= bin.Mean()
 	})
 	if i < 0 || i == r.bins.Len() {
 		// TODO(blake): Maybe use an .insert(i, bin) instead of
 		// performing the extra work of a heap.Push.
 		heap.Push(&r.bins, bin)
 		return
 	}
 	r.bins[i].Update(bin)
 }
 func (r *reservoir) compress() {
 	for r.bins.Len() > r.maxBins {
 		minGapIndex := -1
 		minGap := math.MaxFloat64
 		for i := 0; i < r.bins.Len()-1; i++ {
 			gap := gapWeight(r.bins[i], r.bins[i+1])
 			if minGap > gap {
 				minGap = gap
 				minGapIndex = i
 			}
 		}
 		prev := r.bins[minGapIndex]
 		next := r.bins.remove(minGapIndex + 1)
 		prev.Update(next)
 	}
 }
 func gapWeight(prev, next *Bin) float64 {
 	return next.Mean() - prev.Mean()
 }
--- a/vendor/github.com/beorn7/perks/histogram/histogram_test.go
+++ b/vendor/github.com/beorn7/perks/histogram/histogram_test.go
@@ -0,0 +1,38 @@
 package histogram
 import (
 	"math/rand"
 	"testing"
 )
 func TestHistogram(t *testing.T) {
 	const numPoints = 1e6
 	const maxBins = 3
 	h := New(maxBins)
 	for i := 0; i < numPoints; i++ {
 		f := rand.ExpFloat64()
 		h.Insert(f)
 	}
 	bins := h.Bins()
 	if g := len(bins); g > maxBins {
 		t.Fatalf("got %d bins, wanted <= %d", g, maxBins)
 	}
 	for _, b := range bins {
 		t.Logf("%+v", b)
 	}
 	if g := count(h.Bins()); g != numPoints {
 		t.Fatalf("binned %d points, wanted %d", g, numPoints)
 	}
 }
 func count(bins Bins) int {
 	binCounts := 0
 	for _, b := range bins {
 		binCounts += b.Count
 	}
 	return binCounts
 }
--- a/vendor/github.com/beorn7/perks/quantile/bench_test.go
+++ b/vendor/github.com/beorn7/perks/quantile/bench_test.go
@@ -0,0 +1,63 @@
 package quantile
 import (
 	"testing"
 )
 func BenchmarkInsertTargeted(b *testing.B) {
 	b.ReportAllocs()
 	s := NewTargeted(Targets)
 	b.ResetTimer()
 	for i := float64(0); i < float64(b.N); i++ {
 		s.Insert(i)
 	}
 }
 func BenchmarkInsertTargetedSmallEpsilon(b *testing.B) {
 	s := NewTargeted(TargetsSmallEpsilon)
 	b.ResetTimer()
 	for i := float64(0); i < float64(b.N); i++ {
 		s.Insert(i)
 	}
 }
 func BenchmarkInsertBiased(b *testing.B) {
 	s := NewLowBiased(0.01)
 	b.ResetTimer()
 	for i := float64(0); i < float64(b.N); i++ {
 		s.Insert(i)
 	}
 }
 func BenchmarkInsertBiasedSmallEpsilon(b *testing.B) {
 	s := NewLowBiased(0.0001)
 	b.ResetTimer()
 	for i := float64(0); i < float64(b.N); i++ {
 		s.Insert(i)
 	}
 }
 func BenchmarkQuery(b *testing.B) {
 	s := NewTargeted(Targets)
 	for i := float64(0); i < 1e6; i++ {
 		s.Insert(i)
 	}
 	b.ResetTimer()
 	n := float64(b.N)
 	for i := float64(0); i < n; i++ {
 		s.Query(i / n)
 	}
 }
 func BenchmarkQuerySmallEpsilon(b *testing.B) {
 	s := NewTargeted(TargetsSmallEpsilon)
 	for i := float64(0); i < 1e6; i++ {
 		s.Insert(i)
 	}
 	b.ResetTimer()
 	n := float64(b.N)
 	for i := float64(0); i < n; i++ {
 		s.Query(i / n)
 	}
 }
--- a/vendor/github.com/beorn7/perks/quantile/example_test.go
+++ b/vendor/github.com/beorn7/perks/quantile/example_test.go
@@ -0,0 +1,121 @@
 // +build go1.1
 package quantile_test
 import (
 	"bufio"
 	"fmt"
 	"log"
 	"os"
 	"strconv"
 	"time"
 	"github.com/beorn7/perks/quantile"
 )
 func Example_simple() {
 	ch := make(chan float64)
 	go sendFloats(ch)
 	// Compute the 50th, 90th, and 99th percentile.
 	q := quantile.NewTargeted(map[float64]float64{
 		0.50: 0.005,
 		0.90: 0.001,
 		0.99: 0.0001,
 	})
 	for v := range ch {
 		q.Insert(v)
 	}
 	fmt.Println("perc50:", q.Query(0.50))
 	fmt.Println("perc90:", q.Query(0.90))
 	fmt.Println("perc99:", q.Query(0.99))
 	fmt.Println("count:", q.Count())
 	// Output:
 	// perc50: 5
 	// perc90: 16
 	// perc99: 223
 	// count: 2388
 }
 func Example_mergeMultipleStreams() {
 	// Scenario:
 	// We have multiple database shards. On each shard, there is a process
 	// collecting query response times from the database logs and inserting
 	// them into a Stream (created via NewTargeted(0.90)), much like the
 	// Simple example. These processes expose a network interface for us to
 	// ask them to serialize and send us the results of their
 	// Stream.Samples so we may Merge and Query them.
 	//
 	// NOTES:
 	// * These sample sets are small, allowing us to get them
 	// across the network much faster than sending the entire list of data
 	// points.
 	//
 	// * For this to work correctly, we must supply the same quantiles
 	// a priori the process collecting the samples supplied to NewTargeted,
 	// even if we do not plan to query them all here.
 	ch := make(chan quantile.Samples)
 	getDBQuerySamples(ch)
 	q := quantile.NewTargeted(map[float64]float64{0.90: 0.001})
 	for samples := range ch {
 		q.Merge(samples)
 	}
 	fmt.Println("perc90:", q.Query(0.90))
 }
 func Example_window() {
 	// Scenario: We want the 90th, 95th, and 99th percentiles for each
 	// minute.
 	ch := make(chan float64)
 	go sendStreamValues(ch)
 	tick := time.NewTicker(1 * time.Minute)
 	q := quantile.NewTargeted(map[float64]float64{
 		0.90: 0.001,
 		0.95: 0.0005,
 		0.99: 0.0001,
 	})
 	for {
 		select {
 		case t := <-tick.C:
 			flushToDB(t, q.Samples())
 			q.Reset()
 		case v := <-ch:
 			q.Insert(v)
 		}
 	}
 }
 func sendStreamValues(ch chan float64) {
 	// Use your imagination
 }
 func flushToDB(t time.Time, samples quantile.Samples) {
 	// Use your imagination
 }
 // This is a stub for the above example. In reality this would hit the remote
 // servers via http or something like it.
 func getDBQuerySamples(ch chan quantile.Samples) {}
 func sendFloats(ch chan<- float64) {
 	f, err := os.Open("exampledata.txt")
 	if err != nil {
 		log.Fatal(err)
 	}
 	sc := bufio.NewScanner(f)
 	for sc.Scan() {
 		b := sc.Bytes()
 		v, err := strconv.ParseFloat(string(b), 64)
 		if err != nil {
 			log.Fatal(err)
 		}
 		ch <- v
 	}
 	if sc.Err() != nil {
 		log.Fatal(sc.Err())
 	}
 	close(ch)
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Luke J Powlett	9f5982d9a8	MQ container 9.2.0.0-r2	2020-09-28 10:49:36 +01:00
Luke Powlett	0627588121	Updated to latest UBI version	2020-09-28 10:49:36 +01:00
Luke Powlett	a3ef263487	Updated to go 1.13.15, switched to community goloang image	2020-09-28 10:49:36 +01:00
KIRAN DARBHA	fc0da7352b	addressing review comments	2020-09-28 10:49:36 +01:00
KIRAN DARBHA	9dc80316ad	fat-manifest updates	2020-09-28 10:49:36 +01:00
KIRAN DARBHA	6dd60349fe	fat-manifest updates fat-manifest updates fat-manifest updates Making create-manifest-list.sh executable fixing travis failure fixing fat-manifests fat-manifest fat-manifest fat-manifest updates fat-manifests fat-manifest updates manifest-list updates fat-manifest updating fat-manifests fat-manifests	2020-09-28 10:49:36 +01:00
KIRAN DARBHA	fda918db20	addressing review comments	2020-09-28 10:49:36 +01:00
KIRAN DARBHA	7c89606782	adding zlinux-support	2020-09-28 10:49:36 +01:00
KIRAN DARBHA	666b23e7f0	adding zlinux-support	2020-09-28 10:49:36 +01:00
Thomas-Apter	7a1d39e303	Changed testming.md to use make advancedserver	2020-09-28 10:49:36 +01:00
Thomas-Apter	ba40b6d220	Create advancedserver make target, and update docs to use 'make advancedserver'	2020-09-28 10:49:36 +01:00
Thomas-Apter	39508186c8	Changed 'ran' to 'run'	2020-09-28 10:49:36 +01:00
Thomas-Apter	372f2e4a36	Reformatted testing.md and adding required step make build-devjmstest to Docker tests instructions	2020-09-28 10:49:36 +01:00
		`@@ -1,2 +0,0 @@`
			`fred:$2y$05$3Fp9epsqEwWOHdyj9Ngf9.qfX34kzc9zNrdQ7kac0GmcCvQjIkAwy`
			`barney:$2y$05$l8EoyCQ9y2PyfUzIDDfTyu7SSaJEYB1TuHy07xZvN7xt/pR3SIw0a`
		`@@ -0,0 +1 @@`
							`guest:$2y$05$ifFP0nCmFed6.m4iB9CHRuHFps2YeeuwopmOvszWt0GRnN59p8qxW`