From b0bd29c8b5cdff53616d2a85477ad3112a31181b Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Wed, 28 Jun 2023 15:40:08 -0400
Subject: [PATCH 01/12] Add certificate test

---
 build/buildAll.sh                          |  8 ++-
 build/test-liberty-certificates/Dockerfile | 22 ++++++++
 build/test-liberty-certificates/server.xml | 14 ++++++
 build/verifyLibertyCertificates.sh         | 58 ++++++++++++++++++++++
 4 files changed, 100 insertions(+), 2 deletions(-)
 create mode 100644 build/test-liberty-certificates/Dockerfile
 create mode 100644 build/test-liberty-certificates/server.xml
 create mode 100644 build/verifyLibertyCertificates.sh

diff --git a/build/buildAll.sh b/build/buildAll.sh
index 0bbc2a87..2c03f83a 100755
--- a/build/buildAll.sh
+++ b/build/buildAll.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 currentRelease=$1
-tests=(test-pet-clinic test-stock-quote test-stock-trader)
+tests=(test-pet-clinic test-stock-quote test-stock-trader test-liberty-certificates)
 
 echo "Starting to process release $currentRelease"
 
@@ -37,7 +37,11 @@ then
     testBuild="./build.sh --dir=$test --dockerfile=Dockerfile --tag=$test"
     echo "Running build script for test - $testBuild"
     eval $testBuild
-    verifyCommand="./verify.sh $test"
+    if [ "$test" == "test-liberty-certificates" ]; then
+      verifyCommand="./verifyLibertyCertificates.sh $test"
+    elif
+      verifyCommand="./verify.sh $test"
+    fi
     echo "Running verify script - $verifyCommand"
     eval $verifyCommand
   done
diff --git a/build/test-liberty-certificates/Dockerfile b/build/test-liberty-certificates/Dockerfile
new file mode 100644
index 00000000..edff584a
--- /dev/null
+++ b/build/test-liberty-certificates/Dockerfile
@@ -0,0 +1,22 @@
+ARG IMAGE=openliberty/open-liberty:kernel-slim-java8-openj9-ubi
+
+FROM alpine as staging
+
+# Generate random certificates
+RUN apk add openssl
+RUN openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out tls.crt -keyout tls.key -subj "/OU=defaultServer/CN=ci.docker.test"
+RUN cp tls.crt ca.crt
+
+FROM ${IMAGE}
+
+COPY --chown=1001:0 server.xml /config/
+# Add certificates to TLS_DIR
+COPY --from=staging --chown=1001:0 tls.crt /etc/x509/certs/
+COPY --from=staging --chown=1001:0 tls.key /etc/x509/certs/
+COPY --from=staging --chown=1001:0 ca.crt /etc/x509/certs/
+
+# This script will add the requested XML snippets to enable Liberty features and grow image to be fit-for-purpose using featureUtility
+RUN features.sh
+
+# This script will add the requested server configurations, apply any iFixes and populate caches to optimize runtime
+RUN configure.sh
\ No newline at end of file
diff --git a/build/test-liberty-certificates/server.xml b/build/test-liberty-certificates/server.xml
new file mode 100644
index 00000000..872a343c
--- /dev/null
+++ b/build/test-liberty-certificates/server.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server description="new server">
+
+    <!-- Enable features -->
+    <featureManager>
+        <feature>transportSecurity-1.0</feature>
+    </featureManager>
+
+    <!-- To access this server from a remote client add a host attribute to the following element, e.g. host="*" -->
+    <httpEndpoint id="defaultHttpEndpoint"
+                  httpPort="9080"
+                  httpsPort="9443" />
+
+</server>
diff --git a/build/verifyLibertyCertificates.sh b/build/verifyLibertyCertificates.sh
new file mode 100644
index 00000000..ebabb65e
--- /dev/null
+++ b/build/verifyLibertyCertificates.sh
@@ -0,0 +1,58 @@
+#! /bin/bash
+#####################################################################################
+#                                                                                   #
+#  Script to verify an Open Liberty image certificates                              #
+#                                                                                   #
+#                                                                                   #
+#  Usage : verifyLibertyCertificates.sh <Image name>                                #                   #
+#                                                                                   #
+#####################################################################################
+
+image=$1
+tag=`echo $image | cut -d ":" -f2`
+cname="${tag}test"
+DOCKER=docker
+
+testLibertyCertificates()
+{
+   cid=$1
+   # Validate that openssl package is present in the Liberty image
+   $DOCKER exec -it $cid sh -c "which openssl"
+   if [ $? != 0 ]
+   then
+      echo "Server failed to generate keystore"
+      $DOCKER logs $cid
+      $DOCKER rm -f $cid >/dev/null
+      exit 1
+   fi
+
+   # Validate that the certificate is added to the Liberty default keystore
+   $DOCKER exec -it $cid sh -c "ls /output/resources/security/key.p12"
+   if [ $? != 0 ]
+   then
+      echo "Server failed to add certificate to keystore"
+      $DOCKER logs $cid
+      $DOCKER rm -f $cid >/dev/null
+      exit 1
+   fi
+
+   # Validate that the certificate is added to the Liberty default truststore
+   $DOCKER exec -it $cid sh -c "ls /output/resources/security/trust.p12"
+   if [ $? != 0 ]
+   then
+      echo "Server failed to add certificate to truststore"
+      $DOCKER logs $cid
+      $DOCKER rm -f $cid >/dev/null
+      exit 1
+   fi
+}
+
+tests=$(declare -F | cut -d" " -f3 | grep "test")
+for name in $tests
+do
+   timestamp=$(date '+%Y/%m/%d %H:%M:%S')
+   echo "$timestamp *** $name - Executing"
+   eval $name
+   timestamp=$(date '+%Y/%m/%d %H:%M:%S')
+   echo "$timestamp *** $name - Completed successfully"
+done
\ No newline at end of file

From 1bd3d0b4d4d89c0a8a636a0d690e23c5adefe8ad Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Wed, 28 Jun 2023 16:19:12 -0400
Subject: [PATCH 02/12] Update certificate test

---
 build/buildAll.sh                  | 11 ++++--
 build/verifyLibertyCertificates.sh | 61 ++++++++++++++++--------------
 2 files changed, 40 insertions(+), 32 deletions(-)

diff --git a/build/buildAll.sh b/build/buildAll.sh
index 2c03f83a..ec22dcb7 100755
--- a/build/buildAll.sh
+++ b/build/buildAll.sh
@@ -37,12 +37,15 @@ then
     testBuild="./build.sh --dir=$test --dockerfile=Dockerfile --tag=$test"
     echo "Running build script for test - $testBuild"
     eval $testBuild
+
+    verifyCommand="./verify.sh $test"
+    echo "Running verify script - $verifyCommand"
+    eval $verifyCommand
+
     if [ "$test" == "test-liberty-certificates" ]; then
       verifyCommand="./verifyLibertyCertificates.sh $test"
-    elif
-      verifyCommand="./verify.sh $test"
+      echo "Running verify script - $verifyCommand"
+      eval $verifyCommand
     fi
-    echo "Running verify script - $verifyCommand"
-    eval $verifyCommand
   done
 fi
diff --git a/build/verifyLibertyCertificates.sh b/build/verifyLibertyCertificates.sh
index ebabb65e..f14eeb8c 100644
--- a/build/verifyLibertyCertificates.sh
+++ b/build/verifyLibertyCertificates.sh
@@ -15,36 +15,41 @@ DOCKER=docker
 
 testLibertyCertificates()
 {
-   cid=$1
-   # Validate that openssl package is present in the Liberty image
-   $DOCKER exec -it $cid sh -c "which openssl"
-   if [ $? != 0 ]
-   then
-      echo "Server failed to generate keystore"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
-      exit 1
-   fi
+    cid=$($DOCKER run -d $image)
+    # Validate that openssl package is present in the Liberty image
+    $DOCKER exec -it $cid sh -c "which openssl"
+    if [ $? != 0 ]
+    then
+        echo "Server failed to generate keystore"
+        $DOCKER logs $cid
+        $DOCKER stop $cid >/dev/null
+        $DOCKER rm -f $cid >/dev/null
+        exit 1
+    fi
 
-   # Validate that the certificate is added to the Liberty default keystore
-   $DOCKER exec -it $cid sh -c "ls /output/resources/security/key.p12"
-   if [ $? != 0 ]
-   then
-      echo "Server failed to add certificate to keystore"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
-      exit 1
-   fi
+    # Validate that the certificate is added to the Liberty default keystore
+    $DOCKER exec -it $cid sh -c "ls /output/resources/security/key.p12"
+    if [ $? != 0 ]
+    then
+        echo "Server failed to add certificate to keystore"
+        $DOCKER logs $cid
+        $DOCKER stop $cid >/dev/null
+        $DOCKER rm -f $cid >/dev/null
+        exit 1
+    fi
 
-   # Validate that the certificate is added to the Liberty default truststore
-   $DOCKER exec -it $cid sh -c "ls /output/resources/security/trust.p12"
-   if [ $? != 0 ]
-   then
-      echo "Server failed to add certificate to truststore"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
-      exit 1
-   fi
+    # Validate that the certificate is added to the Liberty default truststore
+    $DOCKER exec -it $cid sh -c "ls /output/resources/security/trust.p12"
+    if [ $? != 0 ]
+    then
+        echo "Server failed to add certificate to truststore"
+        $DOCKER logs $cid
+        $DOCKER stop $cid >/dev/null
+        $DOCKER rm -f $cid >/dev/null
+        exit 1
+    fi
+    $DOCKER stop $cid >/dev/null
+    $DOCKER rm -f $cid >/dev/null
 }
 
 tests=$(declare -F | cut -d" " -f3 | grep "test")

From ef360f4d28ab33286f7edcbb2f512d0171fe2fb1 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Wed, 28 Jun 2023 16:22:45 -0400
Subject: [PATCH 03/12] chmod verifyLibertyCertificate.sh

---
 build/verifyLibertyCertificates.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 build/verifyLibertyCertificates.sh

diff --git a/build/verifyLibertyCertificates.sh b/build/verifyLibertyCertificates.sh
old mode 100644
new mode 100755

From dc0070b4a1e0a0454fd45ddb33cddde4d29dba20 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Thu, 29 Jun 2023 09:14:41 -0400
Subject: [PATCH 04/12] Update cert subject

---
 build/test-liberty-certificates/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build/test-liberty-certificates/Dockerfile b/build/test-liberty-certificates/Dockerfile
index edff584a..4d22c9ee 100644
--- a/build/test-liberty-certificates/Dockerfile
+++ b/build/test-liberty-certificates/Dockerfile
@@ -2,9 +2,9 @@ ARG IMAGE=openliberty/open-liberty:kernel-slim-java8-openj9-ubi
 
 FROM alpine as staging
 
-# Generate random certificates
+# Generate certificates (for test only)
 RUN apk add openssl
-RUN openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out tls.crt -keyout tls.key -subj "/OU=defaultServer/CN=ci.docker.test"
+RUN openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out tls.crt -keyout tls.key -subj "/C=CA/ST=Ontario/L=Markham/O=IBM/OU=WAS/CN=ci.docker.test"
 RUN cp tls.crt ca.crt
 
 FROM ${IMAGE}

From 2c8dc2dc2d76fea072e4a0e4fc311ad4991995d7 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Thu, 29 Jun 2023 09:42:29 -0400
Subject: [PATCH 05/12] Wait for the server to start before checking certs

---
 build/verifyLibertyCertificates.sh | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/build/verifyLibertyCertificates.sh b/build/verifyLibertyCertificates.sh
index f14eeb8c..f05c7d88 100755
--- a/build/verifyLibertyCertificates.sh
+++ b/build/verifyLibertyCertificates.sh
@@ -16,6 +16,28 @@ DOCKER=docker
 testLibertyCertificates()
 {
     cid=$($DOCKER run -d $image)
+    # Wait until the server starts to know that the certs have been loaded 
+    maxRetry=10
+    i=0
+    serverLaunched=false
+    while [ $serverLaunched = false ] && [ $i -lt $maxRetry ]; do
+        sleep 1
+        echo "Checking logs ($(( $i + 1 ))/$maxRetry)"
+        launchMessage=$($DOCKER logs $cid | grep "Launching defaultServer" -c)
+        if [ $launchMessage -eq 1 ]; then
+            echo "Launch message found!"
+            serverLaunched=true
+        fi
+        i=$(( $i + 1 ))
+    done
+    if [ $serverLaunched = false ]; then
+        echo "Server failed to start"
+        $DOCKER logs $cid
+        $DOCKER stop $cid >/dev/null
+        $DOCKER rm -f $cid >/dev/null
+        exit 1
+    fi
+
     # Validate that openssl package is present in the Liberty image
     $DOCKER exec -it $cid sh -c "which openssl"
     if [ $? != 0 ]

From 0882dd9606b2f362b40c4bdfaecd0662ab66b18c Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Thu, 29 Jun 2023 10:02:01 -0400
Subject: [PATCH 06/12] Update old image refs

---
 build/test-stock-quote/Dockerfile  | 2 +-
 build/test-stock-trader/Dockerfile | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build/test-stock-quote/Dockerfile b/build/test-stock-quote/Dockerfile
index 0a41c03c..e49de615 100644
--- a/build/test-stock-quote/Dockerfile
+++ b/build/test-stock-quote/Dockerfile
@@ -1,4 +1,4 @@
-ARG IMAGE=openliberty/open-liberty:kernel-slim-ubi
+ARG IMAGE=openliberty/open-liberty:kernel-slim-java8-openj9-ubi
 FROM ${IMAGE}
 
 ARG VERBOSE=false
diff --git a/build/test-stock-trader/Dockerfile b/build/test-stock-trader/Dockerfile
index cdb93152..cd117a6d 100644
--- a/build/test-stock-trader/Dockerfile
+++ b/build/test-stock-trader/Dockerfile
@@ -1,4 +1,4 @@
-ARG IMAGE=openliberty/open-liberty:kernel-slim-ubi
+ARG IMAGE=openliberty/open-liberty:kernel-slim-java8-openj9-ubi
 FROM ${IMAGE}
 
 ARG VERBOSE=false

From c8306ff023f4b8a5f87c46c57bb28777d94ea9a9 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Thu, 29 Jun 2023 10:43:05 -0400
Subject: [PATCH 07/12] Update verifyLibertyCertificates.sh

---
 build/verifyLibertyCertificates.sh | 62 ++++++++++++++----------------
 1 file changed, 29 insertions(+), 33 deletions(-)

diff --git a/build/verifyLibertyCertificates.sh b/build/verifyLibertyCertificates.sh
index f05c7d88..25f39bcd 100755
--- a/build/verifyLibertyCertificates.sh
+++ b/build/verifyLibertyCertificates.sh
@@ -4,7 +4,7 @@
 #  Script to verify an Open Liberty image certificates                              #
 #                                                                                   #
 #                                                                                   #
-#  Usage : verifyLibertyCertificates.sh <Image name>                                #                   #
+#  Usage : verifyLibertyCertificates.sh <Image name>                                # 
 #                                                                                   #
 #####################################################################################
 
@@ -13,6 +13,28 @@ tag=`echo $image | cut -d ":" -f2`
 cname="${tag}test"
 DOCKER=docker
 
+serverCleanup()
+{
+    cid=$1
+    $DOCKER logs $cid
+    $DOCKER stop $cid >/dev/null
+    $DOCKER rm -f $cid >/dev/null
+}
+
+checkCommandForSuccess()
+{
+    cid=$1
+    command=$2
+    failMessage=$3
+    $DOCKER exec -it $cid sh -c "$command"
+    if [ $? != 0 ]
+    then
+        echo "$failMessage"
+        serverCleanup $cid
+        exit 1
+    fi
+}
+
 testLibertyCertificates()
 {
     cid=$($DOCKER run -d $image)
@@ -32,46 +54,20 @@ testLibertyCertificates()
     done
     if [ $serverLaunched = false ]; then
         echo "Server failed to start"
-        $DOCKER logs $cid
-        $DOCKER stop $cid >/dev/null
-        $DOCKER rm -f $cid >/dev/null
+        serverCleanup $cid
         exit 1
     fi
 
     # Validate that openssl package is present in the Liberty image
-    $DOCKER exec -it $cid sh -c "which openssl"
-    if [ $? != 0 ]
-    then
-        echo "Server failed to generate keystore"
-        $DOCKER logs $cid
-        $DOCKER stop $cid >/dev/null
-        $DOCKER rm -f $cid >/dev/null
-        exit 1
-    fi
+    checkCommandForSuccess $cid "which openssl" "Server failed to generate keystore"
 
     # Validate that the certificate is added to the Liberty default keystore
-    $DOCKER exec -it $cid sh -c "ls /output/resources/security/key.p12"
-    if [ $? != 0 ]
-    then
-        echo "Server failed to add certificate to keystore"
-        $DOCKER logs $cid
-        $DOCKER stop $cid >/dev/null
-        $DOCKER rm -f $cid >/dev/null
-        exit 1
-    fi
+    checkCommandForSuccess $cid "ls /output/resources/security/key.p12" "Server failed to add certificate to keystore"
 
     # Validate that the certificate is added to the Liberty default truststore
-    $DOCKER exec -it $cid sh -c "ls /output/resources/security/trust.p12"
-    if [ $? != 0 ]
-    then
-        echo "Server failed to add certificate to truststore"
-        $DOCKER logs $cid
-        $DOCKER stop $cid >/dev/null
-        $DOCKER rm -f $cid >/dev/null
-        exit 1
-    fi
-    $DOCKER stop $cid >/dev/null
-    $DOCKER rm -f $cid >/dev/null
+    checkCommandForSuccess $cid "ls /output/resources/security/trust.p12" "Server failed to add certificate to truststore"
+
+    serverCleanup $cid >/dev/null
 }
 
 tests=$(declare -F | cut -d" " -f3 | grep "test")

From ae3fb50c1cb2ecc0fa939cfcd11ade093d687979 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Thu, 29 Jun 2023 15:41:16 -0400
Subject: [PATCH 08/12] Update acl for non-default user

---
 build/test-liberty-certificates/Dockerfile | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/build/test-liberty-certificates/Dockerfile b/build/test-liberty-certificates/Dockerfile
index 4d22c9ee..071350ba 100644
--- a/build/test-liberty-certificates/Dockerfile
+++ b/build/test-liberty-certificates/Dockerfile
@@ -5,15 +5,19 @@ FROM alpine as staging
 # Generate certificates (for test only)
 RUN apk add openssl
 RUN openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out tls.crt -keyout tls.key -subj "/C=CA/ST=Ontario/L=Markham/O=IBM/OU=WAS/CN=ci.docker.test"
-RUN cp tls.crt ca.crt
 
 FROM ${IMAGE}
 
 COPY --chown=1001:0 server.xml /config/
 # Add certificates to TLS_DIR
-COPY --from=staging --chown=1001:0 tls.crt /etc/x509/certs/
-COPY --from=staging --chown=1001:0 tls.key /etc/x509/certs/
-COPY --from=staging --chown=1001:0 ca.crt /etc/x509/certs/
+ENV TLS_DIR=/config/certs
+RUN mkdir -p /config/certs
+COPY --from=staging --chown=1001:0 tls.crt /config/certs/
+COPY --from=staging --chown=1001:0 tls.key /config/certs/
+COPY --from=staging --chown=1001:0 tls.crt /config/certs/ca.crt
+
+# Add rw perms for non-default user
+RUN setfacl -R -m g:root:rw /config
 
 # This script will add the requested XML snippets to enable Liberty features and grow image to be fit-for-purpose using featureUtility
 RUN features.sh

From 93e9bb1a26a0ea104c4a6120663c1902b33815e7 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Thu, 29 Jun 2023 16:04:21 -0400
Subject: [PATCH 09/12] Update acl command

---
 build/test-liberty-certificates/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/test-liberty-certificates/Dockerfile b/build/test-liberty-certificates/Dockerfile
index 071350ba..c39297cb 100644
--- a/build/test-liberty-certificates/Dockerfile
+++ b/build/test-liberty-certificates/Dockerfile
@@ -17,7 +17,7 @@ COPY --from=staging --chown=1001:0 tls.key /config/certs/
 COPY --from=staging --chown=1001:0 tls.crt /config/certs/ca.crt
 
 # Add rw perms for non-default user
-RUN setfacl -R -m g:root:rw /config
+RUN setfacl -R -Lm g:root:rw /config/certs
 
 # This script will add the requested XML snippets to enable Liberty features and grow image to be fit-for-purpose using featureUtility
 RUN features.sh

From 522712199b7021f139fa8c820e3f2cc39eb36325 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Fri, 30 Jun 2023 10:58:31 -0400
Subject: [PATCH 10/12] Support dynamic images in verify.sh

---
 build/verify.sh | 51 +++++++++++++++++++++++++++----------------------
 1 file changed, 28 insertions(+), 23 deletions(-)

diff --git a/build/verify.sh b/build/verify.sh
index 208c1fcd..d712042d 100755
--- a/build/verify.sh
+++ b/build/verify.sh
@@ -15,12 +15,12 @@ DOCKER=docker
 
 waitForServerStart()
 {
-   cid=$1
+   image=$1
    count=${2:-1}
    end=$((SECONDS+120))
-   while (( $SECONDS < $end && $($DOCKER inspect -f {{.State.Running}} $cid) == "true" ))
+   while (( $SECONDS < $end ))
    do
-      result=$($DOCKER logs $cid 2>&1 | grep "CWWKF0011I" | wc -l)
+      result=$($DOCKER logs $image 2>&1 | grep "CWWKF0011I" | wc -l)
       if [ $result = $count ]
       then
          return 0
@@ -33,11 +33,11 @@ waitForServerStart()
 
 waitForServerStop()
 {
-   cid=$1
+   image=$1
    end=$((SECONDS+120))
    while (( $SECONDS < $end ))
    do
-      result=$($DOCKER logs $cid 2>&1 | grep "CWWKE0036I" | wc -l)
+      result=$($DOCKER logs $image 2>&1 | grep "CWWKE0036I" | wc -l)
       if [ $result = 1 ]
       then
          return 0
@@ -50,12 +50,13 @@ waitForServerStop()
 
 testLibertyStopsAndRestarts()
 {
+   staticImage=$2
    if [ "$1" == "OpenShift" ]; then
       timestamp=$(date '+%Y/%m/%d %H:%M:%S')
       echo "$timestamp *** testLibertyStopsAndRestarts on OpenShift"
-      cid=$($DOCKER run -d -u 1005:0 $security_opt $image)
+      $DOCKER run -d -u 1005:0 $security_opt $image
    else
-      cid=$($DOCKER run -d $security_opt $image)
+      $DOCKER run -d $security_opt $image
    fi
    
    if [ $? != 0 ]
@@ -64,54 +65,58 @@ testLibertyStopsAndRestarts()
       exit 1
    fi
    
-   waitForServerStart $cid
+   waitForServerStart $image
    if [ $? != 0 ]
    then
       echo "Liberty failed to start; exiting"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
+      $DOCKER logs $image
+      $DOCKER rm -f $image >/dev/null
       exit 1
    fi
    sleep 45
-   $DOCKER stop $cid >/dev/null
+   $DOCKER stop $image >/dev/null
    if [ $? != 0 ]
    then
       echo "Error stopping container or server; exiting"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
+      $DOCKER logs $image
+      $DOCKER rm -f $image >/dev/null
       exit 1
    fi
 
-   $DOCKER start $cid >/dev/null
+   $DOCKER start $image >/dev/null
    if [ $? != 0 ]
    then
       echo "Failed to rerun container; exiting"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
+      $DOCKER logs $image
+      $DOCKER rm -f $image >/dev/null
       exit 1
    fi
 
-   waitForServerStart $cid 2
+   if [ "$staticImage" = "true" ]; then
+      waitForServerStart $image 2
+   else
+      waitForServerStart $image
+   fi
    if [ $? != 0 ]
    then
       echo "Server failed to restart; exiting"
-      $DOCKER logs $cid
-      $DOCKER rm -f $cid >/dev/null
+      $DOCKER logs $image
+      $DOCKER rm -f $image >/dev/null
       exit 1
    fi
 
-   $DOCKER logs $cid 2>&1 | grep "ERROR"
+   $DOCKER logs $image 2>&1 | grep "ERROR"
    if [ $? = 0 ]
    then
       echo "Errors found in logs for container; exiting"
       echo "DEBUG START full log"
-      $DOCKER logs $cid
+      $DOCKER logs $image
       echo "DEBUG END full log"
-      $DOCKER rm -f $cid >/dev/null
+      $DOCKER rm -f $image >/dev/null
       exit 1
    fi
 
-   $DOCKER rm -f $cid >/dev/null
+   $DOCKER rm -f $image >/dev/null
 }
 
 testDockerOnOpenShift()

From e80514f022d43aab864f696b49e078827f97ba6d Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Fri, 30 Jun 2023 11:13:27 -0400
Subject: [PATCH 11/12] Suppress debug messages

and use --name flag to run images
---
 build/verify.sh                    | 4 ++--
 build/verifyLibertyCertificates.sh | 2 --
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/build/verify.sh b/build/verify.sh
index d712042d..71a31223 100755
--- a/build/verify.sh
+++ b/build/verify.sh
@@ -54,9 +54,9 @@ testLibertyStopsAndRestarts()
    if [ "$1" == "OpenShift" ]; then
       timestamp=$(date '+%Y/%m/%d %H:%M:%S')
       echo "$timestamp *** testLibertyStopsAndRestarts on OpenShift"
-      $DOCKER run -d -u 1005:0 $security_opt $image
+      $DOCKER run --name $image -d -u 1005:0 $security_opt $image
    else
-      $DOCKER run -d $security_opt $image
+      $DOCKER run --name $image -d $security_opt $image
    fi
    
    if [ $? != 0 ]
diff --git a/build/verifyLibertyCertificates.sh b/build/verifyLibertyCertificates.sh
index 25f39bcd..7e48cb5e 100755
--- a/build/verifyLibertyCertificates.sh
+++ b/build/verifyLibertyCertificates.sh
@@ -44,10 +44,8 @@ testLibertyCertificates()
     serverLaunched=false
     while [ $serverLaunched = false ] && [ $i -lt $maxRetry ]; do
         sleep 1
-        echo "Checking logs ($(( $i + 1 ))/$maxRetry)"
         launchMessage=$($DOCKER logs $cid | grep "Launching defaultServer" -c)
         if [ $launchMessage -eq 1 ]; then
-            echo "Launch message found!"
             serverLaunched=true
         fi
         i=$(( $i + 1 ))

From 54b843cb672de5aed38abe971bba2738db05bb24 Mon Sep 17 00:00:00 2001
From: kabicin <kirbychin99@gmail.com>
Date: Tue, 18 Jul 2023 13:28:00 -0400
Subject: [PATCH 12/12] Use openssl image

---
 build/test-liberty-certificates/Dockerfile | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/build/test-liberty-certificates/Dockerfile b/build/test-liberty-certificates/Dockerfile
index c39297cb..a37a4371 100644
--- a/build/test-liberty-certificates/Dockerfile
+++ b/build/test-liberty-certificates/Dockerfile
@@ -1,10 +1,8 @@
 ARG IMAGE=openliberty/open-liberty:kernel-slim-java8-openj9-ubi
 
-FROM alpine as staging
-
 # Generate certificates (for test only)
-RUN apk add openssl
-RUN openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out tls.crt -keyout tls.key -subj "/C=CA/ST=Ontario/L=Markham/O=IBM/OU=WAS/CN=ci.docker.test"
+FROM registry.access.redhat.com/ubi8/openssl as staging
+RUN openssl req -new -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out /tls.crt -keyout /tls.key -subj "/C=CA/ST=Ontario/L=Markham/O=IBM/OU=WAS/CN=ci.docker.test"
 
 FROM ${IMAGE}
 
@@ -12,9 +10,9 @@ COPY --chown=1001:0 server.xml /config/
 # Add certificates to TLS_DIR
 ENV TLS_DIR=/config/certs
 RUN mkdir -p /config/certs
-COPY --from=staging --chown=1001:0 tls.crt /config/certs/
-COPY --from=staging --chown=1001:0 tls.key /config/certs/
-COPY --from=staging --chown=1001:0 tls.crt /config/certs/ca.crt
+COPY --from=staging --chown=1001:0 /tls.crt /config/certs/
+COPY --from=staging --chown=1001:0 /tls.key /config/certs/
+COPY --from=staging --chown=1001:0 /tls.crt /config/certs/ca.crt
 
 # Add rw perms for non-default user
 RUN setfacl -R -Lm g:root:rw /config/certs
@@ -23,4 +21,4 @@ RUN setfacl -R -Lm g:root:rw /config/certs
 RUN features.sh
 
 # This script will add the requested server configurations, apply any iFixes and populate caches to optimize runtime
-RUN configure.sh
\ No newline at end of file
+RUN configure.sh