diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/.env b/docker/gaffer-kerberos/gaffer-integration-tests-krb/.env
new file mode 100644
index 00000000..3845e902
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/.env
@@ -0,0 +1,17 @@
+GAFFER_VERSION=2.0.0
+GAFFER_KRB_PASSWORD=change-password-for-gaffer
+GAFFER_TESTER_VERSION=2.0.0
+
+ZOOKEEPER_VERSION=3.7.1
+ZOOKEEPER_KRB_PASSWORD=change-password-for-zookeeper
+
+ACCUMULO_VERSION=1.9.3
+ACCUMULO_CONF_DIR=/etc/accumulo/conf
+ACCUMULO_KRB_PASSWORD=change-password-for-accumulo
+
+HADOOP_VERSION=3.2.2
+HADOOP_CONF_DIR=/etc/hadoop/conf
+HADOOP_KRB_PASSWORD=change-password-for-hadoop
+
+DEBUG=0
+GAFFER_DEBUG=0
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/Dockerfile b/docker/gaffer-kerberos/gaffer-integration-tests-krb/Dockerfile
new file mode 100644
index 00000000..9271d57d
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/Dockerfile
@@ -0,0 +1,32 @@
+# Copyright 2021-2023 Crown Copyright
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ARG GAFFER_VERSION=develop
+ARG ACCUMULO_VERSION=1.9.3
+
+ARG BASE_IMAGE_NAME=gchq/gaffer-integration-tests
+ARG BASE_IMAGE_TAG=${GAFFER_VERSION}-accumulo-${ACCUMULO_VERSION}
+
+FROM ${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG}
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get -qq update && \
+ apt-get -qq install -y krb5-kdc && \
+ apt-get -qq clean && \
+ rm -rf /var/lib/apt/lists/*
+
+COPY ./native /tmp/hadoop/native
+COPY ./krb-entrypoint.sh .
+ENTRYPOINT ["/bin/bash","./krb-entrypoint.sh"]
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/README.md b/docker/gaffer-kerberos/gaffer-integration-tests-krb/README.md
new file mode 100644
index 00000000..4e727c77
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/README.md
@@ -0,0 +1,19 @@
+Gaffer Kerberos Integration Tests
+=================================
+This folder contains a Dockerfile for running integration tests against an Accumulo cluster which uses Kerberos authentication.
+
+For more information on the integration tests, please see the primary Gaffer Docker integration tests README.
+
+# Prerequisites
+For the HDFS tests to work, you must acquire and place the HDFS native libraries into the `native` directory.
+You must also have built the Gaffer with Kerberos containers in the directory above and the non-kerberos
+version of the integration tests container image.
+
+# Running Locally
+These services can be built and run using docker compose:
+```bash
+docker compose up
+```
+
+# Issues
+HDFS tests fail with Accumulo 2.0.0. They pass with Accumulo 1.9.3. This problem has been raised as [Gaffer issue #3134](https://github.com/gchq/Gaffer/issues/3134).
\ No newline at end of file
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/accumulo-int-entrypoint.sh b/docker/gaffer-kerberos/gaffer-integration-tests-krb/accumulo-int-entrypoint.sh
new file mode 100755
index 00000000..99b9fac8
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/accumulo-int-entrypoint.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+# Copyright 2023 Crown Copyright
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Wait for Accumulo to be started and working (uses same approach as compose healthcheck)
+until cat /proc/net/tcp | grep 270F; do
+ sleep 15
+done
+
+# Grant required permissions and auths to Gaffer user for integration tests
+
+PRINCIPAL="accumulo/$(hostname)"
+FULL_PRINCIPAL="$PRINCIPAL@GAFFER.DOCKER"
+GAFFER_FULL_PRINCIPAL=$1
+
+kinit -k -t /etc/accumulo/conf/accumulo.keytab $FULL_PRINCIPAL
+
+echo "\nGranting permissions for Gaffer integration tests\n"
+
+if echo "$ACCUMULO_VERSION" | grep -q "^2.*$"; then
+ ACCUMULO_SHELL_CMD="accumulo shell --config-file accumulo-shell-client.properties -e"
+else
+ ACCUMULO_SHELL_CMD="accumulo shell -e"
+fi
+
+$ACCUMULO_SHELL_CMD "createuser $GAFFER_FULL_PRINCIPAL"
+$ACCUMULO_SHELL_CMD "grant System.CREATE_TABLE -s -u $GAFFER_FULL_PRINCIPAL"
+$ACCUMULO_SHELL_CMD "grant System.DROP_TABLE -s -u $GAFFER_FULL_PRINCIPAL"
+$ACCUMULO_SHELL_CMD "grant System.ALTER_TABLE -s -u $GAFFER_FULL_PRINCIPAL"
+$ACCUMULO_SHELL_CMD "setauths -s vis1,vis2,publicVisibility,privateVisibility,public,private -u $GAFFER_FULL_PRINCIPAL"
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/accumulo-shell-client.properties b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/accumulo-shell-client.properties
new file mode 100644
index 00000000..efe7ae12
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/accumulo-shell-client.properties
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+## Required to set Zookeeper host
+instance.zookeepers=zookeeper.gaffer:2181
+## Required to set Accumulo Instance name
+instance.name = accumulo
+## Required to get Kerberos to be used
+auth.type = kerberos
+auth.principal = accumulo/accumulo-master.gaffer@GAFFER.DOCKER
+auth.token = /etc/accumulo/conf/accumulo.keytab
+
+## Further Kerberos Config
+sasl.enabled = true
+sasl.qop = auth
+sasl.kerberos.server.primary = accumulo
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/core-site.xml b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/core-site.xml
new file mode 100644
index 00000000..74c0b946
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/core-site.xml
@@ -0,0 +1,31 @@
+
+
+
+
+
+ hadoop.security.authentication
+ kerberos
+
+
+ hadoop.security.authorization
+ true
+
+
+ fs.defaultFS
+ hdfs://hdfs-namenode.gaffer:9000
+
+
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/hdfs-site.xml b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/hdfs-site.xml
new file mode 100644
index 00000000..e95a2110
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/hdfs-site.xml
@@ -0,0 +1,23 @@
+
+
+
+
+
+ yarn.resourcemanager.principalgaffer/gaffer-int.gaffer@GAFFER.DOCKER
+
+ dfs.namenode.kerberos.principalhadoop/hdfs-namenode.gaffer@GAFFER.DOCKER
+
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/log4j.xml b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/log4j.xml
new file mode 100644
index 00000000..2edc3a86
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/conf/log4j.xml
@@ -0,0 +1,33 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/docker-compose.yaml b/docker/gaffer-kerberos/gaffer-integration-tests-krb/docker-compose.yaml
new file mode 100644
index 00000000..86a47e72
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/docker-compose.yaml
@@ -0,0 +1,229 @@
+# Copyright 2023 Crown Copyright
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+version: "3.7"
+
+networks:
+ default:
+ name: gaffer
+
+services:
+
+ kdc-server:
+ image: gchq/kerberos-kdc-server:0.1
+ healthcheck:
+ test: ps -aux | grep krb5kdc
+ retries: 5
+ interval: 1s
+ timeout: 5s
+ container_name: kdc-server
+ hostname: kdc-server
+ environment:
+ - HADOOP_KRB_PASSWORD=${HADOOP_KRB_PASSWORD}
+ - ZOOKEEPER_KRB_PASSWORD=${ZOOKEEPER_KRB_PASSWORD}
+ - ACCUMULO_KRB_PASSWORD=${ACCUMULO_KRB_PASSWORD}
+ - GAFFER_KRB_PASSWORD=${GAFFER_KRB_PASSWORD}
+ volumes:
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - ../kdc/conf/kdc.conf:/etc/kdc.conf:ro
+
+ zookeeper:
+ depends_on:
+ kdc-server:
+ condition: service_healthy
+ healthcheck:
+ test: echo ruok | nc 127.0.0.1 2181 | grep imok
+ interval: 30s
+ timeout: 5s
+ retries: 3
+ start_period: 5s
+ image: zookeeper:${ZOOKEEPER_VERSION}-krb
+ container_name: zookeeper
+ hostname: zookeeper
+ environment:
+ - ZOOKEEPER_KRB_PASSWORD=${ZOOKEEPER_KRB_PASSWORD}
+ volumes:
+ - ../zookeeper-krb/conf/jaas.conf:/conf/jaas.conf:ro
+ - ../zookeeper-krb/conf/java.env:/conf/java.env:ro
+ - ../zookeeper-krb/conf/zoo.cfg:/conf/zoo.cfg:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - /data
+ - /datalog
+
+ hdfs-namenode:
+ depends_on:
+ zookeeper:
+ condition: service_healthy
+ image: gchq/hdfs-krb:${HADOOP_VERSION}
+ healthcheck:
+ test: curl -f http://localhost:9870 || exit 1
+ interval: 30s
+ timeout: 10s
+ retries: 3
+ start_period: 10s
+ command: namenode
+ container_name: hdfs-namenode
+ hostname: hdfs-namenode.gaffer
+ environment:
+ - HADOOP_CONF_DIR=${HADOOP_CONF_DIR}
+ - HADOOP_KRB_PASSWORD=${HADOOP_KRB_PASSWORD}
+ - DEBUG=${DEBUG}
+ ports:
+ - "9870:9870"
+ volumes:
+ - ../hdfs-krb/conf:${HADOOP_CONF_DIR}:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - /var/log/hadoop
+ - /data1
+ - /data2
+
+ hdfs-datanode:
+ depends_on:
+ hdfs-namenode:
+ condition: service_healthy
+ image: gchq/hdfs-krb:${HADOOP_VERSION}
+ command: datanode
+ container_name: hdfs-datanode
+ hostname: hdfs-datanode.gaffer
+ environment:
+ - HADOOP_CONF_DIR=${HADOOP_CONF_DIR}
+ - HADOOP_KRB_PASSWORD=${HADOOP_KRB_PASSWORD}
+ - DEBUG=${DEBUG}
+ volumes:
+ - ../hdfs-krb/conf:${HADOOP_CONF_DIR}:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - /var/log/hadoop
+ - /data1
+ - /data2
+
+ accumulo-master:
+ depends_on:
+ hdfs-namenode:
+ condition: service_healthy
+ image: gchq/gaffer-krb:${GAFFER_VERSION}-accumulo-${ACCUMULO_VERSION}
+ healthcheck:
+ test: cat /proc/net/tcp | grep 270F
+ interval: 30s
+ timeout: 5s
+ retries: 3
+ start_period: 20s
+ # When calling entrypoint, also call a script to
+ # correctly setup auths so that tests can run
+ entrypoint: bash -c "/int-entrypoint.sh gaffer/gaffer-int.gaffer@GAFFER.DOCKER & /krb-entrypoint.sh accumulo master"
+ container_name: accumulo-master
+ hostname: accumulo-master.gaffer
+ environment:
+ - ACCUMULO_KRB_PASSWORD=${ACCUMULO_KRB_PASSWORD}
+ - ACCUMULO_VERSION=${ACCUMULO_VERSION}
+ - ACCUMULO_CONF_DIR=${ACCUMULO_CONF_DIR}
+ - ACCUMULO_AS_ROOT=1
+ - DEBUG=${DEBUG}
+ volumes:
+ - ../gaffer-krb/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/krb:ro
+ - ../gaffer-krb/conf-common/core-site.xml:${ACCUMULO_CONF_DIR}/core-site.xml:ro
+ - ../../accumulo/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/non-krb:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - ./accumulo-int-entrypoint.sh:/int-entrypoint.sh:ro
+ - ./conf/accumulo-shell-client.properties:/accumulo-shell-client.properties:ro
+ - /var/log/accumulo
+
+ accumulo-tserver:
+ depends_on:
+ accumulo-master:
+ condition: service_healthy
+ image: gchq/gaffer-krb:${GAFFER_VERSION}-accumulo-${ACCUMULO_VERSION}
+ healthcheck:
+ test: cat /proc/net/tcp | grep 270D
+ interval: 30s
+ timeout: 5s
+ retries: 3
+ start_period: 10s
+ command: tserver
+ container_name: accumulo-tserver
+ hostname: accumulo-tserver.gaffer
+ environment:
+ - ACCUMULO_KRB_PASSWORD=${ACCUMULO_KRB_PASSWORD}
+ - ACCUMULO_VERSION=${ACCUMULO_VERSION}
+ - ACCUMULO_CONF_DIR=${ACCUMULO_CONF_DIR}
+ - DEBUG=${DEBUG}
+ volumes:
+ - ../gaffer-krb/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/krb:ro
+ - ../gaffer-krb/conf-common/core-site.xml:${ACCUMULO_CONF_DIR}/core-site.xml:ro
+ - ../../accumulo/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/non-krb:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - /var/log/accumulo
+
+ accumulo-monitor:
+ depends_on:
+ accumulo-master:
+ condition: service_healthy
+ image: gchq/gaffer-krb:${GAFFER_VERSION}-accumulo-${ACCUMULO_VERSION}
+ command: monitor
+ container_name: accumulo-monitor
+ hostname: accumulo-monitor.gaffer
+ environment:
+ - ACCUMULO_KRB_PASSWORD=${ACCUMULO_KRB_PASSWORD}
+ - ACCUMULO_VERSION=${ACCUMULO_VERSION}
+ - ACCUMULO_CONF_DIR=${ACCUMULO_CONF_DIR}
+ - DEBUG=${DEBUG}
+ ports:
+ - "9995:9995"
+ volumes:
+ - ../gaffer-krb/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/krb:ro
+ - ../gaffer-krb/conf-common/core-site.xml:${ACCUMULO_CONF_DIR}/core-site.xml:ro
+ - ../../accumulo/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/non-krb:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - /var/log/accumulo
+
+ accumulo-gc:
+ depends_on:
+ accumulo-master:
+ condition: service_healthy
+ image: gchq/gaffer-krb:${GAFFER_VERSION}-accumulo-${ACCUMULO_VERSION}
+ command: gc
+ container_name: accumulo-gc
+ hostname: accumulo-gc.gaffer
+ environment:
+ - ACCUMULO_KRB_PASSWORD=${ACCUMULO_KRB_PASSWORD}
+ - ACCUMULO_VERSION=${ACCUMULO_VERSION}
+ - ACCUMULO_CONF_DIR=${ACCUMULO_CONF_DIR}
+ - DEBUG=${DEBUG}
+ volumes:
+ - ../gaffer-krb/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/krb:ro
+ - ../gaffer-krb/conf-common/core-site.xml:${ACCUMULO_CONF_DIR}/core-site.xml:ro
+ - ../../accumulo/conf-${ACCUMULO_VERSION}:${ACCUMULO_CONF_DIR}/non-krb:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
+ - /var/log/accumulo
+
+ gaffer-integration-tests:
+ image: gchq/gaffer-integration-tests-krb:${GAFFER_TESTER_VERSION}-accumulo-${ACCUMULO_VERSION}
+ build:
+ context: .
+ args:
+ GAFFER_VERSION: ${GAFFER_TESTER_VERSION}
+ ACCUMULO_VERSION: ${ACCUMULO_VERSION}
+ container_name: gaffer-int
+ hostname: gaffer-int.gaffer
+ environment:
+ - GAFFER_KRB_PASSWORD=${GAFFER_KRB_PASSWORD}
+ - GAFFER_DEBUG=${GAFFER_DEBUG}
+ - DEBUG=${DEBUG}
+ volumes:
+ - ../gaffer-rest-krb/conf/store.properties:/tests/conf/store.properties:ro
+ - ./conf/log4j.xml:/tests/conf/log4j.xml:ro
+ - ./conf/core-site.xml:/opt/hadoop/conf/core-site.xml:ro
+ - ./conf/hdfs-site.xml:/opt/hadoop/conf/hdfs-site.xml:ro
+ - ../gaffer-krb/conf-1.9.3/client.conf:/etc/accumulo/client.conf:ro
+ - ../gaffer-krb/conf-2.0.1/accumulo-client.properties:/etc/accumulo/accumulo-client.properties:ro
+ - ../kdc/conf/krb5.conf:/etc/krb5.conf:ro
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/krb-entrypoint.sh b/docker/gaffer-kerberos/gaffer-integration-tests-krb/krb-entrypoint.sh
new file mode 100644
index 00000000..9044f75b
--- /dev/null
+++ b/docker/gaffer-kerberos/gaffer-integration-tests-krb/krb-entrypoint.sh
@@ -0,0 +1,73 @@
+#!/bin/bash
+
+# Copyright 2020-2023 Crown Copyright
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ex
+
+# Show verbose Hadoop Kerberos auth information
+if [ $DEBUG -eq 1 ]; then
+ export HADOOP_JAAS_DEBUG=true
+ export HADOOP_OPTS="-Djava.net.preferIPv4Stack=true -Dsun.security.krb5.debug=true -Dsun.security.spnego.debug"
+ echo "Debugging flag enabled (DEBUG=$DEBUG), additional Kerberos details will be printed"
+fi
+
+KEYTAB_PATH=/tmp/gaffer.keytab
+PRINCIPAL=gaffer/$(hostname)
+FULL_PRINCIPAL=gaffer/$(hostname)@GAFFER.DOCKER
+
+{
+echo "add_entry -password -p $PRINCIPAL -k 1 -e aes256-cts"; sleep 0.2
+echo $GAFFER_KRB_PASSWORD; sleep 0.2
+echo list; sleep 0.2
+echo "write_kt $KEYTAB_PATH"; sleep 0.2
+echo exit
+} | ktutil
+
+# Update store properties files to point to the location of the Accumulo store to test against:
+accumulo_instance=$(cat conf/store.properties | grep accumulo.instance | sed -e 's/.*=\(.*\)/\1/')
+accumulo_zookeepers=$(cat conf/store.properties | grep accumulo.zookeepers | sed -e 's/.*=\(.*\)/\1/')
+store_properties=$(find /tmp/gaffer/store-implementation/accumulo-store/src/test/resources -name *.properties | grep -v cache)
+
+for store in $store_properties; do
+sed -i'' -e "s/gaffer.store.class=\(.*\)Mini\(.*\)/gaffer.store.class=\1\2/" $store
+sed -i'' -e "s/accumulo.instance=.*/accumulo.instance=$accumulo_instance/" $store
+sed -i'' -e "s/accumulo.zookeepers=.*/accumulo.zookeepers=$accumulo_zookeepers/" $store
+echo accumulo.kerberos.principal=$FULL_PRINCIPAL >> $store
+echo accumulo.kerberos.keytab=$KEYTAB_PATH >> $store
+echo accumulo.kerberos.enable=true >> $store
+done
+
+# Needed for AddElementsFromHdfs tests
+cp /opt/hadoop/conf/core-site.xml /tmp/gaffer/store-implementation/accumulo-store/src/test/resources/
+cp /opt/hadoop/conf/hdfs-site.xml /tmp/gaffer/store-implementation/accumulo-store/src/test/resources/
+
+# Required for Hadoop to find its Native Libraries which Kerberos auth cannot work without
+cp /tmp/hadoop/native/lib* /usr/lib/
+
+# Set correct LEGACY var based on Accumulo version
+if echo "$ACCUMULO_VERSION" | grep -q "^1.*$"; then LEGACY=true; else LEGACY=false; fi
+
+# Run Integration Tests
+cd /tmp/gaffer
+# Compile Tests
+mvn -q clean install -Dlegacy=$LEGACY -pl :accumulo-store -am -Pquick
+# Run Tests without quiet output if GAFFER_DEBUG enabled
+if [ $GAFFER_DEBUG -eq 1 ]; then
+ # Replace log config with a config which uses INFO level, this additional info may help for Gaffer ticket #3134
+ cp /tests/conf/log4j.xml /tmp/gaffer/store-implementation/accumulo-store/src/test/resources/
+ mvn verify -Dlegacy=$LEGACY -ntp -Dskip.surefire.tests -Dmaven.test.failure.ignore=true -Dmaven.main.skip=true -DtrimStackTrace=false -DuseFile=false -Pcoverage -pl :accumulo-store
+else
+ mvn -q verify -Dlegacy=$LEGACY -Dskip.surefire.tests -pl :accumulo-store -ff
+fi
diff --git a/docker/gaffer-kerberos/gaffer-integration-tests-krb/native/.gitkeep b/docker/gaffer-kerberos/gaffer-integration-tests-krb/native/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/docker/gaffer-kerberos/gaffer-krb/Dockerfile b/docker/gaffer-kerberos/gaffer-krb/Dockerfile
index 1c34a676..13127da5 100644
--- a/docker/gaffer-kerberos/gaffer-krb/Dockerfile
+++ b/docker/gaffer-kerberos/gaffer-krb/Dockerfile
@@ -20,12 +20,13 @@ ARG GROUP=accumulo
FROM ${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG}
+ENV DEBIAN_FRONTEND=noninteractive
+
USER root
-RUN apt -qq update && \
- apt -qq install -y \
- krb5-user && \
- apt -qq clean \
- && rm -rf /var/lib/apt/lists/*
+RUN apt-get -qq update && \
+ apt-get -qq install -y krb5-kdc && \
+ apt-get -qq clean && \
+ rm -rf /var/lib/apt/lists/*
USER ${USER}
COPY ./krb-entrypoint.sh /
diff --git a/docker/gaffer-kerberos/hdfs-krb/Dockerfile b/docker/gaffer-kerberos/hdfs-krb/Dockerfile
index 6a9b2cfd..925eeea8 100644
--- a/docker/gaffer-kerberos/hdfs-krb/Dockerfile
+++ b/docker/gaffer-kerberos/hdfs-krb/Dockerfile
@@ -20,13 +20,13 @@ ARG GROUP=hadoop
FROM ${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG}
+ENV DEBIAN_FRONTEND=noninteractive
+
USER root
-RUN apt -qq update && \
- apt -qq install -y \
- krb5-user \
- jsvc && \
- apt -qq clean \
- && rm -rf /var/lib/apt/lists/*
+RUN apt-get -qq update && \
+ apt-get -qq install -y krb5-kdc && \
+ apt-get -qq clean && \
+ rm -rf /var/lib/apt/lists/*
RUN chown -R ${USER}:${GROUP} /opt/hadoop/etc/hadoop && \
echo "export HDFS_DATANODE_SECURE_USER=hadoop" >> /opt/hadoop/etc/hadoop/hadoop-env.sh && \
diff --git a/docker/gaffer-kerberos/kdc/Dockerfile b/docker/gaffer-kerberos/kdc/Dockerfile
index 495757c8..f7a3a47e 100644
--- a/docker/gaffer-kerberos/kdc/Dockerfile
+++ b/docker/gaffer-kerberos/kdc/Dockerfile
@@ -17,13 +17,14 @@ ARG BASE_IMAGE_TAG=focal-20230412
FROM ${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG}
-RUN apt -qq update && \
- apt -qq install -y \
- krb5-kdc \
- krb5-admin-server \
- procps && \
- apt -qq clean \
- && rm -rf /var/lib/apt/lists/*
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get -qq update && \
+ apt-get -qq install -y \
+ krb5-kdc krb5-admin-server \
+ procps && \
+ apt-get -qq clean && \
+ rm -rf /var/lib/apt/lists/*
COPY ./entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
diff --git a/docker/gaffer-kerberos/zookeeper-krb/Dockerfile b/docker/gaffer-kerberos/zookeeper-krb/Dockerfile
index c5f7bca6..dd05d794 100644
--- a/docker/gaffer-kerberos/zookeeper-krb/Dockerfile
+++ b/docker/gaffer-kerberos/zookeeper-krb/Dockerfile
@@ -17,11 +17,12 @@ ARG BASE_IMAGE_TAG=3.7.1
FROM ${BASE_IMAGE_NAME}:${BASE_IMAGE_TAG}
-RUN apt -qq update && \
- apt -qq install -y \
- krb5-kdc && \
- apt -qq clean \
- && rm -rf /var/lib/apt/lists/*
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get -qq update && \
+ apt-get -qq install -y krb5-kdc && \
+ apt-get -qq clean && \
+ rm -rf /var/lib/apt/lists/*
COPY ./krb-entrypoint.sh /
ENTRYPOINT ["/krb-entrypoint.sh"]