From ad1b2db1fdeeb6df4055b8ba14b2424752e32fc5 Mon Sep 17 00:00:00 2001
From: Robert Parker <parrobe@uk.ibm.com>
Date: Wed, 29 Aug 2018 11:25:44 +0100
Subject: [PATCH] Further RHEL fixes

---
 Makefile-RHEL                                 |  7 +---
 mq-advanced-server-rhel/install-mq-rhel.sh    | 37 +++++++++----------
 mq-advanced-server-rhel/mq-buildah.sh         | 13 +++++--
 .../mq-golang-sdk-buildah.sh                  | 29 +++++++++------
 mq-advanced-server-rhel/mqdev-buildah.sh      | 13 +++++--
 5 files changed, 55 insertions(+), 44 deletions(-)

diff --git a/Makefile-RHEL b/Makefile-RHEL
index b9cac876..3a8f0deb 100644
--- a/Makefile-RHEL
+++ b/Makefile-RHEL
@@ -47,9 +47,6 @@ MQ_PACKAGES ?= MQSeriesRuntime-*.rpm MQSeriesServer-*.rpm MQSeriesJava*.rpm MQSe
 ###############################################################################
 # ARCH is the platform architecture (e.g. x86_64, ppc64le or s390x)
 ARCH = $(shell uname -m)
-# NUM_CPU is the number of CPUs available to Docker.  Used to control how many
-# test run in parallel
-NUM_CPU = $(or $(shell docker info --format "{{ .NCPU }}"),2)
 # BASE_IMAGE_TAG is a normalized version of BASE_IMAGE, suitable for use in a Docker tag
 BASE_IMAGE_TAG=$(subst /,-,$(subst :,-,$(BASE_IMAGE)))
 MQ_IMAGE_DEVSERVER_BASE=mqadvanced-server-dev-base:$(MQ_VERSION)-$(ARCH)-$(BASE_IMAGE_TAG)
@@ -116,7 +113,7 @@ test-advancedserver: check-test-prereqs test/docker/vendor
 	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_ADVANCEDSERVER) on $(shell docker --version)"$(END)))
 	buildah push $(MQ_IMAGE_ADVANCEDSERVER) docker-daemon:$(MQ_IMAGE_ADVANCEDSERVER)
 	docker tag docker.io/$(MQ_IMAGE_ADVANCEDSERVER) $(MQ_IMAGE_ADVANCEDSERVER)
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) EXPECTED_LICENSE=Production go test -parallel $(NUM_CPU) $(TEST_OPTS_DOCKER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_ADVANCEDSERVER) EXPECTED_LICENSE=Production go test $(TEST_OPTS_DOCKER)
 
 
 .PHONY: test-devserver
@@ -124,7 +121,7 @@ test-devserver: check-test-prereqs test/docker/vendor
 	$(info $(SPACER)$(shell printf $(TITLE)"Test $(MQ_IMAGE_DEVSERVER) on $(shell docker --version)"$(END)))
 	buildah push $(MQ_IMAGE_DEVSERVER) docker-daemon:$(MQ_IMAGE_DEVSERVER)
 	docker tag docker.io/$(MQ_IMAGE_DEVSERVER) $(MQ_IMAGE_DEVSERVER)
-	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) go test -parallel $(NUM_CPU) -tags mqdev $(TEST_OPTS_DOCKER)
+	cd test/docker && TEST_IMAGE=$(MQ_IMAGE_DEVSERVER) EXPECTED_LICENSE=Developer DEV_JMS_IMAGE=$(DEV_JMS_IMAGE) go test -tags mqdev $(TEST_OPTS_DOCKER)
 
 
 .PHONY: build-advancedserver
diff --git a/mq-advanced-server-rhel/install-mq-rhel.sh b/mq-advanced-server-rhel/install-mq-rhel.sh
index 6cd5967e..59cfc5fd 100755
--- a/mq-advanced-server-rhel/install-mq-rhel.sh
+++ b/mq-advanced-server-rhel/install-mq-rhel.sh
@@ -19,17 +19,12 @@
 
 set -ex
 
-readonly ctr=$1
-readonly scratchmnt=$2
+readonly ctr_mq=$1
+readonly mnt_mq=$2
 readonly archive=$3
 readonly mq_packages=$4
 readonly dir_extract=/tmp/extract
 
-groupadd --root $scratchmnt --system --gid 888 mqm
-useradd --root $scratchmnt --system --uid 888 --gid mqm mqm
-usermod --root $scratchmnt -aG root mqm
-usermod --root $scratchmnt -aG mqm root
-
 if [ ! -d ${dir_extract}/MQServer ]; then
   mkdir -p ${dir_extract}
   echo Extracting $archive
@@ -41,34 +36,36 @@ fi
 
 
 # Accept the MQ license
-buildah run --volume ${dir_extract}:/mnt/mq-download $ctr -- /mnt/mq-download/MQServer/mqlicense.sh -text_only -accept
+buildah run --volume ${dir_extract}:/mnt/mq-download $ctr_mq -- /mnt/mq-download/MQServer/mqlicense.sh -text_only -accept
 
-buildah run --volume ${dir_extract}:/mnt/mq-download $ctr -- bash -c "cd /mnt/mq-download/MQServer && rpm -ivh $mq_packages"
+buildah run --volume ${dir_extract}:/mnt/mq-download $ctr_mq -- bash -c "cd /mnt/mq-download/MQServer && rpm -ivh $mq_packages"
 
 rm -rf ${dir_extract}/MQServer
 
 # Remove 32-bit libraries from 64-bit container
-find $scratchmnt/opt/mqm $scratchmnt/var/mqm -type f -exec file {} \; | awk -F: '/ELF 32-bit/{print $1}' | xargs --no-run-if-empty rm -f
+find $mnt_mq/opt/mqm $mnt_mq/var/mqm -type f -exec file {} \; | awk -F: '/ELF 32-bit/{print $1}' | xargs --no-run-if-empty rm -f
 
 # Remove tar.gz files unpacked by RPM postinst scripts
-find $scratchmnt/opt/mqm -name '*.tar.gz' -delete
+find $mnt_mq/opt/mqm -name '*.tar.gz' -delete
 
 # Recommended: Set the default MQ installation (makes the MQ commands available on the PATH)
-buildah run $ctr -- /opt/mqm/bin/setmqinst -p /opt/mqm -i
+buildah run $ctr_mq -- /opt/mqm/bin/setmqinst -p /opt/mqm -i
 
-mkdir -p $scratchmnt/run/runmqserver
-chown 888:888 $scratchmnt/run/runmqserver
+mkdir -p $mnt_mq/run/runmqserver
+chown 888:888 $mnt_mq/run/runmqserver
 
 # Remove the directory structure under /var/mqm which was created by the installer
-rm -rf $scratchmnt/var/mqm
+rm -rf $mnt_mq/var/mqm
 
 # Create the mount point for volumes
-mkdir -p $scratchmnt/mnt/mqm
+mkdir -p $mnt_mq/mnt/mqm
 
 # Create a symlink for /var/mqm -> /mnt/mqm/data
-buildah run $ctr -- ln -s /mnt/mqm/data /var/mqm
+buildah run $ctr_mq -- ln -s /mnt/mqm/data /var/mqm
 
 # Optional: Set these values for the IBM Cloud Vulnerability Report
-sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' $scratchmnt/etc/login.defs
-sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' $scratchmnt/etc/login.defs
-sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' $scratchmnt/etc/pam.d/password-auth
+sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' $mnt_mq/etc/login.defs
+sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' $mnt_mq/etc/login.defs
+sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' $mnt_mq/etc/pam.d/password-auth
+
+buildah run $ctr_mq -- cp -rs /opt/mqm/licenses/ /
diff --git a/mq-advanced-server-rhel/mq-buildah.sh b/mq-advanced-server-rhel/mq-buildah.sh
index 78c45273..c8690247 100755
--- a/mq-advanced-server-rhel/mq-buildah.sh
+++ b/mq-advanced-server-rhel/mq-buildah.sh
@@ -26,8 +26,6 @@ set -e
 # Setup MQ server working container
 ###############################################################################
 
-# Use a "scratch" container, so the resulting image has minimal files
-# Resulting image won't have yum, for example
 readonly ctr_mq=$(buildah from rhel7)
 readonly mnt_mq=$(buildah mount $ctr_mq)
 readonly archive=downloads/$1
@@ -40,6 +38,11 @@ readonly mqdev=$5
 # Install MQ server
 ###############################################################################
 
+groupadd --root ${mnt_mq} --system --gid 888 mqm
+useradd --root ${mnt_mq} --system --uid 888 --gid mqm mqm
+usermod --root ${mnt_mq} -aG root mqm
+usermod --root ${mnt_mq} -aG mqm root
+
 # Install the packages required by MQ
 buildah run $ctr_mq -- yum install -y --setopt install_weak_deps=false --setopt=tsflags=nodocs --setopt=override_install_langs=en_US.utf8 \
   bash \
@@ -84,8 +87,6 @@ else
   DISNAME="IBM MQ Advanced Server"
 fi
 
-
-
 buildah config \
   --port 1414/tcp \
   --port 9157/tcp \
@@ -97,6 +98,10 @@ buildah config \
   --label name="${tag%:*}" \
   --label vendor="IBM" \
   --label version="$version" \
+  --label release="1" \
+  --label run="docker run -d -e LICENSE=accept --name ibm-mq ${tag%:*}" \
+  --label summary="$DISNAME" \
+  --label description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
   --env AMQ_ADDITIONAL_JSON_LOG=1 \
   --env LANG=en_US.UTF-8 \
   --env LOG_FORMAT=basic \
diff --git a/mq-advanced-server-rhel/mq-golang-sdk-buildah.sh b/mq-advanced-server-rhel/mq-golang-sdk-buildah.sh
index bf64669c..60add5a7 100755
--- a/mq-advanced-server-rhel/mq-golang-sdk-buildah.sh
+++ b/mq-advanced-server-rhel/mq-golang-sdk-buildah.sh
@@ -23,25 +23,32 @@ readonly tag=$2
 # Use plain RHEL 7 container
 # Note: Red Hat's devtools/go-toolset-7-rhel7 image doesn't allow use of 'root'
 # user required for installing the MQ SDK
-readonly ctr=$(buildah from rhel7)
-readonly mnt=$(buildah mount $ctr)
+readonly ctr_mq=$(buildah from rhel7)
+readonly mnt_mq=$(buildah mount $ctr_mq)
+
+# Add mqm user
+groupadd --root $mnt_mq --system --gid 888 mqm
+useradd --root $mnt_mq --system --uid 888 --gid mqm mqm
+usermod --root $mnt_mq -aG root mqm
+usermod --root $mnt_mq -aG mqm root
 
 # Enable Yum repository for "optional" RPMs, which is needed for "golang"
-buildah run ${ctr} -- yum-config-manager --enable rhel-7-server-optional-rpms
+buildah run ${ctr_mq} -- yum-config-manager --enable rhel-7-server-optional-rpms
 # Install Go compiler
-buildah run ${ctr} -- yum install -y golang git gcc
+buildah run ${ctr_mq} -- yum install -y golang git gcc
+
 # Install the MQ SDK into the Go builder image
-./mq-advanced-server-rhel/install-mq-rhel.sh ${ctr} "${mnt}" "${mq_archive}" "MQSeriesRuntime-*.rpm MQSeriesSDK-*.rpm MQSeriesSamples*.rpm"
+./mq-advanced-server-rhel/install-mq-rhel.sh ${ctr_mq} "${mnt_mq}" "${mq_archive}" "MQSeriesRuntime-*.rpm MQSeriesSDK-*.rpm MQSeriesSamples*.rpm"
 # Clean up Yum files
-buildah run ${ctr} -- yum clean all --releasever 7
-rm -rf ${mnt}/var/cache/yum/*
-buildah unmount ${ctr}
+buildah run ${ctr_mq} -- yum clean all --releasever 7
+rm -rf ${mnt_mq}/var/cache/yum/*
+buildah unmount ${ctr_mq}
 # Set environment variables for MQ/Go compilation
 buildah config \
   --os linux \
   --env CGO_CFLAGS="-I/opt/mqm/inc/" \
   --env CGO_LDFLAGS_ALLOW="-Wl,-rpath.*" \
-  ${ctr}
-buildah commit ${ctr} ${tag}
+  ${ctr_mq}
+buildah commit ${ctr_mq} ${tag}
 
-buildah rm ${ctr}
+buildah rm ${ctr_mq}
diff --git a/mq-advanced-server-rhel/mqdev-buildah.sh b/mq-advanced-server-rhel/mqdev-buildah.sh
index a2dcaf0e..17ce1899 100755
--- a/mq-advanced-server-rhel/mqdev-buildah.sh
+++ b/mq-advanced-server-rhel/mqdev-buildah.sh
@@ -35,11 +35,12 @@ readonly tag=$2
 readonly version=$3
 
 
-useradd --root $mnt_mq --system --uid 889 --gid mqm admin
-groupadd --root $mnt_mq --system --gid 890 mqclient
-useradd --root $mnt_mq --system --uid 890 --gid mqclient app
+useradd --root $mnt_mq --gid mqm admin
+groupadd --root $mnt_mq --system mqclient
+useradd --root $mnt_mq --gid mqclient app
 
-buildah run $ctr -- echo admin:passw0rd | chpasswd
+buildah run $ctr_mq -- id admin
+buildah run $ctr_mq -- sh -c "echo admin:passw0rd | chpasswd"
 
 mkdir -p $mnt_mq/run/runmqdevserver
 chown 888:888 $mnt_mq/run/runmqdevserver
@@ -69,6 +70,10 @@ buildah config \
   --label name="${tag%:*}" \
   --label vendor="IBM" \
   --label version="$version" \
+  --label release="1" \
+  --label run="docker run -d -e LICENSE=accept --name ibm-mq-dev ${tag%:*}" \
+  --label summary="IBM MQ Advanced Server Developer Edition" \
+  --label description="IBM MQ is messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.  It uses message queues to facilitate the exchanges of information and offers a single messaging solution for cloud, mobile, Internet of Things (IoT) and on-premises environments." \
   --env AMQ_ADDITIONAL_JSON_LOG=1 \
   --env LANG=en_US.UTF-8 \
   --env LOG_FORMAT=basic \