marklogic
diff --git a/‎.gitignore
+1 b/‎.gitignore
+1
diff --git a/‎Jenkinsfile
+44-34 b/‎Jenkinsfile
+44-34
diff --git a/‎Makefile
+33-23 b/‎Makefile
+33-23
diff --git a/‎dockerFiles/marklogic-deps-centos:base
+1-1 b/‎dockerFiles/marklogic-deps-centos:base
+1-1
diff --git a/‎dockerFiles/marklogic-deps-ubi:base
+30 b/‎dockerFiles/marklogic-deps-ubi:base
+30
@@ -27,3 +27,4 @@ test/test_results/*
 test/log.html
 test/report.html
 test/output.xml
+test/python_env/*
@@ -136,7 +136,7 @@ void copyRPMs() {
         error "Invalid value in marklogicVersion parameter."
     }
     sh """
-        cd src/centos
+        cd src
         if [ -z ${env.ML_RPM} ]; then
             wget --no-verbose https://bed-artifactory.bedford.progress.com:443/artifactory/ml-rpm-tierpoint/${RPMbranch}/server/MarkLogic-${RPMversion}${RPMsuffix}.x86_64.rpm
         else
@@ -149,43 +149,47 @@ void copyRPMs() {
         fi
     """
     script {
-        RPM = sh(returnStdout: true, script: 'cd src/centos;file MarkLogic-*.rpm | cut -d: -f1').trim()
-        CONVERTERS = sh(returnStdout: true, script: 'cd src/centos;file MarkLogicConverters-*.rpm | cut -d: -f1').trim()
+        RPM = sh(returnStdout: true, script: 'cd src;file MarkLogic-*.rpm | cut -d: -f1').trim()
+        CONVERTERS = sh(returnStdout: true, script: 'cd src;file MarkLogicConverters-*.rpm | cut -d: -f1').trim()
         mlVersion = sh(returnStdout: true, script: "echo ${RPM}|  awk -F \"MarkLogic-\" '{print \$2;}'  | awk -F \".x86_64.rpm\"  '{print \$1;}' | awk -F \"-rhel\"  '{print \$1;}' ").trim()
     }
 }
 
+void buildDockerImage() {
+    sh "make build docker_image_type=${dockerImageType} version=${mlVersion}-${env.dockerImageType}-${env.dockerVersion} build_branch=${env.BRANCH_NAME} package=${RPM} converters=${CONVERTERS}"
+    currentBuild.displayName = "#${BUILD_NUMBER} ${mlVersion}-${env.dockerImageType}-${env.dockerVersion}"
+}
+
 void structureTests() {
     sh """
-        cd test
-        #insert current version
-        sed -i -e 's^VERSION_PLACEHOLDER^${mlVersion}-${env.platformString}-${env.dockerVersion}^g' -e 's^BRANCH_PLACEHOLDER^${env.BRANCH_NAME}^g' ./structure-test.yaml
-        cd ..
-        curl -s -LO https://storage.googleapis.com/container-structure-test/v1.11.0/container-structure-test-linux-amd64 && chmod +x container-structure-test-linux-amd64 && mv container-structure-test-linux-amd64 container-structure-test
-        make structure-test version=${mlVersion}-${env.platformString}-${env.dockerVersion} Jenkins=true
-        #fix junit output
-        sed -i -e 's/<\\/testsuites>//' -e 's/<testsuite>//' -e 's/<testsuites/<testsuite name="container-structure-test"/' ./container-structure-test.xml
+        #install container-structure-test 1.16.0 binary
+        curl -s -LO https://storage.googleapis.com/container-structure-test/v1.16.0/container-structure-test-linux-amd64 && chmod +x container-structure-test-linux-amd64 && mv container-structure-test-linux-amd64 container-structure-test
+        make structure-test current_image=marklogic/marklogic-server-${dockerImageType}:${mlVersion}-${env.dockerImageType}-${env.dockerVersion} version=${mlVersion}-${env.dockerImageType}-${env.dockerVersion} build_branch=${env.BRANCH_NAME} docker_image_type=${env.dockerImageType} Jenkins=true
     """
 }
 
+void dockerTests() {
+    sh "make docker-tests current_image=marklogic/marklogic-server-${dockerImageType}:${mlVersion}-${env.dockerImageType}-${env.dockerVersion} version=${mlVersion}-${env.dockerImageType}-${env.dockerVersion} build_branch=${env.BRANCH_NAME} docker_image_type=${dockerImageType}"
+}
+
 void lint() {
-    IMAGE_INFO = sh(returnStdout: true, script: 'docker  images | grep \"marklogic-server-centos\"')
+    IMAGE_INFO = sh(returnStdout: true, script: 'docker images | grep \"marklogic-server-'+"${dockerImageType}"+'\"')
 
-    sh '''
+    sh """
         make lint Jenkins=true
-        cat start-marklogic-lint.txt marklogic-deps-centos-base-lint.txt marklogic-server-centos-base-lint.txt
-    '''
+        cat start-scripts-lint.txt dockerfile-lint.txt
+    """
 
-    LINT_OUTPUT = sh(returnStdout: true, script: 'echo start-marklogic.sh: ;echo; cat start-marklogic-lint.txt; echo dockerfile-marklogic-server-centos: ; echo marklogic-deps-centos:base: ;echo; cat marklogic-deps-centos-base-lint.txt; echo marklogic-server-centos:base: ;echo; cat marklogic-server-centos-base-lint.txt').trim()
+    LINT_OUTPUT = sh(returnStdout: true, script: "echo start-scripts-lint.txt: ;echo; cat start-scripts-lint.txt; echo; echo dockerfile-lint.txt: ; cat dockerfile-lint.txt; echo").trim()
 
-    sh '''
-        rm -f start-marklogic-lint.txt marklogic-deps-centos-base-lint.txt marklogic-server-centos-base-lint.txt
-    '''
+    sh """
+        rm -f start-scripts-lint.txt dockerfile-lint.txt
+    """
 }
 
-void scan() {
+void vulnerabilityScan() {
     sh """
-        make scan version=${mlVersion}-${env.platformString}-${env.dockerVersion} Jenkins=true
+        make scan current_image=marklogic/marklogic-server-${dockerImageType}:${mlVersion}-${env.dockerImageType}-${env.dockerVersion} Jenkins=true
         grep \'High\\|Critical\' scan-server-image.txt
     """
 
@@ -198,11 +202,16 @@ void scan() {
 }
 
 void publishToInternalRegistry() {
-    publishTag="${mlVersion}-${env.platformString}-${env.dockerVersion}"
+    currentImage="marklogic/marklogic-server-${dockerImageType}:${mlVersion}-${env.dockerImageType}-${env.dockerVersion}"
+    mlVerShort=mlVersion.split("\\.")[0]
+    latestTag="marklogic/marklogic-server-${dockerImageType}:latest-${mlVerShort}"
     withCredentials([usernamePassword(credentialsId: 'builder-credentials-artifactory', passwordVariable: 'docker_password', usernameVariable: 'docker_user')]) {
         sh """
             echo "${docker_password}" | docker login --username ${docker_user} --password-stdin ${dockerRegistry}
-            make push-mlregistry version=${publishTag}
+            docker tag ${currentImage} ${dockerRegistry}/${currentImage}
+            docker tag ${currentImage} ${dockerRegistry}/${latestTag}
+            docker push ${dockerRegistry}/${currentImage}
+            docker push ${dockerRegistry}/${latestTag}
         """
 
     }
@@ -216,13 +225,13 @@ void publishToInternalRegistry() {
             ]]) {
                 sh """
                     aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 713759029616.dkr.ecr.us-west-2.amazonaws.com
-                    docker tag local-dev/marklogic-server-centos:${publishTag} 713759029616.dkr.ecr.us-west-2.amazonaws.com/ml-docker-nightly:${publishTag}
-	                docker push 713759029616.dkr.ecr.us-west-2.amazonaws.com/ml-docker-nightly:${publishTag}
+                    docker tag ${currentImage} 713759029616.dkr.ecr.us-west-2.amazonaws.com/ml-docker-nightly:${mlVersion}-${env.dockerImageType}-${env.dockerVersion}
+	                docker push 713759029616.dkr.ecr.us-west-2.amazonaws.com/ml-docker-nightly:${mlVersion}-${env.dockerImageType}-${env.dockerVersion}
                 """
             }
     }
 
-    currentBuild.description = "Publish ${publishTag}" 
+    currentBuild.description = "Published"
 }
 
 void publishTestResults() {
@@ -242,9 +251,10 @@ pipeline {
         skipStagesAfterUnstable()
     }
     triggers {
-        parameterizedCron( env.BRANCH_NAME == 'develop' ? '''00 03 * * * % marklogicVersion=10
-                                                             00 04 * * * % marklogicVersion=11
-                                                             00 05 * * * % marklogicVersion=12''' : '')
+        parameterizedCron( env.BRANCH_NAME == 'develop' ? '''00 03 * * * % marklogicVersion=10 dockerImageType=centos
+                                                             00 04 * * * % marklogicVersion=11 dockerImageType=centos
+                                                             00 05 * * * % marklogicVersion=12 dockerImageType=centos
+                                                             00 06 * * * % marklogicVersion=11 dockerImageType=ubi''' : '')
     }
     environment {
         QA_LICENSE_KEY = credentials('QA_LICENSE_KEY')
@@ -253,7 +263,7 @@ pipeline {
     parameters {
         string(name: 'emailList', defaultValue: emailList, description: 'List of email for build notification', trim: true)
         string(name: 'dockerVersion', defaultValue: '1.1.2', description: 'ML Docker version. This version along with ML rpm package version will be the image tag as {ML_Version}_{dockerVersion}', trim: true)
-        string(name: 'platformString', defaultValue: 'centos', description: 'Platform string for Docker image version. Will be made part of the docker image tag', trim: true)
+        choice(name: 'dockerImageType', choices: 'centos\nubi\nubi-rootless', description: 'Platform type for Docker image. Will be made part of the docker image tag')
         choice(name: 'marklogicVersion', choices: '11\n12\n10', description: 'MarkLogic Server Branch. used to pick appropriate rpm')
         string(name: 'ML_RPM', defaultValue: '', description: 'URL for RPM to be used for Image creation. \n If left blank nightly ML rpm will be used.\n Please provide Jenkins accessible path e.g. /project/engineering or /project/qa', trim: true)
         string(name: 'ML_CONVERTERS', defaultValue: '', description: 'URL for the converters RPM to be included in the image creation \n If left blank the nightly ML Converters Package will be used.', trim: true)
@@ -277,7 +287,7 @@ pipeline {
 
         stage('Build-Image') {
             steps {
-                sh "make build version=${mlVersion}-${env.platformString}-${env.dockerVersion} build_branch=${env.BRANCH_NAME} package=${RPM} converters=${CONVERTERS}"
+                buildDockerImage()
             }
         }
 
@@ -289,7 +299,7 @@ pipeline {
 
         stage('Scan') {
             steps {
-                scan()
+                vulnerabilityScan()
             }
         }
 
@@ -307,7 +317,7 @@ pipeline {
                 expression { return params.DOCKER_TESTS }
             }
             steps {
-                sh "make docker-tests test_image=local-dev/marklogic-server-centos:${mlVersion}-${env.platformString}-${env.dockerVersion} version=${mlVersion}-${env.platformString}-${env.dockerVersion} build_branch=${env.BRANCH_NAME}"
+                dockerTests()
             }
         }
 
@@ -327,7 +337,7 @@ pipeline {
     post {
         always {
             sh '''
-                cd src/centos
+                cd src
                 rm -rf *.rpm
                 docker rm -f $(docker ps -a -q) || true
                 docker system prune --force --filter "until=720h"
 
@@ -1,64 +1,74 @@
 version?=internal
 package?=MarkLogic.rpm
-REPONAME=local-dev
-docker_registry?=ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com
-repoDir=marklogic
+repo_dir=marklogic
 docker_build_options=--compress
-test_image?=${docker_registry}/${repoDir}/marklogic-server-centos:${version}
 build_branch?=local
+docker_image_type?=ubi
+current_image?=${repo_dir}/marklogic-server-${docker_image_type}:${version}
 
 #***************************************************************************
-# build docker images
+# build docker image
 #***************************************************************************
 build:
-	cd src/centos/; docker build ${docker_build_options} -t "${REPONAME}/marklogic-deps-centos:${version}" -f ../../dockerFiles/marklogic-deps-centos:base .
-	cd src/centos/; docker build ${docker_build_options} -t "${REPONAME}/marklogic-server-centos:${version}" --build-arg BASE_IMAGE=${REPONAME}/marklogic-deps-centos:${version} --build-arg ML_RPM=${package} --build-arg ML_USER=marklogic_user --build-arg ML_VERSION=${version} --build-arg ML_CONVERTERS=${converters} --build-arg BUILD_BRANCH=${build_branch} -f ../../dockerFiles/marklogic-server-centos:base .
-
+#ubi-rootless uses the same dependencies as ubi image
+ifeq ($(docker_image_type),ubi-rootless)
+	cp dockerFiles/marklogic-deps-ubi\:base dockerFiles/marklogic-deps-ubi-rootless\:base
+endif
+	cd src/; docker build ${docker_build_options} -t "${repo_dir}/marklogic-deps-${docker_image_type}:${version}" -f ../dockerFiles/marklogic-deps-${docker_image_type}:base .
+	cd src/; docker build ${docker_build_options} -t "${repo_dir}/marklogic-server-${docker_image_type}:${version}" --build-arg BASE_IMAGE=${repo_dir}/marklogic-deps-${docker_image_type}:${version} --build-arg ML_RPM=${package} --build-arg ML_USER=marklogic_user --build-arg ML_VERSION=${version} --build-arg ML_CONVERTERS=${converters} --build-arg BUILD_BRANCH=${build_branch} -f ../dockerFiles/marklogic-server-${docker_image_type}:base .
+	rm -f dockerFiles/marklogic-deps-ubi-rootless\:base
 #***************************************************************************
 # strcture test docker images
 #***************************************************************************
 structure-test:
-	container-structure-test test --config ./test/structure-test.yaml --image ${REPONAME}/marklogic-server-centos:${version} \
+ifeq ($(docker_image_type),ubi-rootless)
+	@echo type is ${docker_image_type}
+	sed -i -e 's^DOCKER_PID_PLACEHOLDER^/home/marklogic_user/MarkLogic.pid^g' ./test/structure-test.yaml
+else
+	@echo type is ${docker_image_type}
+	sed -i -e 's^DOCKER_PID_PLACEHOLDER^/var/run/MarkLogic.pid^g' ./test/structure-test.yaml
+endif
+	sed -i -e 's^VERSION_PLACEHOLDER^${version}^g' ./test/structure-test.yaml
+	sed -i -e 's^BRANCH_PLACEHOLDER^${build_branch}^g' ./test/structure-test.yaml
+	container-structure-test test --config ./test/structure-test.yaml --image ${current_image} \
 		$(if $(Jenkins), --output junit | tee container-structure-test.xml,)
 
 #***************************************************************************
 # docker image tests
 #***************************************************************************
 docker-tests: 
 	cd test; python3 -m venv python_env
-	cd test; source ./python_env/bin/activate; pip3 install -r requirements.txt; robot -x docker-tests.xml --outputdir test_results --variable TEST_IMAGE:${test_image} --variable MARKLOGIC_VERSION:${version} --variable BUILD_BRANCH:${build_branch} --maxerrorlines 9999 ./docker-tests.robot; deactivate
+	cd test; source ./python_env/bin/activate; pip3 install -r requirements.txt; robot -x docker-tests.xml --outputdir test_results --randomize all --variable TEST_IMAGE:${current_image} --variable MARKLOGIC_VERSION:${version} --variable BUILD_BRANCH:${build_branch} --variable IMAGE_TYPE:${docker_image_type} --maxerrorlines 9999 ./docker-tests.robot; deactivate
 	rm -r test/python_env/
 
 #***************************************************************************
 # run all tests
 #***************************************************************************
 .PHONY: test
 test: structure-test docker-tests
-	
-#***************************************************************************
-# push docker images to mlregistry.marklogic.com
-#***************************************************************************
-push-mlregistry:
-	docker tag ${REPONAME}/marklogic-server-centos:${version} ${docker_registry}/${repoDir}/marklogic-server-centos:${version}
-	docker push ${docker_registry}/${repoDir}/marklogic-server-centos:${version}
 
 #***************************************************************************
-# run lint checker on Dockerfiles, print linting issues but do not fail the build
+# run lint checker on shell scripts and Dockerfiles, print linting issues but do not fail the build
 #***************************************************************************
+
 lint:
-	docker run --rm -v "${PWD}:/mnt" koalaman/shellcheck:stable src/centos/scripts/start-marklogic.sh $(if $(Jenkins), > start-marklogic-lint.txt,)
-	docker run --rm -i -v "${PWD}/hadolint.yaml":/.config/hadolint.yaml ghcr.io/hadolint/hadolint < dockerFiles/marklogic-deps-centos:base $(if $(Jenkins), > marklogic-deps-centos-base-lint.txt,)
-	docker run --rm -i -v "${PWD}/hadolint.yaml":/.config/hadolint.yaml ghcr.io/hadolint/hadolint < dockerFiles/marklogic-server-centos:base $(if $(Jenkins), > marklogic-server-centos-base-lint.txt,)
+	docker run --rm -v "${PWD}:/mnt" koalaman/shellcheck:stable src/scripts/*.sh $(if $(Jenkins), > start-scripts-lint.txt,)
+
+	@for dockerFile in $(shell ls ./dockerFiles/); do\
+	    echo "Lint results for $${dockerFile}" $(if $(Jenkins), >> dockerfile-lint.txt,) ; \
+		docker run --rm -i -v "${PWD}/hadolint.yaml":/.config/hadolint.yaml ghcr.io/hadolint/hadolint < dockerFiles/$${dockerFile} $(if $(Jenkins), >> dockerfile-lint.txt,);\
+		echo $(if $(Jenkins), >> dockerfile-lint.txt,) ;\
+	done
 
 #***************************************************************************
 # security scan docker images
 #***************************************************************************
 scan:
-	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock anchore/grype:latest ${REPONAME}/marklogic-server-centos:${version} $(if $(Jenkins), > scan-server-image.txt,)
+	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock anchore/grype:latest ${current_image} $(if $(Jenkins), > scan-server-image.txt,)
 
 #***************************************************************************
 # remove junk
 #***************************************************************************
 clean:
 	rm -f *.log
-	rm -f *.rpm
+	rm -f *.rpm
@@ -8,7 +8,7 @@ FROM centos:centos7
 LABEL "com.marklogic.maintainer"="[email protected]"
 
 ###############################################################
-# install networking, base deps and ntp/tzdata for timezone
+# install networking, base deps and tzdata for timezone
 ###############################################################
 
 RUN echo "NETWORKING=yes" > /etc/sysconfig/network \
 
@@ -0,0 +1,30 @@
+###############################################################
+#
+#   Copyright (c) 2023 MarkLogic Corporation
+#
+###############################################################
+
+FROM registry.access.redhat.com/ubi8/ubi-minimal
+LABEL "com.marklogic.maintainer"="[email protected]"
+
+###############################################################
+# install libnsl rpm package
+###############################################################
+
+RUN microdnf install -y wget \
+    && wget --quiet https://bed-artifactory.bedford.progress.com:443/artifactory/ml-rpm-release-tierpoint/devdependencies/libnsl-2.28-236.el8_9.12.x86_64.rpm \
+    && rpm -i libnsl-2.28-236.el8_9.12.x86_64.rpm \
+    && rm libnsl-2.28-236.el8_9.12.x86_64.rpm
+
+###############################################################
+# install networking, base deps and tzdata for timezone
+###############################################################
+
+RUN echo "NETWORKING=yes" > /etc/sysconfig/network \
+    && microdnf -y update \
+    && microdnf -y install gdb.x86_64 glibc.i686 libstdc++.i686 libgcc.i686 initscripts redhat-lsb-core.x86_64 tzdata \
+    && microdnf clean all
+
+###############################################################
+# platform configurations
+###############################################################