From 27530d976c6b14d3d01a40292b12361580f49fc9 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Fri, 30 Aug 2024 19:59:50 -0500
Subject: [PATCH] Update DS test scripts

---
 .github/workflows/pki-ca-test.yml  |  19 +-
 .github/workflows/pki-tps-test.yml |  26 +--
 tests/bin/ds-create.sh             | 276 +++++++++++++++++++++++++++--
 tests/bin/ds-remove.sh             | 125 ++++++++++++-
 tests/bin/ds-start.sh              | 153 ++++++++++++++++
 tests/bin/ds-stop.sh               |  95 ++++++++++
 6 files changed, 656 insertions(+), 38 deletions(-)
 create mode 100755 tests/bin/ds-start.sh
 create mode 100755 tests/bin/ds-stop.sh

diff --git a/.github/workflows/pki-ca-test.yml b/.github/workflows/pki-ca-test.yml
index 5d6681970..d02150b21 100644
--- a/.github/workflows/pki-ca-test.yml
+++ b/.github/workflows/pki-ca-test.yml
@@ -4,6 +4,7 @@ on: workflow_call
 
 env:
   NAMESPACE: ${{ vars.REGISTRY_NAMESPACE || 'dogtagpki' }}
+  DS_IMAGE: ${{ vars.DS_IMAGE || 'jss-runner' }}
 
 jobs:
   test:
@@ -29,8 +30,10 @@ jobs:
 
       - name: Set up DS container
         run: |
-          tests/bin/runner-init.sh \
+          tests/bin/ds-create.sh \
+              --image=${{ env.DS_IMAGE }} \
               --hostname=ds.example.com \
+              --password=Secret.123 \
               --network=example \
               --network-alias=ds.example.com \
               ds
@@ -76,7 +79,6 @@ jobs:
       - name: Install packages
         run: |
           # install packages on server
-          docker exec ds dnf install -y 389-ds-base
           docker cp /tmp/RPMS/. pki:/root/RPMS/
           docker exec pki bash -c "dnf localinstall -y /root/RPMS/*"
 
@@ -88,15 +90,12 @@ jobs:
           docker cp /tmp/RPMS/. client2:/root/RPMS/
           docker exec client2 bash -c "dnf localinstall -y /root/RPMS/*"
 
-      - name: Install DS
-        run: docker exec ds ${SHARED}/tests/bin/ds-create.sh
-
       - name: Install CA
         run: |
           docker exec pki pkispawn \
               -f /usr/share/pki/server/examples/installation/ca.cfg \
               -s CA \
-              -D pki_ds_url=ldap://ds.example.com:389 \
+              -D pki_ds_url=ldap://ds.example.com:3389 \
               -v
 
           # set buffer size to 0 so that revocation takes effect immediately
@@ -529,14 +528,16 @@ jobs:
       - name: Remove CA
         run: docker exec pki pkidestroy -i pki-tomcat -s CA -v
 
-      - name: Remove DS
-        run: docker exec ds ${SHARED}/tests/bin/ds-remove.sh
-
       - name: Check DS server systemd journal
         if: always()
         run: |
           docker exec ds journalctl -x --no-pager -u dirsrv@localhost.service
 
+      - name: Check DS container logs
+        if: always()
+        run: |
+          docker logs ds
+
       - name: Check PKI server systemd journal
         if: always()
         run: |
diff --git a/.github/workflows/pki-tps-test.yml b/.github/workflows/pki-tps-test.yml
index 5eaf198c7..7b5974bfd 100644
--- a/.github/workflows/pki-tps-test.yml
+++ b/.github/workflows/pki-tps-test.yml
@@ -4,6 +4,7 @@ on: workflow_call
 
 env:
   NAMESPACE: ${{ vars.REGISTRY_NAMESPACE || 'dogtagpki' }}
+  DS_IMAGE: ${{ vars.DS_IMAGE || 'jss-runner' }}
 
 jobs:
   test:
@@ -29,8 +30,10 @@ jobs:
 
       - name: Set up DS container
         run: |
-          tests/bin/runner-init.sh \
+          tests/bin/ds-create.sh \
+              --image=${{ env.DS_IMAGE }} \
               --hostname=ds.example.com \
+              --password=Secret.123 \
               --network=example \
               --network-alias=ds.example.com \
               ds
@@ -57,19 +60,15 @@ jobs:
 
       - name: Install packages
         run: |
-          docker exec ds dnf install -y 389-ds-base
           docker cp /tmp/RPMS/. pki:/root/RPMS/
           docker exec pki bash -c "dnf localinstall -y /root/RPMS/*"
 
-      - name: Install DS
-        run: docker exec ds ${SHARED}/tests/bin/ds-create.sh
-
       - name: Install CA
         run: |
           docker exec pki pkispawn \
               -f /usr/share/pki/server/examples/installation/ca.cfg \
               -s CA \
-              -D pki_ds_url=ldap://ds.example.com:389 \
+              -D pki_ds_url=ldap://ds.example.com:3389 \
               -v
 
       - name: Install TKS
@@ -77,7 +76,7 @@ jobs:
           docker exec pki pkispawn \
               -f /usr/share/pki/server/examples/installation/tks.cfg \
               -s TKS \
-              -D pki_ds_url=ldap://ds.example.com:389 \
+              -D pki_ds_url=ldap://ds.example.com:3389 \
               -v
 
       - name: Install TPS
@@ -85,8 +84,8 @@ jobs:
           docker exec pki pkispawn \
               -f /usr/share/pki/server/examples/installation/tps.cfg \
               -s TPS \
-              -D pki_ds_url=ldap://ds.example.com:389 \
-              -D pki_authdb_url=ldap://ds.example.com:389 \
+              -D pki_ds_url=ldap://ds.example.com:3389 \
+              -D pki_authdb_url=ldap://ds.example.com:3389 \
               -v
 
       - name: Check TPS admin
@@ -108,12 +107,12 @@ jobs:
         run: |
           # import sample TPS users
           docker exec pki ldapadd \
-              -H ldap://ds.example.com:389 \
+              -H ldap://ds.example.com:3389 \
               -D "cn=Directory Manager" \
               -w Secret.123 \
               -f /usr/share/pki/tps/auth/ds/create.ldif
           docker exec pki ldapadd \
-              -H ldap://ds.example.com:389 \
+              -H ldap://ds.example.com:3389 \
               -D "cn=Directory Manager" \
               -w Secret.123 \
               -f /usr/share/pki/tps/auth/ds/example.ldif
@@ -182,6 +181,11 @@ jobs:
         run: |
           docker exec ds journalctl -x --no-pager -u dirsrv@localhost.service
 
+      - name: Check DS container logs
+        if: always()
+        run: |
+          docker logs ds
+
       - name: Check PKI server systemd journal
         if: always()
         run: |
diff --git a/tests/bin/ds-create.sh b/tests/bin/ds-create.sh
index 30210a666..b0fabb001 100755
--- a/tests/bin/ds-create.sh
+++ b/tests/bin/ds-create.sh
@@ -1,24 +1,268 @@
-#!/bin/bash -ex
+#!/bin/bash -e
 
-# This command needs to be executed as it pulls the machine name
-# dynamically.
-dscreate create-template ds.inf
+# https://fy.blackhats.net.au/blog/html/2020/03/28/389ds_in_containers.html
 
-sed -i \
-    -e "s/;instance_name = .*/instance_name = localhost/g" \
-    -e "s/;root_password = .*/root_password = Secret.123/g" \
-    -e "s/;suffix = .*/suffix = dc=example,dc=com/g" \
-    -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
-    ds.inf
+SCRIPT_PATH=$(readlink -f "$0")
+SCRIPT_NAME=$(basename "$SCRIPT_PATH")
+SCRIPT_DIR=$(dirname "$SCRIPT_PATH")
 
-dscreate from-file ds.inf
+SUFFIX=
+BASE_DN=
 
-ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
-dn: dc=example,dc=com
+VERBOSE=
+DEBUG=
+
+usage() {
+    echo "Usage: $SCRIPT_NAME [OPTIONS] <name>"
+    echo
+    echo "Options:"
+    echo "    --image=<image>          Container image (default: quay.io/389ds/dirsrv)"
+    echo "    --hostname=<hostname>    Container hostname"
+    echo "    --network=<network>      Container network"
+    echo "    --network-alias=<alias>  Container network alias"
+    echo "    --password=<password>    Directory Manager password"
+    echo "    --suffix=<DN>            Suffix (default: dc=example,dc=com)"
+    echo "    --base-dn=<DN>           Base DN (default: dc=pki,dc=example,dc=com)"
+    echo " -v,--verbose                Run in verbose mode."
+    echo "    --debug                  Run in debug mode."
+    echo "    --help                   Show help message."
+}
+
+while getopts v-: arg ; do
+    case $arg in
+    v)
+        VERBOSE=true
+        ;;
+    -)
+        LONG_OPTARG="${OPTARG#*=}"
+
+        case $OPTARG in
+        image=?*)
+            IMAGE="$LONG_OPTARG"
+            ;;
+        hostname=?*)
+            HOSTNAME="$LONG_OPTARG"
+            ;;
+        network=?*)
+            NETWORK="$LONG_OPTARG"
+            ;;
+        network-alias=?*)
+            ALIAS="$LONG_OPTARG"
+            ;;
+        password=?*)
+            PASSWORD="$LONG_OPTARG"
+            ;;
+        suffix=?*)
+            SUFFIX="$LONG_OPTARG"
+            ;;
+        base-dn=?*)
+            BASE_DN="$LONG_OPTARG"
+            ;;
+        verbose)
+            VERBOSE=true
+            ;;
+        debug)
+            VERBOSE=true
+            DEBUG=true
+            ;;
+        help)
+            usage
+            exit
+            ;;
+        '')
+            break # "--" terminates argument processing
+            ;;
+        image* | hostname* | network-alias* | network* | password* | \
+        suffix* | base-dn*)
+            echo "ERROR: Missing argument for --$OPTARG option" >&2
+            exit 1
+            ;;
+        *)
+            echo "ERROR: Illegal option --$OPTARG" >&2
+            exit 1
+            ;;
+        esac
+        ;;
+    \?)
+        exit 1 # getopts already reported the illegal option
+        ;;
+    esac
+done
+
+create_server() {
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Creating DS server"
+    fi
+
+    OPTIONS=()
+    OPTIONS+=("--hostname=$HOSTNAME")
+
+    if [ "$NETWORK" != "" ]
+    then
+        OPTIONS+=("--network=$NETWORK")
+    fi
+
+    if [ "$ALIAS" != "" ]
+    then
+        OPTIONS+=("--network-alias=$ALIAS")
+    fi
+
+    $SCRIPT_DIR/runner-init.sh "${OPTIONS[@]}" $NAME
+
+    docker exec $NAME dnf install -y 389-ds-base
+
+    docker exec $NAME dscreate create-template ds.inf
+
+    docker exec $NAME sed -i \
+        -e "s/;instance_name = .*/instance_name = localhost/g" \
+        -e "s/;port = .*/port = 3389/g" \
+        -e "s/;secure_port = .*/secure_port = 3636/g" \
+        -e "s/;root_password = .*/root_password = $PASSWORD/g" \
+        -e "s/;suffix = .*/suffix = $SUFFIX/g" \
+        -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
+        ds.inf
+
+    docker exec $NAME dscreate from-file ds.inf
+}
+
+create_container() {
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Creating DS volume"
+    fi
+
+    docker volume create $NAME-data > /dev/null
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Creating DS container"
+    fi
+
+    OPTIONS=()
+    OPTIONS+=(--name "$NAME")
+    OPTIONS+=(--hostname "$HOSTNAME")
+    OPTIONS+=(-v "$NAME-data:/data")
+    OPTIONS+=(-v "$GITHUB_WORKSPACE:$SHARED")
+    OPTIONS+=(-e "DS_DM_PASSWORD=$PASSWORD")
+    OPTIONS+=(-p 3389)
+    OPTIONS+=(-p 3636)
+
+    if [ "$NETWORK" != "" ]
+    then
+        OPTIONS+=(--network "$NETWORK")
+    fi
+
+    if [ "$ALIAS" != "" ]
+    then
+        OPTIONS+=(--network-alias "$ALIAS")
+    fi
+
+    docker create "${OPTIONS[@]}" $IMAGE > /dev/null
+
+    OPTIONS=()
+    OPTIONS+=("--image=$IMAGE")
+    OPTIONS+=("--password=$PASSWORD")
+
+    $SCRIPT_DIR/ds-start.sh "${OPTIONS[@]}" $NAME
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Creating certs folder"
+    fi
+
+    docker exec $NAME mkdir -p /data/tls/ca
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Creating database backend"
+    fi
+
+    docker exec $NAME dsconf localhost backend create \
+        --suffix "$SUFFIX" \
+        --be-name userRoot > /dev/null
+
+    docker exec $NAME dsconf localhost backend suffix list
+}
+
+add_base_entries() {
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Adding base entries"
+    fi
+
+    SUFFIX_DC=$(echo "$SUFFIX" | sed 's/^dc=\([^,]*\),.*$/\1/')
+    BASE_DC=$(echo "$BASE_DN" | sed 's/^dc=\([^,]*\),.*$/\1/')
+
+    docker exec -i $NAME ldapadd \
+        -H ldap://$HOSTNAME:3389 \
+        -D "cn=Directory Manager" \
+        -w $PASSWORD \
+        -x > /dev/null << EOF
+dn: $SUFFIX
 objectClass: domain
-dc: example
+dc: $SUFFIX_DC
 
-dn: dc=pki,dc=example,dc=com
+dn: $BASE_DN
 objectClass: domain
-dc: pki
+dc: $BASE_DC
 EOF
+}
+
+# remove parsed options and args from $@ list
+shift $((OPTIND-1))
+
+NAME=$1
+
+if [ "$NAME" = "" ]
+then
+    echo "ERROR: Missing container name"
+    exit 1
+fi
+
+if [ "$PASSWORD" = "" ]
+then
+    echo "Missing Directory Manager password"
+    exit 1
+fi
+
+if [ "$IMAGE" = "" ]
+then
+    IMAGE=quay.io/389ds/dirsrv
+fi
+
+if [ "$SUFFIX" = "" ] && [ "$BASE_DN" = "" ]
+then
+    SUFFIX="dc=example,dc=com"
+    BASE_DN="dc=pki,$SUFFIX"
+
+elif [ "$SUFFIX" = "" ]
+then
+    SUFFIX=$(echo "$BASE_DN" | sed 's/^dc=[^,]*,\(.*$\)/\1/')
+
+elif [ "$BASE_DN" = "" ]
+then
+    BASE_DN="dc=pki,$SUFFIX"
+fi
+
+if [ "$DEBUG" = true ] ; then
+    echo "NAME: $NAME"
+    echo "IMAGE: $IMAGE"
+    echo "SUFFIX: $SUFFIX"
+    echo "BASE_DN: $BASE_DN"
+fi
+
+if [ "$IMAGE" = "jss-runner" ]
+then
+    create_server
+else
+    create_container
+fi
+
+add_base_entries
+
+docker exec $NAME ldapsearch \
+    -H ldap://$HOSTNAME:3389 \
+    -D "cn=Directory Manager" \
+    -w $PASSWORD \
+    -x \
+    -b "$SUFFIX"
+
+echo "DS container is ready"
diff --git a/tests/bin/ds-remove.sh b/tests/bin/ds-remove.sh
index 87b76a72c..199349142 100755
--- a/tests/bin/ds-remove.sh
+++ b/tests/bin/ds-remove.sh
@@ -1,3 +1,124 @@
-#!/bin/bash -ex
+#!/bin/bash -e
 
-dsctl slapd-localhost remove --do-it
+# https://fy.blackhats.net.au/blog/html/2020/03/28/389ds_in_containers.html
+
+SCRIPT_PATH=$(readlink -f "$0")
+SCRIPT_NAME=$(basename "$SCRIPT_PATH")
+
+VERBOSE=
+DEBUG=
+
+usage() {
+    echo "Usage: $SCRIPT_NAME [OPTIONS] <name>"
+    echo
+    echo "Options:"
+    echo "    --image=<image>          Container image (default: quay.io/389ds/dirsrv)"
+    echo " -v,--verbose                Run in verbose mode."
+    echo "    --debug                  Run in debug mode."
+    echo "    --help                   Show help message."
+}
+
+while getopts v-: arg ; do
+    case $arg in
+    v)
+        VERBOSE=true
+        ;;
+    -)
+        LONG_OPTARG="${OPTARG#*=}"
+
+        case $OPTARG in
+        image=?*)
+            IMAGE="$LONG_OPTARG"
+            ;;
+        verbose)
+            VERBOSE=true
+            ;;
+        debug)
+            VERBOSE=true
+            DEBUG=true
+            ;;
+        help)
+            usage
+            exit
+            ;;
+        '')
+            break # "--" terminates argument processing
+            ;;
+        image*)
+            echo "ERROR: Missing argument for --$OPTARG option" >&2
+            exit 1
+            ;;
+        *)
+            echo "ERROR: Illegal option --$OPTARG" >&2
+            exit 1
+            ;;
+        esac
+        ;;
+    \?)
+        exit 1 # getopts already reported the illegal option
+        ;;
+    esac
+done
+
+NAME=$1
+
+if [ "$NAME" == "" ]
+then
+    echo "ERROR: Missing container name"
+    exit 1
+fi
+
+if [ "$IMAGE" = "" ]
+then
+    IMAGE=quay.io/389ds/dirsrv
+fi
+
+if [ "$DEBUG" = true ] ; then
+    echo "NAME: $NAME"
+    echo "IMAGE: $IMAGE"
+fi
+
+remove_server() {
+    if [ "$VERBOSE" = true ] ; then
+        echo "Removing DS server"
+    fi
+
+    docker exec $NAME dsctl slapd-localhost remove --do-it
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Removing DS container"
+    fi
+
+    docker rm $NAME > /dev/null
+
+    echo "DS server has been removed"
+}
+
+remove_container() {
+    if [ "$VERBOSE" = true ] ; then
+        echo "Stopping DS container"
+    fi
+
+    docker stop $NAME > /dev/null
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Removing DS container"
+    fi
+
+    docker rm $NAME > /dev/null
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Removing DS volume"
+    fi
+
+    docker volume rm $NAME-data > /dev/null
+
+    echo "DS container has been removed"
+}
+
+if [ "$IMAGE" = "jss-runner" ]
+then
+    remove_server
+else
+    remove_container
+fi
diff --git a/tests/bin/ds-start.sh b/tests/bin/ds-start.sh
new file mode 100755
index 000000000..22c5bd9f0
--- /dev/null
+++ b/tests/bin/ds-start.sh
@@ -0,0 +1,153 @@
+#!/bin/bash -e
+
+# https://fy.blackhats.net.au/blog/html/2020/03/28/389ds_in_containers.html
+
+SCRIPT_PATH=$(readlink -f "$0")
+SCRIPT_NAME=$(basename "$SCRIPT_PATH")
+
+VERBOSE=
+DEBUG=
+
+usage() {
+    echo "Usage: $SCRIPT_NAME [OPTIONS] <name>"
+    echo
+    echo "Options:"
+    echo "    --image=<image>          Container image (default: quay.io/389ds/dirsrv)"
+    echo "    --password=<password>    Directory Manager password"
+    echo " -v,--verbose                Run in verbose mode."
+    echo "    --debug                  Run in debug mode."
+    echo "    --help                   Show help message."
+}
+
+while getopts v-: arg ; do
+    case $arg in
+    v)
+        VERBOSE=true
+        ;;
+    -)
+        LONG_OPTARG="${OPTARG#*=}"
+
+        case $OPTARG in
+        image=?*)
+            IMAGE="$LONG_OPTARG"
+            ;;
+        password=?*)
+            PASSWORD="$LONG_OPTARG"
+            ;;
+        verbose)
+            VERBOSE=true
+            ;;
+        debug)
+            VERBOSE=true
+            DEBUG=true
+            ;;
+        help)
+            usage
+            exit
+            ;;
+        '')
+            break # "--" terminates argument processing
+            ;;
+        image* | password*)
+            echo "ERROR: Missing argument for --$OPTARG option" >&2
+            exit 1
+            ;;
+        *)
+            echo "ERROR: Illegal option --$OPTARG" >&2
+            exit 1
+            ;;
+        esac
+        ;;
+    \?)
+        exit 1 # getopts already reported the illegal option
+        ;;
+    esac
+done
+
+# remove parsed options and args from $@ list
+shift $((OPTIND-1))
+
+NAME=$1
+
+if [ "$NAME" = "" ]
+then
+    echo "ERROR: Missing container name"
+    exit 1
+fi
+
+if [ "$PASSWORD" = "" ]
+then
+    # TODO: remove default value
+    PASSWORD=Secret.123
+fi
+
+if [ "$MAX_WAIT" = "" ]
+then
+    MAX_WAIT=60 # seconds
+fi
+
+if [ "$IMAGE" = "" ]
+then
+    IMAGE=quay.io/389ds/dirsrv
+fi
+
+if [ "$DEBUG" = true ] ; then
+    echo "NAME: $NAME"
+    echo "IMAGE: $IMAGE"
+fi
+
+if [ "$VERBOSE" = true ] ; then
+    echo "Starting DS container"
+fi
+
+start_time=$(date +%s)
+
+rc=0
+if [ "$IMAGE" = "jss-runner" ]
+then
+    docker exec $NAME dsctl localhost start || rc=$?
+else
+    docker start $NAME > /dev/null || rc=$?
+fi
+
+if [ $rc -ne 0 ]
+then
+    exit 1
+fi
+
+HOSTNAME=$(docker exec $NAME uname -n)
+
+while :
+do
+    sleep 1
+
+    rc=0
+    docker exec $NAME \
+        ldapsearch \
+        -H ldap://$HOSTNAME:3389 \
+        -D "cn=Directory Manager" \
+        -w $PASSWORD \
+        -x \
+        -b "" \
+        -s base > /dev/null 2> /dev/null || rc=$?
+
+    if [ $rc -eq 0 ]
+    then
+        break
+    fi
+
+    current_time=$(date +%s)
+    elapsed_time=$(expr $current_time - $start_time)
+
+    if [ $elapsed_time -ge $MAX_WAIT ]
+    then
+        echo "DS container did not start after ${MAX_WAIT}s"
+        exit 1
+    fi
+
+    if [ "$VERBOSE" = true ] ; then
+        echo "Waiting for DS container to start (${elapsed_time}s)"
+    fi
+done
+
+echo "DS container is started"
diff --git a/tests/bin/ds-stop.sh b/tests/bin/ds-stop.sh
new file mode 100755
index 000000000..b294a7d0a
--- /dev/null
+++ b/tests/bin/ds-stop.sh
@@ -0,0 +1,95 @@
+#!/bin/bash -e
+
+# https://fy.blackhats.net.au/blog/html/2020/03/28/389ds_in_containers.html
+
+SCRIPT_PATH=$(readlink -f "$0")
+SCRIPT_NAME=$(basename "$SCRIPT_PATH")
+
+VERBOSE=
+DEBUG=
+
+usage() {
+    echo "Usage: $SCRIPT_NAME [OPTIONS] <name>"
+    echo
+    echo "Options:"
+    echo "    --image=<image>          Container image (default: quay.io/389ds/dirsrv)"
+    echo " -v,--verbose                Run in verbose mode."
+    echo "    --debug                  Run in debug mode."
+    echo "    --help                   Show help message."
+}
+
+while getopts v-: arg ; do
+    case $arg in
+    v)
+        VERBOSE=true
+        ;;
+    -)
+        LONG_OPTARG="${OPTARG#*=}"
+
+        case $OPTARG in
+        image=?*)
+            IMAGE="$LONG_OPTARG"
+            ;;
+        verbose)
+            VERBOSE=true
+            ;;
+        debug)
+            VERBOSE=true
+            DEBUG=true
+            ;;
+        help)
+            usage
+            exit
+            ;;
+        '')
+            break # "--" terminates argument processing
+            ;;
+        image*)
+            echo "ERROR: Missing argument for --$OPTARG option" >&2
+            exit 1
+            ;;
+        *)
+            echo "ERROR: Illegal option --$OPTARG" >&2
+            exit 1
+            ;;
+        esac
+        ;;
+    \?)
+        exit 1 # getopts already reported the illegal option
+        ;;
+    esac
+done
+
+# remove parsed options and args from $@ list
+shift $((OPTIND-1))
+
+NAME=$1
+
+if [ "$NAME" == "" ]
+then
+    echo "ERROR: Missing container name"
+    exit 1
+fi
+
+if [ "$IMAGE" = "" ]
+then
+    IMAGE=quay.io/389ds/dirsrv
+fi
+
+if [ "$DEBUG" = true ] ; then
+    echo "NAME: $NAME"
+    echo "IMAGE: $IMAGE"
+fi
+
+if [ "$VERBOSE" = true ] ; then
+    echo "Stopping DS container"
+fi
+
+if [ "$IMAGE" == "jss-runner" ]
+then
+    docker exec $NAME dsctl localhost stop
+else
+    docker stop $NAME > /dev/null
+fi
+
+echo "DS container is stopped"