Test changes for buldata web application split up

.github/workflows/integration.yml

@@ -33,6 +33,8 @@ jobs:
         mvn -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:resolve-plugins -f fhir-parent -DexcludeReactor=true -Dmaven.wagon.http.retryHandler.count=3
         mvn -B install --file fhir-parent -DskipTests -P include-fhir-igs,integration --no-transfer-progress -Dmaven.wagon.http.retryHandler.count=3
         docker build fhir-install --build-arg VERBOSE=false -t linuxforhealth/fhir-server
+        echo "Building fhir-bulkdata-server image!"
+        docker build fhir-install-bulkdata --build-arg VERBOSE=false -t linuxforhealth/fhir-bulkdata-server
     - name: free disk space
       run: |
         # create and remove a 200 MB file to make sure we have the room needed later
@@ -59,14 +61,31 @@ jobs:
         rm -fr ${it_results} 2>/dev/null
         mkdir -p ${it_results}/server-logs
         mkdir -p ${it_results}/fhir-server-test
-        containerId=$(docker ps -a | grep fhir | cut -d ' ' -f 1)
+        containerId=$(docker ps -a | grep fhir-server | cut -d ' ' -f 1)
         if [[ -z "${containerId}" ]]; then
             echo "Warning: Could not find fhir container!!!"
         else
             echo "fhir container id: $containerId"
 
             # Grab the container's console log
             docker logs $containerId  >& ${it_results}/docker-console.txt
+            echo "fhir container logs!!"
+            docker logs $containerId
+
+            echo "Gathering post-test server logs from docker container: $containerId"
+            docker cp -L $containerId:/logs ${it_results}/server-logs
+        fi
+
+        bulkDataContainerId=$(docker ps -a | grep fhir-bulkdata-server | cut -d ' ' -f 1)
+        if [[ -z "${bulkDataContainerId}" ]]; then
+            echo "Warning: Could not find bulkdata fhir container!!!"
+        else
+            echo "bulkdata fhir container id: $containerId"
+
+            # Grab the container's console log
+            docker logs $bulkDataContainerId  >& ${it_results}/docker-console_bulkdata.txt
+            echo "bulkdata fhir container logs!!"
+            docker logs $bulkDataContainerId
 
             echo "Gathering post-test server logs from docker container: $containerId"
             docker cp -L $containerId:/logs ${it_results}/server-logs

build/README.md

@@ -17,6 +17,11 @@ Once the project is built, the LinuxForHealth FHIR Server container image can be
 docker build fhir-install -t linuxforhealth/fhir-server
 ```
 
+The LinuxForHealth FHIR Bulkdata Server container image can be built from the Dockerfile under fhir-install-bulkdata:
+```sh
+docker build fhir-install-bulkdata -t linuxforhealth/fhir-bulkdata-server
+```
+
 ## Running the integration tests locally
 
 Steps to install the server to the local filesystem at the root of the project and execute the tests.
@@ -61,6 +66,7 @@ The commands are expected to work on MacOS and/or Linux.
 
 - [Docker](https://www.docker.com)
 - `linuxforhealth/fhir-server:latest` (built from the fhir-install module as described above)
+- - `linuxforhealth/fhir-bulkdata-server:latest` (built from the fhir-install-bulkdata module as described above)
 
 ### Run
 

build/audit/bin/setup-prerequisites.sh

@@ -23,6 +23,9 @@ required_build(){
 
     # Build from dockerfile
     docker build fhir-install --build-arg VERBOSE=false -t linuxforhealth/fhir-server
+
+     echo "Building fhir-bulkdata-server image!!"
+     docker build fhir-install-bulkdata --build-arg VERBOSE=false -t linuxforhealth/fhir-bulkdata-server
 }
 
 # audit_build - executes for each audit type.

build/audit/kafka/docker-compose.yml

@@ -1,4 +1,24 @@
 version: '3.8'
+volumes:
+  fhirconfig:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./workarea/volumes/dist/config
+  fhirconfigoverrides:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./workarea/volumes/dist/overrides
+  fhiruserlib:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./workarea/volumes/dist/userlib/
+
 services:
   zookeeper-1:
     image: confluentinc/cp-zookeeper:latest
@@ -57,16 +77,16 @@ services:
       - kafka-2
     hostname: fhir
     volumes:
-      - type: bind
-        source: ./workarea/volumes/dist/config
+      - type: volume
+        source: fhirconfig
         target: /opt/ol/wlp/usr/servers/defaultServer/config
         read_only: true
-      - type: bind
-        source: ./workarea/volumes/dist/overrides
+      - type: volume
+        source: fhirconfigoverrides
         target: /opt/ol/wlp/usr/servers/defaultServer/configDropins/overrides
         read_only: true
-      - type: bind
-        source: ./workarea/volumes/dist/userlib/
+      - type: volume
+        source: fhiruserlib
         target: /opt/ol/wlp/usr/servers/defaultServer/userlib
         read_only: true
     environment:
@@ -97,6 +117,42 @@ services:
       - ./.fhir.env
     networks:
       - fhir
+  fhir-bulkdata-server:
+    image: linuxforhealth/fhir-bulkdata-server:latest
+    depends_on:
+      - kafka-1
+      - kafka-2
+    hostname: fhirbulkdata
+    volumes:
+      - type: volume
+        source: fhirconfig
+        target: /opt/ol/wlp/usr/servers/defaultServer/config
+        read_only: true
+      - type: volume
+        source: fhirconfigoverrides
+        target: /opt/ol/wlp/usr/servers/defaultServer/configDropins/overrides
+        read_only: true
+      - type: volume
+        source: fhiruserlib
+        target: /opt/ol/wlp/usr/servers/defaultServer/userlib
+        read_only: true
+    environment:
+      - BOOTSTRAP_DB=false
+    command: bash -c "/opt/ol/wlp/bin/server run"
+    healthcheck:
+      start_period: 120s
+      interval: 10s
+      timeout: 10s
+      retries: 2
+      test: curl --max-time 5 -v -f -k -u 'fhiruser:change-password' 'https://localhost:9445/fhir-server/api/v4/healthcheck'
+    ports:
+      - 9082:9082
+      - 9445:9445
+    env_file:
+      - ./.fhir.env
+    networks:
+      - fhir
+
 networks:
   fhir:
     driver: bridge

build/azurite/docker-compose.yml

@@ -5,6 +5,30 @@ volumes:
     driver: local
   blobdata:
     driver: local
+  fhirconfig:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/config
+  fhirconfigoverrides:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/configDropins/overrides
+  fhiruserlib:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/userlib
+  fhirbulkdata:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/bulkdata
 
 services:
   postgres:
@@ -47,29 +71,24 @@ services:
     image: linuxforhealth/fhir-server:latest
     hostname: fhir
     volumes:
-      - type: bind
-        source: ./fhir-server/config
+      - type: volume
+        source: fhirconfig
         target: /opt/ol/wlp/usr/servers/defaultServer/config
         read_only: true
-      - type: bind
-        source: ./fhir-server/configDropins/overrides
+      - type: volume
+        source: fhirconfigoverrides
         target: /opt/ol/wlp/usr/servers/defaultServer/configDropins/overrides
         read_only: true
-      - type: bind
-        source: ./fhir-server/userlib
+      - type: volume
+        source: fhiruserlib
         target: /opt/ol/wlp/usr/servers/defaultServer/userlib
         read_only: true
-      - type: bind
-        source: ./fhir-server/bulkdata
+      - type: volume
+        source: fhirbulkdata
         target: /output/bulkdata
     environment:
         TRACE_SPEC: "org.linuxforhealth.fhir.*=INFO"
         TRACE_FILE: "stdout"
-        BATCH_DB_HOSTNAME: postgres
-        BATCH_DB_USER: fhirbatch
-        BATCH_DB_PASS: change-password
-        BATCH_DB_SSL: "false"
-        BATCH_DB_NAME: fhirdb
     command: bash -c "
       java -jar /opt/fhir-server/tools/fhir-persistence-blob-app-*-cli.jar
           --fhir-config-dir /opt/ol/wlp/usr/servers/defaultServer
@@ -111,6 +130,49 @@ services:
         condition: service_healthy
     networks:
       - fhir
+  fhir-bulkdata-server:
+    image: linuxforhealth/fhir-bulkdata-server:latest
+    hostname: fhirbulkdata
+    volumes:
+      - type: volume
+        source: fhirconfig
+        target: /opt/ol/wlp/usr/servers/defaultServer/config
+        read_only: true
+      - type: bind
+        source: ./fhir-bulkdata-server/configDropins/overrides
+        target: /opt/ol/wlp/usr/servers/defaultServer/configDropins/overrides
+        read_only: true
+      - type: volume
+        source: fhiruserlib
+        target: /opt/ol/wlp/usr/servers/defaultServer/userlib
+        read_only: true
+      - type: volume
+        source: fhirbulkdata
+        target: /output/bulkdata
+    environment:
+      TRACE_SPEC: "org.linuxforhealth.fhir.*=INFO"
+      TRACE_FILE: "stdout"
+      BATCH_DB_HOSTNAME: postgres
+      BATCH_DB_USER: fhirbatch
+      BATCH_DB_PASS: change-password
+      BATCH_DB_SSL: "false"
+      BATCH_DB_NAME: fhirdb
+    command: bash -c "/opt/ol/wlp/bin/server run"
+    healthcheck:
+      start_period: 32s
+      interval: 20s
+      timeout: 5s
+      retries: 3
+      # https://docs.docker.com/compose/compose-file/#variable-substitution
+      test: curl --fail -k -u 'fhiruser:change-password' 'https://localhost:9445/fhir-bulkdata-server/api/v4/healthcheck'
+    ports:
+      - 9082:9082
+      - 9445:9445
+    depends_on:
+      postgres:
+        condition: service_healthy
+    networks:
+      - fhir
 
   azurite:
     image: mcr.microsoft.com/azure-storage/azurite

build/common/copy-server-config.sh

@@ -22,12 +22,21 @@ cp ${CONFIG}/default/fhir-server-config-postgresql-minio.json ${CONFIG}/default/
 
 echo "Replacing datasource content in server configDropins..."
 OVERRIDES="fhir-server/configDropins/overrides"
+BULKDATA_OVERRIDES="fhir-bulkdata-server/configDropins/overrides"
 rm -rf ${OVERRIDES}/* 2> /dev/null
 mkdir -p ${OVERRIDES}
 
+echo "Create overrides directory for bulkdata db config..."
+rm -rf ${BULKDATA_OVERRIDES}/* 2> /dev/null
+mkdir -p ${BULKDATA_OVERRIDES}
+
 # Copy over both the postgres (default_default) and derby (tenant1_*) datasource definitions
-cp ${WORKSPACE}/fhir-server-webapp/src/main/liberty/config/configDropins/disabled/datasource-postgresql.xml ${OVERRIDES}/
-cp ${WORKSPACE}/fhir-server-webapp/src/main/liberty/config/configDropins/disabled/postgres/bulkdata.xml ${OVERRIDES}/
 cp ${WORKSPACE}/fhir-server-webapp/src/test/liberty/config/configDropins/overrides/datasource-derby.xml ${OVERRIDES}/
+cp ${WORKSPACE}/fhir-server-webapp/src/main/liberty/config/configDropins/disabled/datasource-postgresql.xml ${OVERRIDES}/
+
+echo "Copy over both the postgres (default_default) and derby (tenant1_*) datasource definitions to bulkdata_overrides..."
+cp ${WORKSPACE}/fhir-server-webapp/src/main/liberty/bulkdata/disabled/postgres/datasource-bulkdata.xml ${BULKDATA_OVERRIDES}/
+cp ${WORKSPACE}/fhir-server-webapp/src/test/liberty/config/configDropins/overrides/datasource-derby.xml ${BULKDATA_OVERRIDES}/
+cp ${WORKSPACE}/fhir-server-webapp/src/main/liberty/config/configDropins/disabled/datasource-postgresql.xml ${BULKDATA_OVERRIDES}/
 
 echo "Finished copying the server config."

build/minio/configure.sh

@@ -14,6 +14,7 @@ CONFIG="${WORKSPACE}/build/minio/fhir-server/config"
 TEST_RESOURCES="${WORKSPACE}/fhir-server-test/src/test/resources"
 
 # Set the fhir-server-config
+echo "Copying the fhir server config files..."
 cp ${CONFIG}/default/fhir-server-config-postgresql-minio.json ${CONFIG}/default/fhir-server-config.json
 
 # Enable the file-based import/export tests and set the path to the output dir

build/minio/docker-compose.yml

@@ -3,6 +3,31 @@ version: '3.8'
 volumes:
   pgdata:
     driver: local
+  fhirconfig:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/config
+  fhirconfigoverrides:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/configDropins/overrides
+  fhiruserlib:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/userlib
+  fhirbulkdata:
+    driver: local
+    driver_opts:
+      o: bind
+      type: none
+      device: ./fhir-server/bulkdata
+
 
 services:
   postgres:
@@ -45,29 +70,24 @@ services:
     image: linuxforhealth/fhir-server:latest
     hostname: fhir
     volumes:
-      - type: bind
-        source: ./fhir-server/config
+      - type: volume
+        source: fhirconfig
         target: /opt/ol/wlp/usr/servers/defaultServer/config
         read_only: true
-      - type: bind
-        source: ./fhir-server/configDropins/overrides
+      - type: volume
+        source: fhirconfigoverrides
         target: /opt/ol/wlp/usr/servers/defaultServer/configDropins/overrides
         read_only: true
-      - type: bind
-        source: ./fhir-server/userlib
+      - type: volume
+        source: fhiruserlib
         target: /opt/ol/wlp/usr/servers/defaultServer/userlib
         read_only: true
-      - type: bind
-        source: ./fhir-server/bulkdata
+      - type: volume
+        source: fhirbulkdata
         target: /output/bulkdata
     environment:
         TRACE_SPEC: "org.linuxforhealth.fhir.*=INFO"
         TRACE_FILE: "stdout"
-        BATCH_DB_HOSTNAME: postgres
-        BATCH_DB_USER: fhirbatch
-        BATCH_DB_PASS: change-password
-        BATCH_DB_SSL: "false"
-        BATCH_DB_NAME: fhirdb
     command: bash -c "
       java -jar /opt/fhir-server/tools/fhir-persistence-schema-*-cli.jar
           --db-type postgresql --prop db.host=postgres --prop db.port=5432 --prop db.database=fhirdb --prop user=fhiradmin --prop password=change-password
@@ -106,6 +126,49 @@ services:
         condition: service_healthy
     networks:
       - fhir
+  fhir-bulkdata-server:
+    image: linuxforhealth/fhir-bulkdata-server:latest
+    hostname: fhirbulkdata
+    volumes:
+      - type: volume
+        source: fhirconfig
+        target: /opt/ol/wlp/usr/servers/defaultServer/config
+        read_only: true
+      - type: bind
+        source: ./fhir-bulkdata-server/configDropins/overrides
+        target: /opt/ol/wlp/usr/servers/defaultServer/configDropins/overrides
+        read_only: true
+      - type: volume
+        source: fhiruserlib
+        target: /opt/ol/wlp/usr/servers/defaultServer/userlib
+        read_only: true
+      - type: volume
+        source: fhirbulkdata
+        target: /output/bulkdata
+    environment:
+      TRACE_SPEC: "org.linuxforhealth.fhir.*=INFO"
+      TRACE_FILE: "stdout"
+      BATCH_DB_HOSTNAME: postgres
+      BATCH_DB_USER: fhirbatch
+      BATCH_DB_PASS: change-password
+      BATCH_DB_SSL: "false"
+      BATCH_DB_NAME: fhirdb
+    command: bash -c "/opt/ol/wlp/bin/server run"
+    healthcheck:
+      start_period: 32s
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      # https://docs.docker.com/compose/compose-file/#variable-substitution
+      test: curl --fail -k -u 'fhiruser:change-password' 'https://localhost:9445/fhir-bulkdata-server/api/v4/healthcheck'
+    ports:
+      - 9082:9082
+      - 9445:9445
+    depends_on:
+      postgres:
+        condition: service_healthy
+    networks:
+      - fhir
 
   nats-node1:
     image: nats-streaming:0.24

build/notifications/bin/setup-prerequisites.sh

@@ -23,6 +23,9 @@ required_build(){
 
     # Build from dockerfile
     docker build fhir-install --build-arg VERBOSE=false -t linuxforhealth/fhir-server
+
+    echo "Building fhir-bulkdata-server image!!!"
+    docker build fhir-install-bulkdata --build-arg VERBOSE=false -t linuxforhealth/fhir-bulkdata-server
 }
 
 # notifications_build - executes for each notifications type.

build/persistence/bin/setup-prerequisites.sh

@@ -23,6 +23,9 @@ required_build(){
 
     # Build from dockerfile
     docker build fhir-install --build-arg VERBOSE=false -t linuxforhealth/fhir-server
+
+     echo "Building fhir-bulkdata-server image!!!!"
+     docker build fhir-install-bulkdata --build-arg VERBOSE=false -t linuxforhealth/fhir-bulkdata-server
 }
 
 # persistence_build - executes for each persistence build triggering the persistence layer's required steps.

build/pre-integration-test-docker.sh

@@ -63,6 +63,9 @@ echo "
 Docker container status:"
 docker ps -a
 
+echo "docker image status:"
+docker images
+
 echo "Waiting for fhir-server to complete initialization..."
 ${WORKSPACE}/build/common/wait-for-it.sh
 

docs/src/pages/guides/FHIRServerUsersGuide.md

@@ -44,50 +44,60 @@ This FHIR server is intended to be a common component for providing FHIR capabil
 ## 2.1 Installing a new server
 0.  Prereqs: The LinuxForHealth FHIR Server requires Java 11 and has been tested with OpenJDK 11. To install Java on your system, we recommend downloading and installing OpenJDK 11 from https://adoptium.net/.
 
-1.  To install the LinuxForHealth FHIR Server, build or download the `fhir-install` zip installer.
-The Maven build creates the zip package under `fhir-install/target`. Alternatively, releases are available from the [Releases tab](https://github.com/LinuxForHealth/fhir/releases).
+1.  To install the LinuxForHealth FHIR Server, build or download the `fhir-install` zip installer. To install the LinuxForHealth FHIR Bulkdata Server, build or download the `fhir-install-bulkdata` zip installer.
+The Maven build creates the zip package under `fhir-install/target` and `fhir-install-bulkdata/target`. Alternatively, releases are available from the [Releases tab](https://github.com/LinuxForHealth/fhir/releases).
 
-2.  Unzip the `.zip` package into a clean directory (referred to as `fhir-installer` here):
+2.  Unzip the `.zip` packages into a clean directory (referred to as `fhir-installer` and `fhir-bulkdata-installer` here):
     ```
         mkdir fhir-installer
         cd fhir-installer
         unzip fhir-server-distribution.zip
+    
+        mkdir fhir-bulkdata-installer
+        cd fhir-bulkdata-installer
+        unzip fhir-bulkdata-server-distribution.zip
     ```
 
-3.  Determine an install location for the OpenLiberty server and the LinuxForHealth FHIR Server webapp. Example:  `/opt/ibm/fhir-server`
+3.  Determine an install location for the OpenLiberty server, the LinuxForHealth FHIR Server webapp and the LinuxForHealth FHIR Bulkdata Server webapp. Example:  `/opt/linuxforhealth/fhir-server` and `/opt/linuxforhealth/fhir-bulkdata-server` 
 
-4.  Run the `install.sh/.bat` script to install the server:
-    ```
-        ./fhir-server-dist/install.sh /opt/ibm/fhir-server
-    ```
-    This step installs the OpenLiberty runtime and the LinuxForHealth FHIR Server web application. The Liberty runtime is installed in a directory called `wlp` within the installation directory that you specify. For example, in the preceding command, the root directory of the Liberty server runtime would be `/opt/ibm/fhir-server/wlp`.
+   4.  Run the `install.sh/.bat` script to install the servers:
+       ```
+          install fhir-server: ./fhir-server-dist/install.sh /opt/linuxforhealth/fhir-server
+          install fhir-bulkdata-server: ./fhir-bulkdata-server-dist/install.sh /opt/linuxforhealth/fhir-bulkdata-server
+       ```
+       This step installs the OpenLiberty runtime, the LinuxForHealth FHIR Server web application and the LinuxForHealth FHIR Bulkdata Server web application. The Liberty runtime is installed in a directory called `wlp` within the installation directory that you specify. For example, in the preceding command, the root directory of the Liberty server runtime would be `/opt/ibm/fhir-server/wlp`.
 
-5.  Configure the fhir-server's `server.xml` file as needed by completing the following steps:
-    * Configure the ports that the server listen on. The server is installed with only port 9443 (HTTPS) enabled by default. To change the port numbers, modify the values in the `httpEndpoint` element.
+5.  Configure the fhir-server's `server.xml` and the fhir-bulkdata-server's `server.xml`  file as needed by completing the following steps:
+    * Configure the ports that the server listen on. The fhir-server is installed with only port 9443 (HTTPS) enabled by default. The fhir-bulkdata-server is installed with only port 9445 (HTTPS) enabled by default.  To change the port numbers, modify the values in the `httpEndpoint` element.
     * Configure a server keystore and truststore. The LinuxForHealth FHIR Server is installed with a default keystore file that contains a single self-signed certificate for localhost. For production use, you must create and configure your own keystore and truststore files for the FHIR server deployment (that is, generate your own server certificate or obtain a trusted certificate, and then share the public key certificate with API consumers so that they can insert it into their client-side truststore). The keystore and truststore files are used along with the server's HTTPS endpoint and the FHIR server's client-certificate-based authentication protocol to secure the FHIR server's endpoint. For more information, see [Section 5.2 Keystores, truststores, and the FHIR server](#52-keystores-truststores-and-the-fhir-server).
     * Configure an appropriate user registry. The FHIR server is installed with a basic user registry that contains a single user named `fhiruser`. For production use, it's best to configure your own user registry. For more information about configuring user registries, see the [OpenLiberty documentation](https://openliberty.io/guides/security-intro.html#configuring-the-user-registry).
 
     To override the default fhiruser's password, one may set an Environment variable `FHIR_USER_PASSWORD` and for the fhiradmin's password one may set an Environment variable `FHIR_ADMIN_PASSWORD`.
 
 6.  Make sure that your selected database product is running and ready to accept requests as needed:
-    * By default, the FHIR server is installed with the JDBC persistence layer configured to use an Embedded Derby database. When using the `ibmcom/ibm-fhir-server` docker image, set the `BOOTSTRAP_DB` environment variable to `true` in order to bootstrap this database. For any other configuration, note the database host and port and, if necessary, create a user with privileges for deploying the schema.
+    * By default, the FHIR server and the FHIR Bulkdata server are installed with the JDBC persistence layer configured to use an Embedded Derby database. When using the `ibmcom/ibm-fhir-server` docker image, set the `BOOTSTRAP_DB` environment variable to `true` in order to bootstrap this database. For any other configuration, note the database host and port and, if necessary, create a user with privileges for deploying the schema.
 
 7.  Create and deploy the LinuxForHealth FHIR Server database schema as needed:
-    * By default, the FHIR server is installed with the JDBC persistence layer configured to use an Embedded Derby database. When using the `ibmcom/ibm-fhir-server` docker image, set the `BOOTSTRAP_DB` environment variable to `true` in order to bootstrap this database. For any other configuration, use the `fhir-persistence-schema` module to create and deploy the database schema.
+    * By default, the FHIR server and the FHIR Bulkdata server are installed with the JDBC persistence layer configured to use an Embedded Derby database. When using the `ibmcom/ibm-fhir-server` docker image, set the `BOOTSTRAP_DB` environment variable to `true` in order to bootstrap this database. For any other configuration, use the `fhir-persistence-schema` module to create and deploy the database schema.
 
 8.  Configure the `fhir-server-config.json`<sup id="a1">[1](#f1)</sup> configuration file as needed:
     * By default, the FHIR server is installed with the JDBC persistence layer configured to use a single-tenant Embedded Derby database. For more information, see [Section 3.3 Persistence layer configuration](#33-persistence-layer-configuration).
-
-9.  To start and stop the server, use the Liberty server command:
+    * Update the 'fhirServer/bulkdata/core/api/url' with the port number of fhir-bulkdata-server.
+9.  To start and stop the servers, use the Liberty server command:
 ```
     <WLP_HOME>/bin/server start fhir-server
     <WLP_HOME>/bin/server stop fhir-server
+
+    <WLP_HOME>/bin/server start fhir-bulkdata-server
+    <WLP_HOME>/bin/server stop fhir-bulkdata-server
 ```
 
-9.  After you start the server, you can verify that it's running properly by invoking the `$healthcheck` endpoint like this:
+9.  After you start the servers, you can verify that it's running properly by invoking the `$healthcheck` endpoints like this:
 
 ```
-    curl -k -u '<username>:<password>' 'https://<host>:<port>/fhir-server/api/v4/$healthcheck'
+    fhir-server: curl -k -u '<username>:<password>' 'https://<host>:<port>/fhir-server/api/v4/$healthcheck'
+
+    fhir-bulkdata-server:  curl -k -u '<username>:<password>' 'https://<host>:<port>/fhir-bulkdata-server/api/v4/healthcheck'
 ```
 
 where `<username>` is one of the users configured in `server.xml` (default is `fhiruser`).  

fhir-bulkdata-webapp/pom.xml

@@ -183,7 +183,6 @@
             <plugin>
                 <artifactId>maven-war-plugin</artifactId>
                 <configuration>
-                    <warSourceDirectory>WebContent</warSourceDirectory>
                     <warName>${fhir.bulk.war.name}</warName>
                 </configuration>
             </plugin>

fhir-bulkdata-webapp/src/main/java/org/linuxforhealth/fhir/bulkdata/application/FHIRBulkDataApplication.java

@@ -0,0 +1,43 @@
+/*
+ * (C) Copyright IBM Corp. 2022
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.linuxforhealth.fhir.bulkdata.application;
+
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Logger;
+
+import javax.ws.rs.core.Application;
+
+import org.linuxforhealth.fhir.bulkdata.resources.HealthCheck;
+
+public class FHIRBulkDataApplication extends Application {
+    private static final Logger log = Logger.getLogger(FHIRBulkDataApplication.class.getName());
+
+    private Set<Class<?>> classes = null;
+    private Set<Object> singletons = null;
+
+    public FHIRBulkDataApplication() {
+
+    }
+
+    @Override
+    public Set<Class<?>> getClasses() {
+        log.entering(this.getClass().getName(), "getClasses");
+        System.out.println("##################### init bulk data rest api's");
+        try {
+            if (classes == null) {
+                classes = new HashSet<Class<?>>();
+                classes.add(HealthCheck.class);
+            }
+            return classes;
+        } finally {
+            log.exiting(this.getClass().getName(), "getClasses");
+        }
+    }
+
+
+}

fhir-bulkdata-webapp/src/main/java/org/linuxforhealth/fhir/bulkdata/resources/HealthCheck.java

@@ -0,0 +1,87 @@
+/**
+ * (C) Copyright IBM Corp. 2022
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+package org.linuxforhealth.fhir.bulkdata.resources;
+
+import java.util.List;
+import java.util.logging.Logger;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.core.Response;
+
+import org.linuxforhealth.fhir.exception.FHIROperationException;
+import org.linuxforhealth.fhir.model.resource.OperationOutcome;
+import org.linuxforhealth.fhir.model.resource.OperationOutcome.Issue;
+import org.linuxforhealth.fhir.model.type.code.IssueSeverity;
+import org.linuxforhealth.fhir.persistence.FHIRPersistence;
+import org.linuxforhealth.fhir.persistence.helper.FHIRPersistenceHelper;
+import org.linuxforhealth.fhir.persistence.helper.FHIRTransactionHelper;
+
+/**
+ * Resource class for the health check of bulkdata web application.
+ */
+@Path("/")
+public class HealthCheck {
+
+
+    public HealthCheck() throws Exception {
+        super();
+    }
+
+    private static final Logger log = java.util.logging.Logger.getLogger(HealthCheck.class.getName());
+
+    FHIRPersistence fhirPersistence;
+
+    /**
+     * This method validates the health check of bulkdata web application.
+     * @return Response - The health check response status
+     * @throws FHIROperationException
+     */
+    @GET
+    @Path("healthcheck")
+    public Response healthCheck() throws FHIROperationException {
+        log.entering(this.getClass().getName(), "healthCheck()");
+        try {
+            FHIRPersistenceHelper fhirPersistenceHelper = new FHIRPersistenceHelper(null);
+            fhirPersistence = fhirPersistenceHelper.getFHIRPersistenceImplementation();
+            FHIRTransactionHelper txn = new FHIRTransactionHelper(fhirPersistence.getTransaction());
+            txn.begin();
+            try {
+                OperationOutcome operationOutcome = fhirPersistence.getHealth();
+                checkOperationOutcome(operationOutcome);
+                return Response.status(Response.Status.OK).build();
+            } catch (Throwable t) {
+                txn.setRollbackOnly();
+                throw t;
+            } finally {
+                txn.end();
+            }
+        } catch (FHIROperationException e) {
+            throw e;
+        } catch (Throwable t) {
+            throw new FHIROperationException("Unexpected error occurred while processing request for bulkdata healthcheck operation : " + getCausedByMessage(t), t);
+        } finally {
+            log.exiting(this.getClass().getName(), "healthCheck()");
+        }
+    }
+
+    private void checkOperationOutcome(OperationOutcome oo) throws FHIROperationException {
+        List<Issue> issues = oo.getIssue();
+        for (Issue issue : issues) {
+            IssueSeverity severity = issue.getSeverity();
+            if (severity != null && (IssueSeverity.ERROR.getValue().equals(severity.getValue())
+                    || IssueSeverity.FATAL.getValue().equals(severity.getValue()))) {
+                throw new FHIROperationException("The persistence layer reported one or more issues").withIssue(issues);
+            }
+        }
+    }
+
+    private String getCausedByMessage(Throwable throwable) {
+        return throwable.getClass().getName() + ": " + throwable.getMessage();
+    }
+
+
+}

fhir-bulkdata-webapp/src/main/webapp/WEB-INF/web.xml

@@ -1,6 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" version="4.0">
-    <display-name>IBM FHIR Server - Bulk Data WebAPP</display-name> 
-
+<web-app id="WebApp_ID" version="4.0"
+    xmlns="http://xmlns.jcp.org/xml/ns/javaee"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd">
     <deny-uncovered-http-methods />
+    <display-name>IBM FHIR Server - Bulk Data WebAPP</display-name>
+    <servlet>
+        <servlet-name>FHIRRestServlet</servlet-name>
+        <servlet-class>com.ibm.websphere.jaxrs.server.IBMRestServlet</servlet-class>
+        <init-param>
+            <param-name>javax.ws.rs.Application</param-name>
+            <param-value>org.linuxforhealth.fhir.bulkdata.application.FHIRBulkDataApplication</param-value>
+        </init-param>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>FHIRRestServlet</servlet-name>
+        <url-pattern>/*</url-pattern>
+    </servlet-mapping>
+    <login-config>
+        <auth-method>CLIENT-CERT</auth-method>
+    </login-config>
 </web-app>

fhir-install-bulkdata/.gitignore

@@ -0,0 +1 @@
+.~lock.*

fhir-install-bulkdata/Dockerfile

@@ -0,0 +1,73 @@
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+# Stage: Base
+
+FROM openliberty/open-liberty:22.0.0.10-kernel-slim-java11-openj9-ubi as base
+
+USER root
+RUN yum install -y unzip
+RUN install -d -o 1001 /opt/fhir-bulkdata-server
+USER 1001
+
+COPY target/fhir-bulkdata-server-distribution.zip /tmp/
+RUN unzip -qq /tmp/fhir-bulkdata-server-distribution.zip -d /tmp && \
+    /tmp/fhir-bulkdata-server-dist/install.sh /opt/ol && \
+    mv /tmp/fhir-bulkdata-server-dist/tools /opt/fhir-bulkdata-server/tools
+COPY src/main/docker/fhir-bulkdata-server/bootstrap.properties /opt/ol/wlp/usr/servers/defaultServer/
+COPY src/main/docker/fhir-bulkdata-server/bootstrap.sh /opt/fhir-bulkdata-server/
+# ----------------------------------------------------------------------------
+# Stage: Runnable
+
+FROM openliberty/open-liberty:22.0.0.10-kernel-slim-java11-openj9-ubi
+
+ARG VERBOSE=true
+ARG FHIR_SERVER_VERSION=5.0.0-SNAPSHOT
+
+# The following labels are required:
+LABEL name='LinuxForHealth FHIR Bulkdata Server'
+LABEL version="$FHIR_SERVER_VERSION"
+LABEL summary="LinuxForHealth FHIR Bulkdata Server with OpenJ9 and UBI 8"
+LABEL description="The LinuxForHealth FHIR Bulkdata Server is a Standalone web application to process bulk data requests as JSR352 Java Batch jobs"
+
+ENV FHIR_CONFIG_HOME=/opt/ol/wlp/usr/servers/defaultServer \
+    WLP_LOGGING_CONSOLE_SOURCE=message,trace,accessLog,ffdc,audit \
+    WLP_LOGGING_CONSOLE_LOGLEVEL=info \
+    WLP_LOGGING_CONSOLE_FORMAT=SIMPLE \
+    WLP_LOGGING_MESSAGE_SOURCE="" \
+    WLP_LOGGING_MESSAGE_FORMAT=JSON \
+    TRACE_FILE=stdout \
+    TRACE_FORMAT=BASIC
+
+COPY target/LICENSE /licenses/
+
+COPY --chown=1001:0 --from=base /opt/ol/wlp/usr/servers/defaultServer/server.xml /opt/ol/wlp/usr/servers/defaultServer/
+COPY --chown=1001:0 --from=base /opt/ol/wlp/usr/servers/defaultServer/configDropins /opt/ol/wlp/usr/servers/defaultServer/configDropins
+
+RUN features.sh
+
+COPY --chown=1001:0 --from=base /opt/ol/wlp/usr /opt/ol/wlp/usr
+
+RUN configure.sh && \
+    mkdir -p /output/bulkdata
+
+COPY --chown=1001:0 --from=base /opt/fhir-bulkdata-server /opt/fhir-bulkdata-server
+
+RUN mkdir -p /config/configDropins/overrides && \
+    chmod -R 775 /config/configDropins/overrides && \
+    chmod -R 775 /opt/ol/wlp/usr/servers/defaultServer/configDropins/defaults
+
+# This block ensures the latest software is picked up.
+USER root
+RUN yum update -y && \
+    yum clean all && \
+    rm -rf /var/cache/yum
+USER 1001
+
+# Set the working directory to the liberty defaultServer
+WORKDIR ${FHIR_CONFIG_HOME}
+
+ENTRYPOINT ["/opt/fhir-bulkdata-server/bootstrap.sh"]
+CMD ["/opt/ol/wlp/bin/server", "run", "defaultServer"]

fhir-install-bulkdata/README.md

@@ -0,0 +1,45 @@
+# LinuxForHealth FHIR Server Install
+
+Running the LinuxForHealth FHIR Bulkdata Server as a Docker container.
+
+## Prerequisites
+
+- [Docker](http://docker.com)
+- Updated fhir-install-bulkdata/target/fhir-bulkdata-server-distribution.zip
+
+## Build
+
+Using Docker Terminal, access the fhir-install-bulkdata directory and run:
+
+```sh
+docker build -t fhir-bulkdata-server .
+```
+
+## Run
+
+Once the image is built, start it with:
+
+```sh
+docker run -it -p 9445:9445 --name fhir-bulkdata-server --rm fhir-bulkdata-server
+```
+
+## Test
+
+Once the fhir-server is ready, you can test it by accessing: https://localhost:9444/fhir-bulkdata-server/api/v4/healthcheck
+
+For example:
+
+```sh
+curl -k -i -u 'fhiruser:change-password' 'https://localhost:9445/fhir-bulkdata-server/api/v4/healthcheck'
+```
+
+This request makes a connection to the configured database (embedded Derby by default) and a successful response will return with:
+
+```
+HTTP/2 200 
+date: #current_date#
+content-length: 0
+content-language: en-IN
+```
+
+FHIR® is the registered trademark of HL7 and is used with the permission of HL7.

fhir-install-bulkdata/pom.xml

@@ -0,0 +1,213 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.linuxforhealth.fhir</groupId>
+        <artifactId>fhir-parent</artifactId>
+        <version>5.0.0-SNAPSHOT</version>
+        <relativePath>../fhir-parent</relativePath>
+    </parent>
+
+    <artifactId>fhir-install-bulkdata</artifactId>
+
+    <packaging>pom</packaging>
+
+    <dependencies>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>fhir-bulkdata-webapp</artifactId>
+            <version>${project.version}</version>
+            <type>war</type>
+        </dependency>
+        <dependency>
+            <groupId>io.openliberty</groupId>
+            <artifactId>openliberty-runtime</artifactId>
+            <type>zip</type>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.derby</groupId>
+            <artifactId>derby</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.derby</groupId>
+            <artifactId>derbyclient</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.derby</groupId>
+            <artifactId>derbyshared</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.derby</groupId>
+            <artifactId>derbytools</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.postgresql</groupId>
+            <artifactId>postgresql</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>fhir-persistence-schema</artifactId>
+            <version>${project.version}</version>
+            <classifier>cli</classifier>
+        </dependency>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>fhir-persistence-blob-app</artifactId>
+            <version>${project.version}</version>
+            <classifier>cli</classifier>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <artifactId>maven-antrun-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <configuration>
+                            <target>
+                                <copy
+                                    todir="${project.build.directory}">
+                                    <fileset
+                                        dir="${project.build.directory}/../../">
+                                        <include name="LICENSE" />
+                                    </fileset>
+                                </copy>
+                            </target>
+                        </configuration>
+                        <goals>
+                            <goal>run</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>fhir-bulkdata-server-dist</id>
+                        <goals>
+                            <goal>single</goal>
+                        </goals>
+                        <phase>package</phase>
+                        <configuration>
+                            <finalName>fhir-bulkdata-server-distribution</finalName>
+                            <appendAssemblyId>false</appendAssemblyId>
+                            <attach>true</attach>
+                            <descriptors>
+                                <descriptor>src/main/assembly/distribution.xml</descriptor>
+                            </descriptors>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+    <profiles>
+        <profile>
+            <id>docker-build</id>
+            <activation>
+                <os>
+                    <family>!windows</family>
+                </os>
+            </activation>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>com.spotify</groupId>
+                        <artifactId>dockerfile-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <id>default-cli</id>
+                                <phase>none</phase>
+                                <goals>
+                                    <goal>build</goal>
+                                </goals>
+                            </execution>
+                            <execution>
+                                <id>tag-version</id>
+                                <phase>none</phase>
+                                <goals>
+                                    <goal>tag</goal>
+                                </goals>
+                                <configuration>
+                                    <tag>${project.version}</tag>
+                                </configuration>
+                            </execution>
+                            <execution>
+                                <id>push-latest</id>
+                                <phase>none</phase>
+                                <goals>
+                                    <goal>push</goal>
+                                </goals>
+                                <configuration>
+                                    <tag>latest</tag>
+                                </configuration>
+                            </execution>
+                            <execution>
+                                <id>push-version</id>
+                                <phase>none</phase>
+                                <goals>
+                                    <goal>push</goal>
+                                </goals>
+                                <configuration>
+                                    <tag>${project.version}</tag>
+                                </configuration>
+                            </execution>
+                        </executions>
+                        <configuration>
+                            <repository>linuxforhealth/fhir-bulkdata-server</repository>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+        <profile>
+            <id>include-fhir-igs</id>
+            <activation>
+                <activeByDefault>false</activeByDefault>
+            </activation>
+            <dependencies>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-us-core</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-carin-bb</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-mcode</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-davinci-hrex</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-davinci-pdex</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-davinci-pdex-plan-net</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+                <dependency>
+                    <groupId>${project.groupId}</groupId>
+                    <artifactId>fhir-ig-davinci-pdex-formulary</artifactId>
+                    <version>${project.version}</version>
+                </dependency>
+            </dependencies>
+        </profile>
+    </profiles>
+</project>

fhir-install-bulkdata/src/main/assembly/distribution.xml

@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<assembly
+    xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
+    <id>fhir-bulkdata-distribution</id>
+    <baseDirectory>fhir-bulkdata-server-dist</baseDirectory>
+    <includeBaseDirectory>true</includeBaseDirectory>
+    <formats>
+        <format>zip</format>
+    </formats>
+    <fileSets>
+        <fileSet>
+            <directory>../fhir-server-webapp/src/main/liberty/config</directory>
+            <outputDirectory>artifacts/servers/defaultServer</outputDirectory>
+            <excludes>
+                <exclude>server.xml</exclude>
+                <exclude>configDropins/disabled/datasource-postgresql.xml</exclude>
+                <exclude>configDropins/disabled/jwtRS.xml</exclude>
+                <exclude>configDropins/defaults/openapi.xml</exclude>
+                <exclude>configDropins/defaults/monitoring.xml</exclude>
+            </excludes>
+            <fileMode>0755</fileMode>
+        </fileSet>
+        <fileSet>
+            <directory>../fhir-server-webapp/src/main/liberty/bulkdata/disabled</directory>
+            <outputDirectory>artifacts/servers/defaultServer/configDropins/disabled</outputDirectory>
+            <fileMode>0755</fileMode>
+        </fileSet>
+        <fileSet>
+            <directory>../fhir-server-webapp/src/main/liberty/bulkdata/disabled/derby</directory>
+            <outputDirectory>artifacts/servers/defaultServer/configDropins/overrides</outputDirectory>
+            <fileMode>0755</fileMode>
+        </fileSet>
+        <fileSet>
+            <directory>src/main/resources/scripts</directory>
+            <outputDirectory></outputDirectory>
+            <fileMode>0755</fileMode>
+        </fileSet>
+    </fileSets>
+    <files>
+        <file>
+            <source>../fhir-server-webapp/src/main/liberty/bulkdata/bulkdata.xml</source>
+            <outputDirectory>artifacts/servers/defaultServer</outputDirectory>
+            <destName>server.xml</destName>
+            <fileMode>0755</fileMode>
+        </file>
+        <file>
+            <source>src/main/resources/docs/README.txt</source>
+            <outputDirectory>artifacts/servers/defaultServer/docs</outputDirectory>
+            <fileMode>0755</fileMode>
+        </file>
+        <file>
+            <source>../fhir-bulkdata-webapp/target/fhir-bulkdata-webapp.war</source>
+            <outputDirectory>artifacts/servers/defaultServer/apps</outputDirectory>
+            <fileMode>0755</fileMode>
+        </file>
+    </files>
+    <dependencySets>
+        <dependencySet>
+            <useProjectArtifact>false</useProjectArtifact>
+            <directoryMode>0755</directoryMode>
+            <fileMode>0755</fileMode>
+            <includes>
+                <include>io.openliberty:openliberty-runtime:*</include>
+            </includes>
+        </dependencySet>
+        <dependencySet>
+            <useProjectArtifact>false</useProjectArtifact>
+            <outputDirectory>artifacts/servers/defaultServer/userlib</outputDirectory>
+            <directoryMode>0755</directoryMode>
+            <fileMode>0755</fileMode>
+            <includes>
+                <!-- included as there are some transitive dependencies picked up during integration test builds. -->
+                <include>${project.groupId}:fhir-ig-*</include>
+            </includes>
+        </dependencySet>
+        <dependencySet>
+            <useProjectArtifact>false</useProjectArtifact>
+            <outputDirectory>artifacts/shared/resources/lib/derby</outputDirectory>
+            <directoryMode>0755</directoryMode>
+            <fileMode>0755</fileMode>
+            <includes>
+                <include>org.apache.derby:derby</include>
+                <include>org.apache.derby:derbyclient</include>
+                <include>org.apache.derby:derbyshared</include>
+                <include>org.apache.derby:derbytools</include>
+            </includes>
+        </dependencySet>
+        <dependencySet>
+            <useProjectArtifact>false</useProjectArtifact>
+            <outputDirectory>artifacts/shared/resources/lib/postgresql</outputDirectory>
+            <directoryMode>0755</directoryMode>
+            <fileMode>0755</fileMode>
+            <includes>
+                <include>org.postgresql:postgresql</include>
+            </includes>
+        </dependencySet>
+        <dependencySet>
+            <useProjectArtifact>false</useProjectArtifact>
+            <outputDirectory>tools</outputDirectory>
+            <directoryMode>0755</directoryMode>
+            <fileMode>0755</fileMode>
+            <includes>
+                <include>${project.groupId}:fhir-persistence-schema:jar:cli</include>
+                <include>${project.groupId}:fhir-persistence-blob-app:jar:cli</include>
+            </includes>
+        </dependencySet>
+    </dependencySets>
+</assembly>

fhir-install-bulkdata/src/main/docker/fhir-bulkdata-server/bootstrap.properties

@@ -0,0 +1,6 @@
+# disable writing to trace.log by only sending trace data to console
+com.ibm.ws.logging.trace.format=BASIC
+com.ibm.ws.logging.trace.file.name=stdout
+
+# Required to avoid conflict between CXF and FHIR interpretation of the _type query param
+jaxrs.cxf.use.noop.requestPreprocessor=true

fhir-install-bulkdata/src/main/docker/fhir-bulkdata-server/bootstrap.sh

@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+##############################################################################
+# Description:
+# This script is the entrypoint used by the fhir-server docker image, and
+# optionally bootstraps a derby database prior to running the IBM FHIR Server.
+
+set -e -o pipefail
+
+##############################################################################
+# The global variables used are:
+
+SCRIPT_NAME="$(basename ${BASH_SOURCE[0]})"
+
+CUR_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+
+FHIR_PERSISTENCE_SCHEMA_CLI_LOCATION="/opt/fhir-bulkdata-server/tools"
+
+PERFORM_BOOTSTRAP_DB=${BOOTSTRAP_DB}
+[ -z "${BOOTSTRAP_DB}" ] && PERFORM_BOOTSTRAP_DB="false"
+
+##############################################################################
+# Helper Functions
+
+# info - - local function to echo info message
+# ARGUMENTS:
+#   String of message
+function info {
+    echo "${SCRIPT_NAME} - [INFO]: $(date +"%Y-%m-%d_%T") - ${1}"
+}
+
+# _call_derby_db - local function to call derby database
+# ARGUMENTS:
+#   String of additional parameters
+function _call_derby_db {
+    /opt/java/openjdk/bin/java -jar ${FHIR_PERSISTENCE_SCHEMA_CLI_LOCATION}/fhir-persistence-schema-*-cli.jar \
+        --prop "db.create=Y" \
+        --prop "db.database=/output/derby/fhirDB" \
+        --db-type derby \
+        ${1} 2>&1
+}
+
+# _bootstrap_db - local function to perform database bootstrapping
+function _bootstrap_db {
+    if [ "$PERFORM_BOOTSTRAP_DB" = "true" ]
+    then
+        info "Performing Derby database bootstrapping"
+        _call_derby_db "--update-schema"
+        info "Finished Derby database bootstrapping"
+    else
+        info "Skipping Derby database bootstrapping"
+    fi
+}
+
+##############################################################################
+# Script logic:
+
+info "Current directory: $CUR_DIR"
+_bootstrap_db
+
+# Pass it on to the Liberty entrypoint
+exec /opt/ol/helpers/runtime/docker-server.sh "$@"
+
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/.gitignore

@@ -0,0 +1,3 @@
+target/
+fhirschema.log
+out.log

fhir-install-bulkdata/src/main/docker/fhir-schematool/DESIGN.md

@@ -0,0 +1,59 @@
+# **Design**
+
+The LinuxForHealth FHIR Schema Tool provides an Docker image that wraps the `fhir-persistence-schema` executable jar. The tool is state machine which take a single configuration to establish a current and running state of the LinuxForHealth FHIR Server.
+
+The design is such that it COULD, but does not support multiple input files at this time.
+
+When the container is started, the container process one of two flows:
+
+* Schema Onboarding - creates and updates a schema and apply grants
+* Schema Offboarding - drops a schema
+
+**Schema Onboarding Flow**
+
+The schema onboarding flow setup add a new tenant or update the database to the latest schema levels. 
+
+1. Check if set to **skip**: 
+    1. If `SKIP['true']`, stop and exit cleanly. 
+    1. If `SKIP['false']`, proceed.
+1. Check if **BEHAVIOR** set to ONBOARD:
+    1. If not `BEHAVIOR['ONBOARD']`, skip. 
+    1. If `BEHAVIOR['ONBOARD']`, proceed.
+1. Create the database configuration file
+1. Check connectivity: 
+    1. If connectivity fails, stop and exit in error. 
+    1. If connectivity succeeds, proceed.
+1. Create the schema
+1. Update the Schema 
+1. Grant permissions to the LinuxForHealth FHIR Server database user
+
+**Schema Offboarding Flow**
+
+The schema offboarding flow offboards the current schema, while preserving the schema for multiple tenants (if supported by the database type).
+
+1. Check if set to **SKIP**: 
+    1. If `SKIP['true']`, stop and exit cleanly. 
+    1. If `SKIP['false']`, proceed.
+1. Check if **BEHAVIOR** set to OFFBOARD:
+    1. If not `BEHAVIOR['OFFBOARD']`, skip. 
+    1. If `BEHAVIOR['OFFBOARD']`, proceed.
+    1. Drop FHIR Schema
+    1. Drop Java Batch
+    1. Drop OAuth
+
+# **Implementation Details**
+
+## Configuration
+
+The configuration is drived primarily from a working directory, and in alternative circumstances backed by an Environment variable with the input.
+
+The configuration data is mounted to `/fhir-schematool/workarea/input`.
+
+## Logging
+1. Logging - The logging is to standard error and standard out. 
+ - The logs data is put into the `/fhir-schematool/workarea/output` folder.
+2. Must Gather Flow - Each execution generates a new set of log files to the `/fhir-schematool/workarea/output` folder.
+
+## Docker 
+The design is to use as few layers as possible starting with `ibmsemeruruntime/open-11-jdk:ubi_min-jre`. 
+The build uses multiple stages to avoid a bloated image after the necessary updates.

fhir-install-bulkdata/src/main/docker/fhir-schematool/DEVELOPMENT.md

@@ -0,0 +1,61 @@
+# Development
+
+The document helps developers setup the development environment for the LinuxForHealth FHIR Server Schema Tool. 
+
+1. Build the `fhir-examples` and `fhir-parent`
+
+``` shell
+export WORKSPACE=`pwd`
+cd fhir-install-bulkdata/src/main/docker/fhir-schematool
+mvn clean install -DskipTests -f ${WORKSPACE}/fhir-examples/
+mvn clean install -DskipTests -f ${WORKSPACE}/fhir-parent/
+```
+
+2. Change to the `fhir-install-bulkdata/src/main/docker/fhir-schematool` directory
+
+3. Prep the contents
+
+``` shell
+mkdir -p target
+cp ${WORKSPACE}/fhir-persistence-schema/target/fhir-persistence-schema-*-cli.jar target/
+cp ${WORKSPACE}/LICENSE target/LICENSE
+```
+
+4. Build the schema tool. 
+
+``` shell
+docker build --tag linuxforhealth/fhir-schematool:latest .
+```
+
+or 
+
+``` shell
+docker build --build-arg FHIR_VERSION=5.0.0 -t linuxforhealth/fhir-schematool:5.0.0 .
+```
+
+5. For Postgres, run. (You may have to edit the corresponding examples)
+
+* onboard
+``` shell
+time docker run  --env ENV_TOOL_INPUT=`cat examples/postgres/persistence-offboard-example.json |base64` linuxforhealth/fhir-schematool:latest | tee out.log
+```
+
+* offboard
+``` shell
+time docker run  --env ENV_TOOL_INPUT=`cat examples/postgres/persistence-onboard-example.json |base64` linuxforhealth/fhir-schematool:latest | tee out.log
+```
+
+6. Confirm you see your changes work, and the Deployment works.
+
+    * Schema is created, or deleted
+    * No Error Logs (at least unexpected)
+    * Output is as expected
+
+# Run a Shell Check 
+
+Sanity check of the Shell Script
+
+```
+brew install shellcheck
+shellcheck run.sh
+```

fhir-install-bulkdata/src/main/docker/fhir-schematool/Dockerfile

@@ -0,0 +1,66 @@
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+# Stage: Base
+
+# IBM Semeru Runtimes provides Non-official docker images as part of this repo. These are maintained by IBM.
+# The link to Semeru is at https://hub.docker.com/r/ibmsemeruruntime/open-11-jdk
+FROM ibmsemeruruntime/open-11-jdk:ubi_min-jre as base
+
+# Create the base working directory
+RUN mkdir -p /opt/schematool/workarea
+
+# Copy in the relevant artifacts in a single command
+COPY ./run.sh ./target/fhir-persistence-schema-*-cli.jar ./target/LICENSE /opt/schematool/
+
+RUN curl -L -o /opt/schematool/jq https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 && \
+    chmod +x /opt/schematool/jq
+
+# ----------------------------------------------------------------------------
+# Stage: Runnable
+
+FROM registry.access.redhat.com/ubi8/ubi-minimal
+
+ARG FHIR_VERSION=4.8.0
+
+# The following labels are required: 
+LABEL name='IBM FHIR Schema Tool'
+LABEL vendor='IBM'
+LABEL version="$FHIR_VERSION"
+LABEL summary="Image for IBM FHIR Server Schema Tool with OpenJ9 and UBI 8"
+LABEL description="The IBM FHIR Server Schema Tool is designed to create and update the IBM FHIR Server's schema."
+
+# Environment variables
+ENV SKIP false
+ENV TOOL_INPUT false
+
+ENV LANG='en_US.UTF-8'
+ENV LANGUAGE='en_US:en'
+ENV LC_ALL='en_US.UTF-8'
+ENV TZ 'UTC'
+
+WORKDIR /opt/schematool
+
+COPY --chown=1001:0 --from=base /opt/ /opt/
+
+RUN chmod -R 755 /opt/schematool/run.sh && \
+    mkdir -p /licenses && \
+    mv /opt/schematool/LICENSE /licenses && \
+    microdnf update -y && \
+    microdnf install -y nc tzdata openssl curl ca-certificates fontconfig glibc-langpack-en gzip tar findutils shadow-utils && \
+    groupadd -r fhirschemaadmin -g 1001 && \
+    useradd -u 1001 -r -g 1001 -m -d /opt/schematool/home -s /sbin/nologin fhirschemaadmin && \
+    chmod -R 755 /opt/schematool && \
+    rm -rf /var/cache/yum && \
+    rm -f /@System.solv && \
+    microdnf clean all && \
+    rm -rf /var/tmp/* && \
+    rm -rf /tmp/* && \
+    mkdir -p /opt/schematool/workarea && \
+    chmod -R 775 /opt/schematool/workarea
+
+USER 1001
+
+ENTRYPOINT ["/opt/schematool/run.sh"]

fhir-install-bulkdata/src/main/docker/fhir-schematool/README.md

@@ -0,0 +1,194 @@
+# IBM FHIR Server - Schema Tool
+
+The LinuxForHealth FHIR Server Schema Tool is designed to create and update the LinuxForHealth FHIR Server's schema idempotently.
+
+The tool supports the following flows in one image: 
+
+* Onboarding - create SQL schemas, populate the SQL objects, grant permissions to the database user.
+* Offboarding - removes the schema
+* Custom - executes a single fhir-persistence-schema cli action
+* Debug - outputs debug information
+
+# **Use**
+
+The solution should set the variables as Environment Variables or mounted into the workarea folder as a volume which contains the persistence.json file.
+
+## **Environment Variables**
+The following environment variables:
+
+| Name           | Purpose  |
+|----------------|----------|
+| ENV_SKIP       | Stop the container from making any changes, and passes through with a successful state change: `[empty\|true\|false]`|
+| ENV_TOOL_INPUT | Encoded String, in most circumstances base64 encoded or well escaped text, of the json|
+| ENV_TOOL_DEBUG | Flags the debug |
+
+## Configuration Commandline
+The following is read from the properties file:
+
+| Name       | Purpose  |
+|------------|----------|
+| tool.behavior | Switches from the Onboarding BEHAVIOR to Offboarding BEHAVIOR flow: `[onboard\|offboard\|debug\|custom]`. |
+| db.type | The database type - `[postgresql]` |
+| db.host | The database server hostname|
+| db.port | The database server port|
+| db.database | The name of the database|
+| user | A username with connect and admin permissions on the target database|
+| password | The user password for connecting to the database|
+| ssl | true or anything else, true triggers JDBC to use ssl, an example --prop ssl=true (postgres) |
+| tenant.name | the tenant name is typically default |
+| schema.name.oauth | uses the default or custom |
+| schema.name.fhir | defaults to fhirdata |
+| schema.name.batch | uses the default or custom |
+| grant.to | grants access to a specific user (which is going to run the application) |
+| sslmode | For Postgres, you can set verify-full |
+| sslrootcert | For Postgres, you must set as /opt/schematool/workarea/db.cert |
+| db.cert | For Postgres, you must set as a base64 encoding of the certificate |
+
+Further, any property supported by the [fhir-persistence-schema](https://github.com/LinuxForHealth/FHIR/blob/main/fhir-persistence-schema/README.md) module is put into the file and mounted to the system.
+
+## Configuration file - persistence.json
+The configuration file is as follows in the examples configuration.
+
+```
+{
+    "persistence": [
+        {
+            "db":  {
+                "host": "172.17.0.3",
+                "port": "5432",
+                "database": "fhirdb",
+                "user": "postgres",
+                "password": "change-password",
+                "type": "postgresql",
+                "ssl": "false",
+                "certificate_base64": "empty"
+            },
+            "schema": {
+                "fhir": "fhirdata",
+                "batch": "",
+                "oauth": ""
+            },
+            "grant":  "fhirserver",
+            "behavior": "onboard"
+        }
+    ]
+}
+```
+
+You can run locally using: 
+
+*Mac*
+
+```
+docker run  --env ENV_TOOL_INPUT=$(cat persistence.json | base64) linuxforhealth/fhir-schematool:latest
+```
+
+*Linux*
+
+```
+docker run  --env ENV_TOOL_INPUT=$(cat persistence.json | base64 -w 0) linuxforhealth/fhir-schematool:latest
+```
+
+An example volume mount: 
+
+```
+    volumeMounts:
+        - name: binding
+          mountPath: "/opt/schematool/workarea"
+          readOnly: true
+    volumes:
+      - name: binding
+        secret:
+          secretName: binding-persistence
+          items:
+          - key: binding
+            path: persistence.json
+```
+
+# Running the Tool
+
+## Running: Debug Behavior
+
+The debug behavior outputs the details of the running image:
+
+Using an encoded persistence.json
+
+``` shell
+docker run linuxforhealth/fhir-schematool:latest --tool.behavior=debug
+```
+
+Output
+```
+run.sh - [INFO]: 2020-11-09_21:39:27 - The files included with the tool are:
+total 37M
+drwxr-xr-x 1 root root 4.0K Nov  9 21:39 .
+drwxr-xr-x 1 root root 4.0K Nov  9 20:00 ..
+-rw-r--r-- 1 root root  37M Nov  6 20:33 fhir-persistence-schema-4.5.0-SNAPSHOT-cli.jar
+-rwxr-xr-x 1 root root  632 Nov  9 21:39 jq
+-rwxr-xr-x 1 root root  15K Nov  9 21:38 run.sh
+drwxr-xr-x 2 root root 4.0K Nov  9 19:23 workarea
+The OpenSSL version is:
+OpenSSL 1.1.1g FIPS  21 Apr 2020
+```
+
+## Running: Offboard Behavior
+
+Using an encoded persistence.json
+
+*Mac*
+
+```
+docker run  --env ENV_TOOL_INPUT=`cat examples/postgres/persistence-offboard-example.json |base64` \
+    linuxforhealth/fhir-schematool:latest | tee out.log
+```
+
+*Linux*
+
+```
+docker run  --env ENV_TOOL_INPUT=`cat examples/postgres/persistence-offboard-example.json |base64 -w 0` \
+    linuxforhealth/fhir-schematool:latest | tee out.log
+```
+
+Using arguments on the commandline
+
+``` shell
+docker run linuxforhealth/fhir-schematool:latest --tool.behavior=offboard --db.host=172.17.0.3 \
+    --db.port=50000 --user=postgres --password=change-password --db.database=fhirdb \
+    --sslConnection=false --db.type=postgresql --schema.name.fhir=fhirdata --grant.to=fhirserver \
+       2>&1 | tee out.log
+```
+
+## Running: Onboard Behavior
+
+Using an encoded persistence.json
+
+*Mac*
+
+```
+docker run  --env ENV_TOOL_INPUT=`cat examples/postgres/persistence-onboard-example.json |base64` \
+    linuxforhealth/fhir-schematool:latest | tee out.log
+```
+
+*Linux*
+
+```
+docker run  --env ENV_TOOL_INPUT=`cat examples/postgres/persistence-onboard-example.json |base64 -w 0` \
+    linuxforhealth/fhir-schematool:latest | tee out.log
+```
+
+Using arguments on the commandline
+
+``` shell
+docker run linuxforhealth/fhir-schematool:latest --tool.behavior=onboard --db.host=172.17.0.3 \
+    --db.port=50000 --user=postgres --password=change-password --db.database=fhirdb \
+    --sslConnection=false --db.type=postgresql --schema.name.fhir=fhirdata --grant.to=fhirserver \
+      2>&1 | tee out.log
+```
+
+************
+# **License**
+
+The LinuxForHealth FHIR Server - Schema Tool is licensed under the Apache 2.0 license. Full license text is available at [LICENSE](https://github.com/LinuxForHealth/FHIR/blob/main/LICENSE).
+
+FHIR® is the registered trademark of HL7 and is used with the permission of HL7. Use of the FHIR trademark does not constitute endorsement of this product by HL7.
+IBM and the IBM logo are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on [https://ibm.com/trademark](https://ibm.com/trademark).

fhir-install-bulkdata/src/main/docker/fhir-schematool/build.sh

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+##############################################################################
+
+if [ -z "${WORKSPACE}" ]
+then
+    echo "The WORKSPACE is not set" 
+    exit 10;
+fi
+
+if [ -z "${BUILD_ID}" ]
+then
+    echo "The Build ID is not set"
+    exit 11;
+fi
+
+# docker login is already complete at this point.
+
+pushd $(pwd)
+
+cd ${WORKSPACE}/fhir-install/src/main/docker/fhir-schematool/
+
+# Copy the files over
+mkdir -p target/
+cp ${WORKSPACE}/fhir-persistence-schema/target/fhir-persistence-schema-*cli.jar target/
+cp ${WORKSPACE}/LICENSE target/
+
+docker build --build-arg FHIR_VERSION=${BUILD_ID} -t linuxforhealth/fhir-schematool:latest .
+DOCKER_IMAGE=$(docker images --filter=reference='linuxforhealth/fhir-schematool:latest' --format "{{.ID}}")
+echo "Docker Image is:  ${DOCKER_IMAGE}"
+
+docker tag ${DOCKER_IMAGE} ghcr.io/linuxforhealth/fhir-schematool:${BUILD_ID}
+docker tag ${DOCKER_IMAGE} ghcr.io/linuxforhealth/fhir-schematool:latest
+docker push ghcr.io/linuxforhealth/fhir-schematool:${BUILD_ID}
+docker push ghcr.io/linuxforhealth/fhir-schematool:latest
+
+popd > /dev/null
+
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/examples/postgres/persistence-debug-custom.json

@@ -0,0 +1,8 @@
+{
+    "persistence": [
+        {
+            "behavior": "custom",
+            "sql": "--create-schemas"
+        }
+    ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/examples/postgres/persistence-debug-example.json

@@ -0,0 +1,7 @@
+{
+    "persistence": [
+        {
+            "behavior": "debug"
+        }
+    ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/examples/postgres/persistence-offboard-example.json

@@ -0,0 +1,27 @@
+{
+    "persistence": [
+        {
+            "db":  {
+                "host": "172.17.0.3",
+                "port": "50000",
+                "database": "fhirdb",
+                "user": "postgres",
+                "password": "change-password",
+                "type": "postgresql",
+                "ssl": "false",
+                "certificate_base64": "empty"
+            },
+            "tenant": {
+                "name": "default3",
+                "key": "custom-key-here"
+            },
+            "schema": {
+                "fhir": "fhirdata",
+                "batch": "",
+                "oauth": ""
+            },
+            "grant":  "fhirserver",
+            "behavior": "offboard"
+        }
+    ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/examples/postgres/persistence-onboard-example.json

@@ -0,0 +1,27 @@
+{
+    "persistence": [
+        {
+            "db":  {
+                "host": "172.17.0.3",
+                "port": "5432",
+                "database": "fhirdb",
+                "user": "postgres",
+                "password": "change-password",
+                "type": "postgresql",
+                "ssl": "false",
+                "certificate_base64": "empty"
+            },
+            "tenant": {
+                "name": "default3",
+                "key": "custom-key-here"
+            },
+            "schema": {
+                "fhir": "fhirdata",
+                "batch": "",
+                "oauth": ""
+            },
+            "grant":  "fhirserver",
+            "behavior": "onboard"
+        }
+    ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1795/1795.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+# Issue - https://github.com/LinuxForHealth/FHIR/issues/1795
+# Create Schemas should support in multiple ways. 
+
+# Pre Condition:
+# 1 - linuxforhealth/fhir-schematool must be built based on the latest.
+#       docker build -t linuxforhealth/fhir-schematool:latest .
+
+# Post Condition: 
+# 1 - Postgres should be started
+# 2 - Tool should complete without any issues/exceptions
+# 3 - The following schemas should exist
+#        fhir_admin
+#        fhirdata3
+#        fhiroauth3
+#        fhirbatch3
+# 
+
+docker-compose up -d db
+
+# schemas that end with 3
+docker-compose run tool --tool.behavior=onboard --db.type=postgresql  \
+    --db.host=db --db.port=5432 --db.database=fhirdb --schema.name.fhir=fhirdata3 \
+    --schema.name.batch=fhirbatch3 --schema.name.oauth=fhiroauth3 \
+    --user=postgres --password=change-password
+
+# schemas that end with 43, except for oauth as default
+docker-compose run tool --tool.behavior=onboard --db.type=postgresql  \
+    --db.host=db --db.port=5432 --db.database=fhirdb --schema.name.fhir=fhirdata43 \
+    --schema.name.batch=fhirbatch43 \
+    --user=postgres --password=change-password
+
+# schemas that uses all defaults
+docker-compose run tool --tool.behavior=onboard --db.type=postgresql  \
+    --db.host=db --db.port=5432 --db.database=fhirdb \
+    --user=postgres --password=change-password
+
+# # schemas that end with 50 for fhirdata only
+docker-compose run tool --tool.behavior=onboard --db.type=postgresql  \
+    --db.host=db --db.port=5432 --db.database=fhirdb --schema.name.fhir=fhirdata50 \
+    --user=postgres --password=change-password
+
+echo SELECT schema_name FROM information_schema.schemata | docker-compose exec -T -e PGPASSWORD=change-password db psql -h db -U postgres fhirdb
+
+docker-compose down -t 1
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1795/docker-compose.yml

@@ -0,0 +1,44 @@
+version: '3.7'
+services:
+  db:
+    image: postgres:12-alpine
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: change-password
+      POSTGRES_USER: postgres
+      POSTGRES_DB: fhirdb
+      PGDATA: /data/postgres
+    shm_size: 256MB
+    tty: true
+    stdin_open: true
+    hostname: db
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+    privileged: true
+    networks:
+      - fhir
+    ports:
+      - "5432:5432"
+  tool:
+    image: linuxforhealth/fhir-schematool:latest
+    restart: always
+    environment:
+      PLACEHOLDER: change-password
+    tty: true
+    stdin_open: true
+    hostname: tool
+    stop_grace_period: 2m
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+      # To use all of 2 gigabytes
+      kernel.shmmax: 1055092736
+      kernel.shmall: 257591
+    privileged: true
+    command: tail -f /dev/null
+    networks:
+      - fhir
+networks:
+  fhir:
+    driver: bridge

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1796/1796.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+# Issue - https://github.com/LinuxForHealth/FHIR/issues/1796
+
+# Don't log out the file isn't found warning.
+
+# Pre Condition:
+# 1 - linuxforhealth/fhir-schematool must be built based on the latest.
+#       docker build -t linuxforhealth/fhir-schematool:latest .
+
+# Post Condition: 
+# 1 - Postgres should be started
+# 2 - No Error Message like 'jq: error: Could not open file /opt/schematool/workarea/persistence.json'
+
+docker-compose up -d db
+
+# Startup
+docker-compose run tool --tool.behavior=onboard --db.type=postgresql  \
+    --db.host=db --db.port=5432 --db.database=fhirdb --schema.name.fhir=fhirdata3 \
+    --user=postgres --password=change-password
+
+docker-compose down -t 1
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1796/docker-compose.yml

@@ -0,0 +1,44 @@
+version: '3.7'
+services:
+  db:
+    image: postgres:12-alpine
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: change-password
+      POSTGRES_USER: postgres
+      POSTGRES_DB: fhirdb
+      PGDATA: /data/postgres
+    shm_size: 256MB
+    tty: true
+    stdin_open: true
+    hostname: db
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+    privileged: true
+    networks:
+      - fhir
+    ports:
+      - "5432:5432"
+  tool:
+    image: linuxforhealth/fhir-schematool:latest
+    restart: always
+    environment:
+      PLACEHOLDER: change-password
+    tty: true
+    stdin_open: true
+    hostname: tool
+    stop_grace_period: 2m
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+      # To use all of 2 gigabytes
+      kernel.shmmax: 1055092736
+      kernel.shmall: 257591
+    privileged: true
+    command: tail -f /dev/null
+    networks:
+      - fhir
+networks:
+  fhir:
+    driver: bridge

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1797/1797.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+# Issue - https://github.com/LinuxForHealth/FHIR/issues/1797
+
+# Don't log out the --pool-size
+
+# Pre Condition:
+# 1 - linuxforhealth/fhir-schematool must be built based on the latest.
+#       docker build -t linuxforhealth/fhir-schematool:latest .
+
+# Post Condition: 
+# 1 - Postgres should be started
+# 2 - No Error Message like 'java.lang.IllegalArgumentException: Invalid SQL object name: --pool-size'
+
+docker-compose up -d db
+
+# Startup
+docker-compose run tool --tool.behavior=onboard --db.type=postgresql  \
+    --db.host=db --db.port=5432 --db.database=fhirdb --schema.name.fhir=fhirdata \
+    --user=postgres --password=change-password
+
+# Check the log
+
+docker-compose down -t 1
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1797/docker-compose.yml

@@ -0,0 +1,44 @@
+version: '3.7'
+services:
+  db:
+    image: postgres:12-alpine
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: change-password
+      POSTGRES_USER: postgres
+      POSTGRES_DB: fhirdb
+      PGDATA: /data/postgres
+    shm_size: 256MB
+    tty: true
+    stdin_open: true
+    hostname: db
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+    privileged: true
+    networks:
+      - fhir
+    ports:
+      - "5432:5432"
+  tool:
+    image: linuxforhealth/fhir-schematool:latest
+    restart: always
+    environment:
+      PLACEHOLDER: change-password
+    tty: true
+    stdin_open: true
+    hostname: tool
+    stop_grace_period: 2m
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+      # To use all of 2 gigabytes
+      kernel.shmmax: 1055092736
+      kernel.shmall: 257591
+    privileged: true
+    command: tail -f /dev/null
+    networks:
+      - fhir
+networks:
+  fhir:
+    driver: bridge

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1802/1802-base64.sh

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+# Issue - https://github.com/LinuxForHealth/FHIR/issues/1802
+
+# Pre Condition:
+# 1 - linuxforhealth/fhir-schematool must be built based on the latest.
+#       docker build -t linuxforhealth/fhir-schematool:latest .
+
+# Post Condition: 
+# 1 - Postgres should be started
+# 2 - No Errors and the schema should work.
+# 3 - Check Version History 
+
+# 1 - Start the db
+docker-compose up -d db
+
+# 2 - Startup
+docker-compose run -e ENV_TOOL_INPUT=$(cat 1802-onboarding.json | base64) tool
+
+# The schemas should exist
+echo SELECT schema_name FROM information_schema.schemata | docker-compose exec -T -e PGPASSWORD=change-password db psql -h db -U postgres fhirdb
+
+# Should be 2700+
+echo 'SELECT COUNT(*) FROM FHIR_ADMIN.VERSION_HISTORY' | docker-compose exec -T -e PGPASSWORD=change-password db psql -h db -U postgres fhirdb
+
+docker-compose down -t 1
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1802/1802-onboarding.json

@@ -0,0 +1,22 @@
+{
+    "persistence": [
+        {
+            "db":  {
+                "host": "db",
+                "port": "5432",
+                "database": "fhirdb",
+                "user": "postgres",
+                "password": "change-password",
+                "type": "postgresql",
+                "ssl": "false",
+                "certificate_base64": "empty"
+            },
+            "schema": {
+                "fhir": "fhirdata",
+                "batch": "",
+                "oauth": ""
+            },
+            "behavior": "onboard"
+        }
+    ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1802/1802-plain.sh

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+# Issue - https://github.com/LinuxForHealth/FHIR/issues/1802
+
+# Pre Condition:
+# 1 - linuxforhealth/fhir-schematool must be built based on the latest.
+#       docker build -t linuxforhealth/fhir-schematool:latest .
+
+# Post Condition: 
+# 1 - Postgres should be started
+# 2 - No Errors and the schema should work.
+# 3 - Check Version History 
+
+# 1 - Start the db
+docker-compose up -d db
+
+# 2 - Startup
+docker-compose run -e ENV_TOOL_INPUT="$(cat 1802-onboarding.json)" tool
+
+# The schemas should exist
+echo SELECT schema_name FROM information_schema.schemata | docker-compose exec -T -e PGPASSWORD=change-password db psql -h db -U postgres fhirdb
+
+# Should be 2700+
+echo 'SELECT COUNT(*) FROM FHIR_ADMIN.VERSION_HISTORY' | docker-compose exec -T -e PGPASSWORD=change-password db psql -h db -U postgres fhirdb
+
+docker-compose down -t 1
+# EOF

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/1802/docker-compose.yml

@@ -0,0 +1,37 @@
+version: '3.7'
+services:
+  db:
+    image: postgres:12-alpine
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: change-password
+      POSTGRES_USER: postgres
+      POSTGRES_DB: fhirdb
+      PGDATA: /data/postgres
+    shm_size: 256MB
+    tty: true
+    stdin_open: true
+    hostname: db
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+    privileged: true
+    ports:
+      - "5432:5432"
+  tool:
+    image: linuxforhealth/fhir-schematool:latest
+    restart: always
+    environment:
+      PLACEHOLDER: change-password
+    tty: true
+    stdin_open: true
+    hostname: tool
+    stop_grace_period: 2m
+    sysctls:
+      net.core.somaxconn: 256
+      net.ipv4.tcp_syncookies: 0
+      # To use all of 2 gigabytes
+      kernel.shmmax: 1055092736
+      kernel.shmall: 257591
+    privileged: true
+    command: tail -f /dev/null

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/cp/postgres-onboard-noschema.json

@@ -0,0 +1,22 @@
+{
+  "persistence": [
+      {
+          "db":  {
+              "host": "**********.databases.appdomain.cloud",
+              "port": "32195",
+              "database": "ibmclouddb",
+              "user": "*****",
+              "password": "*****",
+              "type": "postgresql",
+              "ssl": "true",
+              "certificate_base64": "******="
+          },
+          "tenant": {
+              "name": "default",
+              "key": "custom-key-here"
+          },
+          "grant":  "fhirserver",
+          "behavior": "onboard"
+      }
+  ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/cp/postgres-onboard.json

@@ -0,0 +1,27 @@
+{
+  "persistence": [
+      {
+          "db":  {
+              "host": "************.databases.appdomain.cloud",
+              "port": "32195",
+              "database": "ibmclouddb",
+              "user": "************",
+              "password": "************",
+              "type": "postgresql",
+              "ssl": "true",
+              "certificate_base64": "************"
+          },
+          "tenant": {
+              "name": "default",
+              "key": "custom-key-here"
+          },
+          "schema": {
+              "fhir": "fhirdata",
+              "batch": "",
+              "oauth": ""
+          },
+          "grant":  "fhirserver",
+          "behavior": "onboard"
+      }
+  ]
+}

fhir-install-bulkdata/src/main/docker/fhir-schematool/tests/cp/test.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+# ----------------------------------------------------------------------------
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+# ----------------------------------------------------------------------------
+
+docker run --env ENV_TOOL_INPUT=$(cat postgres-onboard.json | base64) \
+    linuxforhealth/fhir-schematool:latest
+
+docker run --env ENV_TOOL_INPUT=$(cat postgres-onboard-noschema.json | base64) \
+    linuxforhealth/fhir-schematool:latest

fhir-install-bulkdata/src/main/resources/docs/README.txt

@@ -0,0 +1,5 @@
+The IBM FHIR Server User Guide has moved to https://linuxforhealth.github.io/FHIR/
+
+The source is available at https://github.com/LinuxForHealth/fhir/tree/main/docs
+
+FHIR® is the registered trademark of HL7 and is used with the permission of HL7.

fhir-install-bulkdata/src/main/resources/scripts/install.bat

@@ -0,0 +1,138 @@
+@echo off
+@REM ----------------------------------------------------------------------------
+@REM (C) Copyright IBM Corp. 2022
+@REM
+@REM SPDX-License-Identifier: Apache-2.0
+@REM ----------------------------------------------------------------------------
+
+SETLOCAL ENABLEDELAYEDEXPANSION
+
+set LIBERTY_VERSION=22.0.0.10
+
+echo Executing %0 to deploy the fhir-bulkdata-server web application...
+
+@REM Make sure that JAVA_HOME is set
+if "-%JAVA_HOME%-"=="--" (
+    echo "Error: JAVA_HOME not set; make sure JAVA_HOME points to a Java 11 JVM and then re-try."
+    set rc=1
+    goto :exit
+) else (
+    set JAVA_CMD="%JAVA_HOME%\bin\java.exe"
+    if not exist !JAVA_CMD! (
+        echo Error: Incorrect JAVA_HOME value: %JAVA_HOME%
+    set rc=1
+    goto :exit
+    )
+)
+
+@REM echo JAVA_HOME: %JAVA_HOME%
+@REM echo JAVA_CMD: %JAVA_CMD%
+@REM set rc=1
+@REM goto :exit
+
+@REM Determine the location of this script.
+set BASEDIR=%~dp0
+
+@REM Remove any trailing \ from BASEDIR
+if %BASEDIR:~-1%==\ set BASEDIR=%BASEDIR:~0,-1%
+
+@REM Default liberty install location
+cd %BASEDIR%\..
+set UNZIP_LOC=%CD%
+set WLP_INSTALL_DIR=%UNZIP_LOC%\liberty-runtime
+
+@REM Allow user to override default install location
+if not "-%1-"=="--" set WLP_INSTALL_DIR=%1
+
+@REM Add a trailing \ to WLP_INSTALL_DIR if needed
+if not "%WLP_INSTALL_DIR:~-1%"=="\" set WLP_INSTALL_DIR=%WLP_INSTALL_DIR%\
+
+echo Deploying fhir-bulkdata-server in location: %WLP_INSTALL_DIR%
+
+@REM If the liberty install directory doesnt exist, then create it.
+if not exist %WLP_INSTALL_DIR% (
+    echo The Liberty installation directory does not exist; attempting to create it...
+    mkdir %WLP_INSTALL_DIR%
+    if errorlevel 1 (
+        set rc=%ERRORLEVEL%
+        echo Error creating installation directory: %rc%
+        goto :exit
+    )
+)
+
+@REM Unzip liberty runtime zip
+echo Extracting the Liberty runtime...
+call :UnZip  %BASEDIR%\openliberty-runtime-%LIBERTY_VERSION%.zip\  %WLP_INSTALL_DIR%
+if %rc% neq 0 (
+    echo Error extracting liberty runtime: %rc%
+    goto :exit
+)
+
+@REM Save the liberty home directory.
+set WLP_ROOT=%WLP_INSTALL_DIR%wlp
+
+@REM Create our server
+echo Creating the Liberty defaultServer...
+%COMSPEC% /c %WLP_ROOT%\bin\server.bat create defaultServer
+if errorlevel 1 (
+    set rc=%ERRORLEVEL%
+    echo Error creating server definition: %rc%
+    goto :exit
+)
+
+@REM Copy our server assets
+echo Deploying fhir-bulkdata-server assets to the server runtime environment.
+xcopy /S /Y /Q %BASEDIR%\artifacts\* %WLP_ROOT%\usr\
+if errorlevel 1 (
+    set rc=%ERRORLEVEL%
+    echo Error deploying fhir-bulkdata-server assets to server runtime environment: %rc%
+    goto :exit
+)
+
+
+echo The FHIR Bulkdata Server has been successfully deployed to the Liberty runtime
+echo at: %WLP_ROOT%
+echo The fhir-server application requires Java 11.
+echo If you do not have one, a copy of the Java 11 SDK can be obtained at https://adoptium.net.
+echo The following steps must be completed before the server can be started:
+echo 1. Set the JAVA_HOME environment variable for your Java installation.
+echo 2. If using a database other than the embedded derby one, make sure that your selected database
+echo    is active and ready to accept requests.
+echo 3. Deploy the database schema via the fhir-persistence-schema cli jar under %BASEDIR%\tools
+echo    and grant necessary permissions.
+echo 4. Modify the Liberty server config by adding/removing/modifying the XML snippets under
+echo    %WLP_ROOT%\usr\servers\defaultServer\configDropins to configure datasource definitions, 
+echo    TLS configuration (keystores), webapp security, and more.
+echo 5. Modify the FHIR Bulkdata server config (fhir-server-config.json) under
+echo    %WLP_ROOT%\usr\servers\defaultServer\config to configure the persistence, resource endpoints,
+echo    and related FHIR server features.
+echo You can start and stop the server with these commands:
+echo    %WLP_ROOT%\bin\server.bat start
+echo    %WLP_ROOT%\bin\server.bat stop
+set rc=0
+goto :exit
+
+
+@REM This function will unzip %1 into the directory %2
+@REM by creating a VB script and executing it.
+:UnZip
+set vbs="%temp%\_.vbs"
+if exist %vbs% del /f /q %vbs%
+>%vbs% echo Set fso = CreateObject("Scripting.FileSystemObject")
+>>%vbs% echo strDest = "%2"
+>>%vbs% echo strZipFileName = "%1"
+>>%vbs% echo If NOT fso.FolderExists(strDest) Then
+>>%vbs% echo     fso.CreateFolder(strDest)
+>>%vbs% echo End If
+>>%vbs% echo set objShell = CreateObject("Shell.Application")
+>>%vbs% echo set FilesInZip=objShell.NameSpace(strZipFileName).items
+>>%vbs% echo objShell.NameSpace(strDest).CopyHere(FilesInZip)
+>>%vbs% echo Set fso = Nothing
+>>%vbs% echo Set objShell = Nothing
+cscript //nologo %vbs%
+set rc=%ERRORLEVEL%
+if exist %vbs% del /f /q %vbs%
+goto :eof
+
+:exit
+%COMSPEC% /c exit /b %rc%

fhir-install-bulkdata/src/main/resources/scripts/install.sh

@@ -0,0 +1,107 @@
+#!/usr/bin/env sh
+###############################################################################
+# (C) Copyright IBM Corp. 2022
+#
+# SPDX-License-Identifier: Apache-2.0
+###############################################################################
+
+export LIBERTY_VERSION="22.0.0.10"
+
+echo "
+Executing $0 to deploy the fhir-bulkdata-server web application...
+"
+
+# Determine the location of this script.
+# basedir=`dirname "$0"`
+cd $(dirname $0); basedir="$(pwd)"
+
+# Default liberty install location
+UNZIP_LOC=`unset CDPATH; cd "$basedir/.." && pwd`
+LIBERTY_INSTALL_DIR="${UNZIP_LOC}/liberty-runtime"
+
+# Allow user to override default install location
+if [ $# -gt 0 ]
+then
+    LIBERTY_INSTALL_DIR=$1
+fi
+
+echo "Deploying in location: ${LIBERTY_INSTALL_DIR}"
+
+# Save the liberty home directory.
+LIBERTY_ROOT=${LIBERTY_INSTALL_DIR}/wlp
+
+if [ -d "$LIBERTY_ROOT" ]; then
+    # If the liberty install directory exists, make sure we actually have Liberty installed there.
+    if [ -f "${LIBERTY_ROOT}/bin/server" ]; then
+        echo "Using the existing Liberty installation:"
+        ${LIBERTY_ROOT}/bin/productInfo version
+    else
+        echo "
+Invalid installation directory specified for Liberty runtime: ${LIBERTY_ROOT}
+If the installation directory exists then it must contain a valid Liberty runtime."
+        exit 1
+    fi
+else
+    # If the liberty install directory doesn't exist, then create it.
+    echo "Extracting the Liberty runtime... "
+    unzip -qq ${basedir}/openliberty-runtime-${LIBERTY_VERSION}.zip -d ${LIBERTY_INSTALL_DIR}
+    rc=$?
+    if [ $rc != 0 ]; then
+        echo "Error extracting liberty runtime: $rc"
+        exit $rc
+    else
+        echo "done!"
+    fi
+fi
+
+# Create the defaultServer if necessary.
+if [ ! -d "${LIBERTY_ROOT}/usr/servers/defaultServer" ]; then
+    echo "Creating the Liberty defaultServer... "
+    ${LIBERTY_ROOT}/bin/server create defaultServer
+    rc=$?
+    if [ $rc != 0 ]; then
+        echo "Error creating server definition: $rc"
+        exit $rc
+    fi
+fi
+
+# Copy our server assets
+echo "Deploying fhir-bulkdata-server assets to the server runtime environment... "
+cp -r ${basedir}/artifacts/* ${LIBERTY_ROOT}/usr/
+rc=$?
+if [ $rc != 0 ]; then
+    echo "Error deploying fhir-bulkdata-server assets to server runtime environment: $rc"
+    exit $rc
+else
+    echo "done!"
+fi
+
+echo "
+
+The FHIR Bulkdata Server has been successfully deployed to the Liberty runtime
+at: ${LIBERTY_ROOT}
+
+The fhir-bulkdata-server application requires Java 11.
+If you do not have one, a copy of the Java 11 SDK can be obtained at https://adoptium.net.
+The following steps must be completed before the server can be started:
+
+1) Set the JAVA_HOME environment variable for your Java installation.
+
+2) If using a database other than the embedded derby one, make sure that your selected database
+   is active and ready to accept requests.
+
+3) Deploy the database schema via the fhir-persistence-schema cli jar under ${basedir}/tools
+   and grant necessary permissions.
+
+4) Modify the Liberty server config (server.xml) by adding/removing/modifying the XML snippets under
+   ${LIBERTY_ROOT}/usr/servers/defaultServer/configDropins to configure datasource definitions,
+   TLS configuration (keystores), webapp security, and more.
+
+5) Modify the FHIR Bulkdata server config (fhir-server-config.json) under
+   ${LIBERTY_ROOT}/usr/servers/defaultServer/config to configure the persistence, resource endpoints,
+   and related FHIR server features.
+
+You can start and stop the server with these commands:
+   ${LIBERTY_ROOT}/bin/server start
+   ${LIBERTY_ROOT}/bin/server stop
+"

fhir-install/pom.xml

@@ -14,12 +14,6 @@
     <packaging>pom</packaging>
 
     <dependencies>
-        <dependency>
-            <groupId>${project.groupId}</groupId>
-            <artifactId>fhir-bulkdata-webapp</artifactId>
-            <version>${project.version}</version>
-            <type>war</type>
-        </dependency>
         <dependency>
             <groupId>${project.groupId}</groupId>
             <artifactId>fhir-server-webapp</artifactId>

fhir-install/src/main/assembly/distribution.xml

@@ -32,11 +32,6 @@
             <outputDirectory>artifacts/servers/defaultServer/apps</outputDirectory>
             <fileMode>0755</fileMode>
         </file>
-        <file>
-            <source>../fhir-bulkdata-webapp/target/fhir-bulkdata-webapp.war</source>
-            <outputDirectory>artifacts/servers/defaultServer/apps</outputDirectory>
-            <fileMode>0755</fileMode>
-        </file>
         <file>
             <source>../fhir-openapi/target/fhir-openapi.war</source>
             <outputDirectory>artifacts/servers/defaultServer/apps</outputDirectory>

fhir-install/src/main/docker/fhir-server/bootstrap.sh

@@ -50,11 +50,14 @@ function _call_derby_db {
 function _bootstrap_db {
     if [ "$PERFORM_BOOTSTRAP_DB" = "true" ]
     then
+        echo "Performing Derby database bootstrapping"
         info "Performing Derby database bootstrapping"
         _call_derby_db "--update-schema"
+        echo "Finished Derby database bootstrapping"
         info "Finished Derby database bootstrapping"
     else
         info "Skipping Derby database bootstrapping"
+        echo "Skipping Derby database bootstrapping"
     fi
 }
 

fhir-parent/pom.xml

@@ -116,6 +116,7 @@
         <module>../fhir-swagger-generator</module>
         <module>../fhir-openapi</module>
         <module>../fhir-install</module>
+        <module>../fhir-install-bulkdata</module>
     </modules>
 
     <!-- This section "enforces" that we're using consistent versions of

fhir-persistence-jdbc/src/main/java/org/linuxforhealth/fhir/persistence/jdbc/connection/FHIRDbConnectionStrategyBase.java

@@ -132,6 +132,7 @@ protected Connection getConnection(DataSource datasource, String tenantId, Strin
 
             // configure the connection if it's the first time we've accessed it in this transaction
             configure(connection, tenantId, dsId);
+            log.info("DB Connection schema: " + connection.getSchema());
         } catch (Throwable t) {
             // clean up if something goes wrong during configuration
             try {

fhir-server-webapp/pom.xml

@@ -152,16 +152,7 @@
                             </dependency>
                             <location>${project.build.directory}/liberty/wlp/usr/servers/defaultServer/userlib/</location>
                         </dependencyGroup>
-                        <dependencyGroup>
-                            <dependency>
-                                <groupId>org.linuxforhealth.fhir</groupId>
-                                <artifactId>fhir-bulkdata-webapp</artifactId>
-                                <version>${project.version}</version>
-                                <type>war</type>
-                            </dependency>
-                            <stripVersion>true</stripVersion>
-                            <location>${project.build.directory}/liberty/wlp/usr/servers/defaultServer/dropins/</location>
-                        </dependencyGroup>
+
                     </copyDependencies>
                 </configuration>
                 <executions>

fhir-server-webapp/src/main/liberty/bulkdata/bulkdata.xml

@@ -0,0 +1,145 @@
+<server description="fhir-server">
+
+    <!-- Enable features -->
+    <featureManager>
+        <feature>transportSecurity-1.0</feature>
+        <feature>appSecurity-2.0</feature>
+        <feature>jaxrs-2.1</feature>
+        <feature>servlet-4.0</feature>
+        <feature>jdbc-4.1</feature>
+        <feature>websocket-1.1</feature>
+        <feature>localConnector-1.0</feature>
+        <feature>batch-1.0</feature>
+        <feature>batchManagement-1.0</feature>
+        <!-- mpJwt-1.2 isn't used by default,
+             but we include it here to avoid NoClassDefFound in our classes that *can* use it -->
+    </featureManager>
+
+    <authorization-roles id="com.ibm.ws.batch">
+        <security-role id="batchAdmin" name="batchAdmin">
+            <user id="batchAdminUser" name="fhiradmin"/>
+        </security-role>
+        <security-role id="batchSubmitter" name="batchSubmitter">
+            <user id="batchSubmitterUser" name="fhiruser"/>
+        </security-role>
+        <security-role id="batchMonitor" name="batchMonitor">
+            <user id="batchMonitorUser1" name="fhiradmin"/>
+            <user id="batchMonitorUser2" name="fhiruser"/>
+        </security-role>
+    </authorization-roles>
+
+    <!-- Disable welcome page so that internal server info won't be revealed in responses
+         to requests with an invalid context root.
+    -->
+    <httpDispatcher enableWelcomePage="false"/>
+    <!-- Disable X-Powered-By header to avoid leaking information and
+         override the default error pages to avoid showing stack traces
+         for nonsensical queries like requests for a JSP page that doesn't exist.
+    -->
+    <webContainer disableXPoweredBy="true"
+                  displayTextWhenNoErrorPageDefined="Unexpected request/response. Please check the URL and try again."
+                  deferServletLoad="false"/>
+
+    <!-- LinuxForHealth FHIR Server's keystore and truststore configuration -->
+    <ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore" trustStoreRef="defaultTrustStore" clientAuthenticationSupported="true" sslProtocol="TLSv1.2"/>
+    <keyStore id="defaultKeyStore" location="${server.config.dir}/resources/security/fhirKeyStore.p12" password="change-password"/>
+    <keyStore id="defaultTrustStore" location="${server.config.dir}/resources/security/fhirTrustStore.p12" password="change-password"/>
+
+    <!-- This entry defines the ports that the server will listen on.
+        By default, the httpPort is disabled (set to "-1").
+        Modify the port #'s as needed to satisfy your config requirements.
+        Note: on Linux, the server must be running with root priviledges in order to
+        listen on ports <= 1024.
+     -->
+    <httpEndpoint id="defaultHttpEndpoint" host="*" httpPort="-1" httpsPort="9445" onError="FAIL"/>
+
+    <!-- Prevent the HTTP channel from throwing an I/O exception when an inbound connection is closed while still in use. -->
+    <httpOptions id="defaultHttpOptions" ThrowIOEForInboundConnections="false"/>
+
+    <!--
+        The trace specification can be set via the TRACE_SPEC environment variable (or by overriding it below).
+
+        Example trace specifications:
+        <logging traceSpecification="*=info:org.linuxforhealth.fhir.*=finer" traceFormat="BASIC"/>
+        <logging traceSpecification="org.linuxforhealth.fhir.persistence.jdbc.dao.impl.*=fine:org.linuxforhealth.fhir.database.utils.query.*=fine" traceFormat="BASIC"/>
+        <logging traceSpecification="${TRACE_SPEC}" traceFileName="${TRACE_FILE}" traceFormat="${TRACE_FORMAT}" consoleLogLevel="${WLP_LOGGING_CONSOLE_LOGLEVEL}"/>
+
+        To send the trace messages to standard out, set TRACE_FILE to "stdout".
+    -->
+    <variable name="TRACE_SPEC" defaultValue="*=info"/>
+    <variable name="TRACE_FILE" defaultValue="trace.log"/>
+    <variable name="TRACE_FORMAT" defaultValue="BASIC"/>
+    <variable name="WLP_LOGGING_CONSOLE_LOGLEVEL" defaultValue="INFO"/>
+    <logging traceSpecification="${TRACE_SPEC}" traceFileName="${TRACE_FILE}" traceFormat="${TRACE_FORMAT}" consoleLogLevel="${WLP_LOGGING_CONSOLE_LOGLEVEL}"/>
+
+    <!-- Automatically expand WAR files and EAR files -->
+    <applicationManager autoExpand="true"/>
+
+    <applicationMonitor updateTrigger="mbean"/>
+
+    <!-- This is the main LinuxForHealth FHIR Server REST API war -->
+    <webApplication id="fhir-bulkdata-webapp" location="fhir-bulkdata-webapp.war" name="fhir-bulkdata-webapp" contextRoot="fhir-bulkdata-server/api/v4">
+        <classloader privateLibraryRef="fhirUserLib"/>
+        <application-bnd>
+            <security-role id="users" name="FHIRUsers">
+                <group id="bulkUsersGroup" name="FHIRUsers"/>
+            </security-role>
+        </application-bnd>
+    </webApplication>
+
+    <!--
+        This sharedlib can contain user-contributed jars that are intended to augment
+        the LinuxForHealth FHIR Server installation (persistence interceptors, persistence layer impl's,
+        custom operation impl's, etc.)
+     -->
+    <library id="fhirUserLib">
+        <fileset dir="${server.config.dir}/userlib" includes="*.jar"/>
+    </library>
+
+    <!-- Shared library definitions for the supported database types -->
+    <library id="sharedLibDerby">
+        <fileset dir="${shared.resource.dir}/lib/derby" includes="*.jar"/>
+    </library>
+    <library id="sharedLibPostgres">
+        <fileset dir="${shared.resource.dir}/lib/postgresql" includes="*.jar"/>
+    </library>
+
+    <webAppSecurity allowFailOverToBasicAuth="true" singleSignonEnabled="false"/>
+
+    <cors domain="/"
+          allowedOrigins="*"
+          allowedMethods="GET, DELETE, POST, PUT, HEAD"
+          allowedHeaders="*"
+          maxAge="3600" />
+
+    <!-- Variables for the users so they can be overriden by environment variables -->
+    <variable name="FHIR_USER_PASSWORD" defaultValue="change-password"/>
+    <variable name="FHIR_ADMIN_PASSWORD" defaultValue="change-password"/>
+
+    <!-- Define a basic user registry with a few users. -->
+    <basicRegistry id="basic" realm="BasicRealm">
+        <user name="fhiruser" password="${FHIR_USER_PASSWORD}"/>
+        <user name="fhiradmin" password="${FHIR_ADMIN_PASSWORD}"/>
+        <group name="FHIRUsers">
+            <member name="fhiruser"/>
+        </group>
+        <group name="clientAdministrator">
+            <member name="fhiruser"/>
+        </group>
+        <group name="FHIRAdmins">
+            <member name="fhiradmin"/>
+        </group>
+    </basicRegistry>
+
+    <batchPersistence jobStoreRef="BatchDatabaseStore"/>
+
+    <variable name="BATCH_DB_SCHEMA" defaultValue="FHIR_JBATCH"/>
+    <databaseStore dataSourceRef="fhirbatchDS" id="BatchDatabaseStore" schema="${BATCH_DB_SCHEMA}" tablePrefix="" createTables="false"/>
+
+    <!--
+         The defaultHostName is subsequently used in the bulkdata configuration and must be set to avoid liberty batch issues.
+         For example, in the helm chart:
+         https://github.com/Alvearie/alvearie-helm/blob/main/charts/ibm-fhir-server/templates/deployment.yaml#L179
+    -->
+    <variable name="defaultHostName" value="${env.MY_POD_NAME}"/>
+</server>

fhir-server-webapp/src/main/liberty/bulkdata/disabled/derby/datasource-bulkdata.xml

@@ -0,0 +1,7 @@
+<server>
+    <dataSource id="fhirbatchDS" jndiName="jdbc/fhirbatchDB" type="javax.sql.XADataSource" statementCacheSize="200" syncQueryTimeoutWithTransactionTimeout="true" validationTimeout="30s">
+        <jdbcDriver javax.sql.XADataSource="org.apache.derby.jdbc.EmbeddedXADataSource" libraryRef="sharedLibDerby"/>
+        <properties.derby.embedded databaseName="derby/fhirDB"/>
+        <connectionManager maxPoolSize="50" minPoolSize="10"/>
+    </dataSource>
+</server>

fhir-server-webapp/src/main/liberty/bulkdata/disabled/postgres/datasource-bulkdata.xml

@@ -0,0 +1,22 @@
+<server>
+    <variable name="BATCH_DB_HOSTNAME" defaultValue=""/>
+    <variable name="BATCH_DB_NAME" defaultValue="FHIRDB"/>
+    <variable name="BATCH_DB_SCHEMA" defaultValue="FHIR_JBATCH"/>
+    <variable name="BATCH_DB_PORT" defaultValue="5432"/>
+    <variable name="BATCH_DB_USER" defaultValue="fhirserver"/>
+    <variable name="BATCH_DB_PASS" defaultValue=""/>
+    <variable name="BATCH_DB_SSL" defaultValue="true"/>
+    <variable name="BATCH_DB_SSL_CERT_PATH" defaultValue=""/>
+
+    <dataSource id="fhirbatchDS" jndiName="jdbc/fhirbatchDB" type="javax.sql.XADataSource" statementCacheSize="200" syncQueryTimeoutWithTransactionTimeout="true" validationTimeout="30s">
+        <jdbcDriver javax.sql.XADataSource="org.postgresql.xa.PGXADataSource" libraryRef="sharedLibPostgres"/>
+        <properties.postgresql
+            databaseName="${BATCH_DB_NAME}"
+            portNumber="${BATCH_DB_PORT}"
+            serverName="${BATCH_DB_HOSTNAME}"
+            user="${BATCH_DB_USER}"
+            password="${BATCH_DB_PASS}" 
+            ssl="${BATCH_DB_SSL}"
+            sslCert="${BATCH_DB_SSL_CERT_PATH}"/>
+    </dataSource>
+</server>

fhir-server-webapp/src/main/liberty/config/config/default/fhir-server-config.json

@@ -137,7 +137,7 @@
             "enabled": true,
             "core": {
                 "api": {
-                    "url": "https://localhost:9443/ibm/api/batch",
+                    "url": "https://localhost:8443/ibm/api/batch",
                     "user": "fhiradmin",
                     "password": "change-password",
                     "truststore": "resources/security/fhirTrustStore.p12",

fhir-server-webapp/src/test/liberty/config/config/default/fhir-server-config-postgresql-azurite.json

@@ -321,7 +321,7 @@
       "enabled": true,
       "core": {
         "api": {
-          "url": "https://localhost:9443/ibm/api/batch",
+          "url": "https://fhirbulkdata:9445/ibm/api/batch",
           "user": "fhiradmin",
           "password": "change-password",
           "truststore": "resources/security/fhirTrustStore.p12",

fhir-server-webapp/src/test/liberty/config/config/default/fhir-server-config-postgresql-minio.json

@@ -311,7 +311,7 @@
       "enabled": true,
       "core": {
         "api": {
-          "url": "https://localhost:9443/ibm/api/batch",
+          "url": "https://fhirbulkdata:9445/ibm/api/batch",
           "user": "fhiradmin",
           "password": "change-password",
           "truststore": "resources/security/fhirTrustStore.p12",

operation/fhir-operation-bulkdata/src/main/java/org/linuxforhealth/fhir/operation/bulkdata/client/action/batch/BatchCancelRequestAction.java

@@ -113,33 +113,14 @@ public void run(String tenant, String job) throws FHIROperationException {
 
         // Stop the Job's execution across all JobExecutions
         stopJobExecutions(jobExecutions);
-
-        if (supportsDeleteJob()) {
-            deleteJob(job);
-        } else {
-            throw export.buildOperationException("Job deletion is not supported with the default Java Batch (in-memory) datastore. The Java Batch schema must be deployed and configured.", IssueType.NOT_SUPPORTED);
-        }
+        deleteJob(job);
 
         // Check for a server-side error
         if (Status.INTERNAL_SERVER_ERROR == result) {
             throw export.buildOperationException("Canceling the Bulk Data Request has failed for the job; the content is not abandonded", IssueType.EXCEPTION);
         }
     }
 
-    /**
-     * @return True when there is a fhirbatchDb jndi instance, else, we have to assume this is in memory ONLY (also known as False).
-     */
-    private boolean supportsDeleteJob() {
-        try {
-            Context ctx = new InitialContext();
-            ctx.lookup("jdbc/fhirbatchDB");
-            return true;
-        } catch (Exception ex) {
-            LOG.throwing(CLASSNAME, "supportsDeleteJob", ex);
-            return false;
-        }
-    }
-
     /**
      * verify the tenant
      *