From 7d4b877bff56eb60e44e5a537f8eb5caf1359f5f Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 11:19:14 +0100
Subject: [PATCH 1/7] update container for http4s

---
 .github/Dockerfile_PreBuild           | 11 ++++-------
 .github/Dockerfile_PreBuild_Jmx       |  9 ---------
 .github/workflows/build_container.yml |  4 ++--
 3 files changed, 6 insertions(+), 18 deletions(-)
 delete mode 100644 .github/Dockerfile_PreBuild_Jmx

diff --git a/.github/Dockerfile_PreBuild b/.github/Dockerfile_PreBuild
index 7827150243..52f3c14098 100644
--- a/.github/Dockerfile_PreBuild
+++ b/.github/Dockerfile_PreBuild
@@ -1,10 +1,7 @@
-FROM jetty:9.4-jdk11-alpine
+FROM gcr.io/distroless/java17-debian12
 
-ENV JMX_EXPORTER_VERSION=1.2.0
-
-# To enable add "-javaagent:$JETTY_BASE/jmx-exporter.jar=8090:$JETTY_BASE/prometheus_config.yml" to the JAVA_OPTIONS
-RUN wget https://github.com/prometheus/jmx_exporter/releases/download/$JMX_EXPORTER_VERSION/jmx_prometheus_javaagent-$JMX_EXPORTER_VERSION.jar -o /var/lib/jetty/jmx-exporter.jar
-COPY .github/jmx_exporter.config /var/lib/jetty/prometheus_config.yml
 # Copy OBP source code
 # Copy build artifact (.war file) into jetty from 'maven' stage.
-COPY /obp-api/target/obp-api-1.*.war /var/lib/jetty/webapps/ROOT.war
+COPY /obp-api/target/obp-http4s-runner.jar /app/obp-http4s-runner.jar
+WORKDIR /app
+CMD ["obp-http4s-runner.jar"]
\ No newline at end of file
diff --git a/.github/Dockerfile_PreBuild_Jmx b/.github/Dockerfile_PreBuild_Jmx
deleted file mode 100644
index 1fceef430a..0000000000
--- a/.github/Dockerfile_PreBuild_Jmx
+++ /dev/null
@@ -1,9 +0,0 @@
-FROM jetty:9.4-jdk11-alpine
-
-# Copy OBP source code
-# Copy build artifact (.war file) into jetty from 'maven' stage.
-COPY /jmx_prometheus_javaagent-0.20.0.jar /var/lib/jetty/jmx_prometheus_javaagent-0.20.0.jar
-COPY /.github/jmx_exporter.config /var/lib/jetty/prometheus_config.yml
-COPY /obp-api/target/obp-api-1.*.war /var/lib/jetty/webapps/ROOT.war
-
-CMD ["java -jar $JETTY_HOME/start.jar -javaagent:$JETTY_BASE/jmx_prometheus_javaagent-0.20.0.jar=8090:$JETTY_BASE/prometheus_config.yml"]
\ No newline at end of file
diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml
index c3ddf5a7f2..43c27b2cf5 100644
--- a/.github/workflows/build_container.yml
+++ b/.github/workflows/build_container.yml
@@ -107,10 +107,10 @@ jobs:
             **/target/site/surefire-report.html
             **/target/site/surefire-report/*
 
-      - name: Save .war artifact
+      - name: Save .jar artifact
         run: |
           mkdir -p ./push
-          cp obp-api/target/obp-api-1.*.war ./push/
+          cp obp-api/target/obp-http4s-runner.jar ./push/
       - uses: actions/upload-artifact@v4
         with:
           name: ${{ github.sha }}

From 11fdb7d7ca05867a0150df873dac52ed26e78961 Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 12:04:26 +0100
Subject: [PATCH 2/7] update container for http4s

---
 .github/Dockerfile_PreBuild           | 2 +-
 .github/workflows/build_container.yml | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/Dockerfile_PreBuild b/.github/Dockerfile_PreBuild
index 52f3c14098..39f9a8746d 100644
--- a/.github/Dockerfile_PreBuild
+++ b/.github/Dockerfile_PreBuild
@@ -2,6 +2,6 @@ FROM gcr.io/distroless/java17-debian12
 
 # Copy OBP source code
 # Copy build artifact (.war file) into jetty from 'maven' stage.
-COPY /obp-api/target/obp-http4s-runner.jar /app/obp-http4s-runner.jar
+COPY /obp-http4s-runner/target/obp-http4s-runner.jar /app/obp-http4s-runner.jar
 WORKDIR /app
 CMD ["obp-http4s-runner.jar"]
\ No newline at end of file
diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml
index 43c27b2cf5..2c5fdd0a4a 100644
--- a/.github/workflows/build_container.yml
+++ b/.github/workflows/build_container.yml
@@ -108,9 +108,10 @@ jobs:
             **/target/site/surefire-report/*
 
       - name: Save .jar artifact
+        continue-on-error: true
         run: |
           mkdir -p ./push
-          cp obp-api/target/obp-http4s-runner.jar ./push/
+          cp obp-http4s-runner/target/obp-http4s-runner.jar ./push/
       - uses: actions/upload-artifact@v4
         with:
           name: ${{ github.sha }}

From 9ac18238849eef4149f42417127a7ef7cf61d550 Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 12:48:54 +0100
Subject: [PATCH 3/7] update container for http4s - for pull request

---
 .github/workflows/build_pull_request.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build_pull_request.yml b/.github/workflows/build_pull_request.yml
index ac551c7b9d..5fc4a74074 100644
--- a/.github/workflows/build_pull_request.yml
+++ b/.github/workflows/build_pull_request.yml
@@ -111,10 +111,10 @@ jobs:
             **/target/site/surefire-report.html
             **/target/site/surefire-report/*
 
-      - name: Save .war artifact
+      - name: Save .jar artifact
         run: |
           mkdir -p ./pull
-          cp obp-api/target/obp-api-1.*.war ./pull/
+          cp obp-http4s-runner/target/obp-http4s-runner.jar ./pull/
       - uses: actions/upload-artifact@v4
         with:
           name: ${{ github.sha }}

From e08e20a01ff6201d550621f18f36afeb11af3125 Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 13:27:49 +0100
Subject: [PATCH 4/7] debug reflection in container runtime

---
 .github/workflows/build_container.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml
index 2c5fdd0a4a..642ce582c2 100644
--- a/.github/workflows/build_container.yml
+++ b/.github/workflows/build_container.yml
@@ -68,6 +68,17 @@ jobs:
           echo ResetPasswordUrlEnabled=true >> obp-api/src/main/resources/props/test.default.props
 
           echo consents.allowed=true >> obp-api/src/main/resources/props/test.default.props
+          mkdir -p .mvn
+          cat > .mvn/jvm.config << 'EOF'
+          --add-opens java.base/java.lang=ALL-UNNAMED
+          --add-opens java.base/java.lang.reflect=ALL-UNNAMED
+          --add-opens java.base/java.security=ALL-UNNAMED
+          --add-opens java.base/java.util.jar=ALL-UNNAMED
+          --add-opens java.base/sun.nio.ch=ALL-UNNAMED
+          --add-opens java.base/java.nio=ALL-UNNAMED
+          --add-opens java.base/java.net=ALL-UNNAMED
+          --add-opens java.base/java.io=ALL-UNNAMED
+          EOF
           MAVEN_OPTS="-Xmx3G -Xss2m -XX:MaxMetaspaceSize=1G" mvn clean package -T 4 -Pprod > maven-build.log 2>&1
 
       - name: Report failing tests (if any)

From dc37019da1586a97b125cc0ebbe2e8983fd2a237 Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 13:47:24 +0100
Subject: [PATCH 5/7] switch base image to java 11

---
 .github/Dockerfile_PreBuild           |  2 +-
 .github/workflows/build_container.yml | 11 -----------
 2 files changed, 1 insertion(+), 12 deletions(-)

diff --git a/.github/Dockerfile_PreBuild b/.github/Dockerfile_PreBuild
index 39f9a8746d..61c37dce74 100644
--- a/.github/Dockerfile_PreBuild
+++ b/.github/Dockerfile_PreBuild
@@ -1,4 +1,4 @@
-FROM gcr.io/distroless/java17-debian12
+FROM gcr.io/distroless/java:11
 
 # Copy OBP source code
 # Copy build artifact (.war file) into jetty from 'maven' stage.
diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml
index 642ce582c2..2c5fdd0a4a 100644
--- a/.github/workflows/build_container.yml
+++ b/.github/workflows/build_container.yml
@@ -68,17 +68,6 @@ jobs:
           echo ResetPasswordUrlEnabled=true >> obp-api/src/main/resources/props/test.default.props
 
           echo consents.allowed=true >> obp-api/src/main/resources/props/test.default.props
-          mkdir -p .mvn
-          cat > .mvn/jvm.config << 'EOF'
-          --add-opens java.base/java.lang=ALL-UNNAMED
-          --add-opens java.base/java.lang.reflect=ALL-UNNAMED
-          --add-opens java.base/java.security=ALL-UNNAMED
-          --add-opens java.base/java.util.jar=ALL-UNNAMED
-          --add-opens java.base/sun.nio.ch=ALL-UNNAMED
-          --add-opens java.base/java.nio=ALL-UNNAMED
-          --add-opens java.base/java.net=ALL-UNNAMED
-          --add-opens java.base/java.io=ALL-UNNAMED
-          EOF
           MAVEN_OPTS="-Xmx3G -Xss2m -XX:MaxMetaspaceSize=1G" mvn clean package -T 4 -Pprod > maven-build.log 2>&1
 
       - name: Report failing tests (if any)

From eeda7dd474e11cf8fdb36141407b493ddac795d8 Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 15:48:30 +0100
Subject: [PATCH 6/7] bind http4s to 0.0.0.0

---
 obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala b/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala
index d0bb9b47f8..6c2c72cbc9 100644
--- a/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala
+++ b/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala
@@ -13,8 +13,10 @@ object Http4sServer extends IOApp {
   new bootstrap.liftweb.Boot().boot
 
   val port = APIUtil.getPropsAsIntValue("http4s.port",8086)
-  val host = APIUtil.getPropsValue("http4s.host","127.0.0.1")
-  
+  // Default changed from 127.0.0.1 to 0.0.0.0 so the server binds to all network interfaces.
+  // It is still configurable via the http4s.host property.
+  val host = APIUtil.getPropsValue("http4s.host","0.0.0.0")
+
   // Use shared httpApp configuration (same as tests)
   val httpApp = Http4sApp.httpApp
   

From 14d38b19fe6670beb41f5efd671a33c583befd0b Mon Sep 17 00:00:00 2001
From: tawoe <tawoe@posteo.de>
Date: Thu, 26 Feb 2026 16:29:38 +0100
Subject: [PATCH 7/7] bind http4s to port 8080

---
 obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala b/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala
index 6c2c72cbc9..f25351b96c 100644
--- a/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala
+++ b/obp-api/src/main/scala/bootstrap/http4s/Http4sServer.scala
@@ -12,7 +12,7 @@ object Http4sServer extends IOApp {
   // new bootstrap.http4s.Http4sBoot().boot
   new bootstrap.liftweb.Boot().boot
 
-  val port = APIUtil.getPropsAsIntValue("http4s.port",8086)
+  val port = APIUtil.getPropsAsIntValue("http4s.port",8080)
   // Default changed from 127.0.0.1 to 0.0.0.0 so the server binds to all network interfaces.
   // It is still configurable via the http4s.host property.
   val host = APIUtil.getPropsValue("http4s.host","0.0.0.0")