diff --git a/.ci/openshift-ci/build-root/Dockerfile b/.ci/openshift-ci/build-root/Dockerfile
new file mode 100644
index 00000000..04b1ba24
--- /dev/null
+++ b/.ci/openshift-ci/build-root/Dockerfile
@@ -0,0 +1,37 @@
+# Use the centos image as the base image
+FROM quay.io/centos/centos:stream8
+
+# Install additional tooling, see https://github.com/openshift/release/blob/master/clusters/app.ci/supplemental-ci-images/ci-tools-build-root.yaml#L338
+RUN INSTALL_PKGS="git java-17-openjdk.x86_64 httpd-tools" && \
+    dnf install -y $INSTALL_PKGS && \
+    rpm -V $INSTALL_PKGS && \
+    dnf clean all && \
+    touch /os-build-image
+
+# Downloading and installing Maven
+ARG MAVEN_VERSION=3.8.8
+ARG BASE_URL=https://apache.osuosl.org/maven/maven-3/${MAVEN_VERSION}/binaries
+
+RUN mkdir -p /usr/share/maven /usr/share/maven/ref \
+  && echo "Downlaoding maven" \
+  && curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
+  \
+  && echo "Unziping maven" \
+  && tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 \
+  \
+  && echo "Cleaning and setting links" \
+  && rm -f /tmp/apache-maven.tar.gz \
+  && ln -s /usr/share/maven/bin/mvn /usr/bin/mvn
+
+ENV MAVEN_HOME /usr/share/maven
+ENV MAVEN_CONFIG "$USER_HOME_DIR/.m2"
+
+# Downloading and installing the OpenShift CLI
+ENV OC_PKG=https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest-4.12/openshift-client-linux.tar.gz \
+      OC_HOME=/usr/oc/oc-4.1.2
+
+RUN set -eux; \
+      curl -L --output /tmp/oc.tgz "$OC_PKG"; \
+      mkdir -p "$OC_HOME"; \
+      tar --extract --file /tmp/oc.tgz --directory "$OC_HOME"; \
+      ln -s "$OC_HOME"/oc /usr/bin/oc
diff --git a/.ci/openshift-ci/build-root/e2e-test.sh b/.ci/openshift-ci/build-root/e2e-test.sh
new file mode 100644
index 00000000..63a9e8c1
--- /dev/null
+++ b/.ci/openshift-ci/build-root/e2e-test.sh
@@ -0,0 +1,93 @@
+#!/bin/bash
+
+#!/usr/bin/env bash
+# exit immediately when a command fails
+set -e
+# avoid exiting with non-zero if any of the pipeline commands fail because we need retries for oc login
+#set -o pipefail
+# error on unset variables
+set -u
+# print each command before executing it
+set -x
+
+printenv KUBECONFIG
+printenv KUBEADMIN_PASSWORD_FILE
+
+oc get node
+oc config view
+
+export TEST_CLUSTER_URL=$(oc whoami --show-server)
+
+export SYSADMIN_USERNAME=kubeadmin
+export SYSADMIN_PASSWORD=$(cat "${KUBEADMIN_PASSWORD_FILE}")
+
+# note that for some reason it takes a few minutes for this to be loaded by OCP and authentication start working
+export TEST_ADMIN_USERNAME=tadmin
+export TEST_ADMIN_PASSWORD=adminpwd
+export TEST_USER_USERNAME=tuser
+export TEST_USER_PASSWORD=userpwd
+export HTPASSWD_FILE=users.htpasswd
+
+htpasswd -c -B -b $HTPASSWD_FILE $TEST_ADMIN_USERNAME $TEST_ADMIN_PASSWORD
+htpasswd -b $HTPASSWD_FILE $TEST_USER_USERNAME $TEST_USER_PASSWORD
+
+cat $HTPASSWD_FILE
+
+oc create secret generic htpass-secret --from-file=htpasswd=$HTPASSWD_FILE -n openshift-config
+oc patch OAuth cluster -p '{"spec": {"identityProviders": [{"htpasswd": {"fileData": {"name": "htpass-secret"}},"mappingMethod": "claim","name": "my_htpasswd_provider","type": "HTPasswd"}]}}' --type=merge
+
+# wait until authentication operator updates auth
+sleep 45 # wait until operator notices changes
+counter=0
+while [ "$(oc get clusteroperator authentication -o custom-columns=STATUS:.status.conditions[1].status | tail -1)" == "True" ]; do
+  sleep 5
+  echo Waiting for authentication operator to finish processing
+  ((counter=counter+1))
+  if [ "$counter" == "200" ]; then
+    echo "Timeout waiting for authentication operator."
+    exit 1
+  fi
+done
+
+counter=0
+until [[ "$(oc login --insecure-skip-tls-verify ${TEST_CLUSTER_URL} -u ${TEST_ADMIN_USERNAME} -p ${TEST_ADMIN_PASSWORD})" =~ "Login successful" ]] || [[ counter++ -ge 80 ]]
+do
+  sleep 5
+done
+export ADMIN_TOKEN=$(oc whoami -t)
+
+counter=0
+until [[ "$(oc login --insecure-skip-tls-verify ${TEST_CLUSTER_URL} -u ${TEST_USER_USERNAME} -p ${TEST_USER_PASSWORD})" =~ "Login successful" ]] || [[ counter++ -ge 80 ]]
+do
+  sleep 5
+done
+export USER_TOKEN=$(oc whoami -t)
+
+oc login --insecure-skip-tls-verify "${TEST_CLUSTER_URL}" -u ${SYSADMIN_USERNAME} -p "${SYSADMIN_PASSWORD}"
+oc adm policy add-cluster-role-to-user cluster-admin ${TEST_ADMIN_USERNAME}
+# We need to do this since InfinispanOperatorProvisionerTest would fail unless the master account is made
+# cluster-admin as well, see https://github.com/Intersmash/intersmash/issues/48
+oc adm policy add-cluster-role-to-user cluster-admin ${TEST_USER_USERNAME}
+
+export TEST_NAMESPACE=xtf-test
+
+cat >> test.properties <<EOL
+xtf.openshift.url=${TEST_CLUSTER_URL}
+xtf.openshift.namespace=${TEST_NAMESPACE}
+xtf.bm.namespace=${TEST_NAMESPACE}-builds
+xtf.openshift.admin.username=${TEST_ADMIN_USERNAME}
+xtf.openshift.admin.password=${TEST_ADMIN_PASSWORD}
+xtf.openshift.admin.token=${ADMIN_TOKEN}
+xtf.openshift.master.username=${TEST_USER_USERNAME}
+xtf.openshift.master.password=${TEST_USER_PASSWORD}
+xtf.openshift.master.token=${USER_TOKEN}
+xtf.openshift.admin.kubeconfig=${KUBECONFIG}
+xtf.openshift.master.kubeconfig=${KUBECONFIG}
+
+EOL
+
+cat test.properties
+
+mkdir local-repo
+mvn clean install -Dmaven.repo.local=./local-repo -DskipTests
+mvn test -Dmaven.repo.local=./local-repo -pl testsuite/