diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index ee7d6b8d4a..ee46828daa 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -8,7 +8,7 @@ repos:
   - id: detect-aws-credentials
     args: [--allow-missing-credentials]
   - id: detect-private-key
-    exclude: testdata/.*
+    exclude: 'testdata/.*|test-integration/certificates/.*'
   - id: check-yaml
   - id: check-json
 - repo: https://github.com/astral-sh/ruff-pre-commit
diff --git a/test-integration/Dockerfile-ClientNode b/test-integration/Dockerfile-ClientNode
new file mode 100644
index 0000000000..da31f340f7
--- /dev/null
+++ b/test-integration/Dockerfile-ClientNode
@@ -0,0 +1,27 @@
+# Use the docker:dind image as the base image
+FROM docker:dind
+
+# Set the working directory
+WORKDIR /app
+
+# Install curl and bash
+RUN apk update && apk add --no-cache curl bash
+
+# Install the ca-certificates package
+RUN apk add --no-cache ca-certificates
+
+# Copy a root ca into the image
+COPY certificates/generated_assets/bacalhau_test_root_ca.crt /usr/local/share/ca-certificates/bacalhau_test_root_ca.crt
+
+# Update CA certificates
+RUN update-ca-certificates
+
+# Download and execute the Bash script from the given URL
+RUN curl -sSL https://get.bacalhau.org/install.sh | bash
+
+# Download the binary, make it executable, and move it to /usr/local/bin
+RUN curl -o /tmp/mc https://dl.min.io/client/mc/release/linux-amd64/mc \
+    && chmod +x /tmp/mc \
+    && mv /tmp/mc /usr/local/bin/
+
+ENTRYPOINT ["dockerd-entrypoint.sh"]
diff --git a/test-integration/Dockerfile-ComputeNode b/test-integration/Dockerfile-ComputeNode
new file mode 100644
index 0000000000..7a6cc4ebaa
--- /dev/null
+++ b/test-integration/Dockerfile-ComputeNode
@@ -0,0 +1,24 @@
+# Use the docker:dind image as the base image
+FROM docker:dind
+
+# Set the working directory
+WORKDIR /app
+
+# Install curl and bash
+RUN apk update && apk add --no-cache curl bash
+
+# Install the ca-certificates package
+RUN apk add --no-cache ca-certificates
+
+# Copy a root ca into the image
+COPY certificates/generated_assets/bacalhau_test_root_ca.crt /usr/local/share/ca-certificates/bacalhau_test_root_ca.crt
+
+# Update CA certificates
+RUN update-ca-certificates
+
+# Download and execute the Bash script from the given URL
+RUN curl -sSL https://get.bacalhau.org/install.sh | bash
+
+COPY compute_node_image_setup.sh compute_node_image_setup.sh
+ENTRYPOINT ["/usr/bin/env"]
+CMD ./compute_node_image_setup.sh
diff --git a/test-integration/Dockerfile-DockerImageRegistryNode b/test-integration/Dockerfile-DockerImageRegistryNode
new file mode 100644
index 0000000000..9c38ba886e
--- /dev/null
+++ b/test-integration/Dockerfile-DockerImageRegistryNode
@@ -0,0 +1,24 @@
+FROM registry:2
+
+# Install curl and bash
+RUN apk update && apk add --no-cache curl bash
+
+# Install the ca-certificates package
+RUN apk add --no-cache ca-certificates
+
+# Copy a root ca into the image
+COPY certificates/generated_assets/bacalhau_test_root_ca.crt /usr/local/share/ca-certificates/bacalhau_test_root_ca.crt
+
+# Create a directory to store certificates to be used by the registry
+RUN mkdir /certs
+
+# Copy the certificate and key from the local directory to /certs
+COPY certificates/generated_assets/bacalhau-container-img-registry-node.crt /certs/
+COPY certificates/generated_assets/bacalhau-container-img-registry-node.key /certs/
+
+# Ensure proper permissions for certs
+RUN chmod 600 /certs/bacalhau-container-img-registry-node.key
+RUN chmod 644 /certs/bacalhau-container-img-registry-node.crt
+
+# Expose the registry's default port
+EXPOSE 5000 443
diff --git a/test-integration/Dockerfile-RequesterNode b/test-integration/Dockerfile-RequesterNode
new file mode 100644
index 0000000000..cbbd207c32
--- /dev/null
+++ b/test-integration/Dockerfile-RequesterNode
@@ -0,0 +1,22 @@
+# Use the docker:dind image as the base image
+FROM docker:dind
+
+# Set the working directory
+WORKDIR /app
+
+# Install curl and bash
+RUN apk update && apk add --no-cache curl bash
+
+# Install the ca-certificates package
+RUN apk add --no-cache ca-certificates
+
+# Copy a root ca into the image
+COPY certificates/generated_assets/bacalhau_test_root_ca.crt /usr/local/share/ca-certificates/bacalhau_test_root_ca.crt
+
+# Update CA certificates
+RUN update-ca-certificates
+
+# Download and execute the Bash script from the given URL
+RUN curl -sSL https://get.bacalhau.org/install.sh | bash
+
+ENTRYPOINT ["dockerd-entrypoint.sh"]
diff --git a/test-integration/README.md b/test-integration/README.md
new file mode 100644
index 0000000000..bada3d6e3c
--- /dev/null
+++ b/test-integration/README.md
@@ -0,0 +1,198 @@
+# Running Bacalhau on Docker
+
+## Overview
+
+Since Bacalhau is a distributed system with multiple components, it is critical to have a reliable method for end-to-end testing. Additionally, it's important that these tests closely resemble a real production environment without relying on mocks.
+
+This setup addresses those needs by running Bacalhau inside containers while also supporting Docker workloads within these containers (using Docker-in-Docker, or DinD).
+
+## Architecture
+
+- A Requester Docker container, running Bacalhau as a requester node.
+- A Compute Docker container, running Bacalhau as a compute node and is configured to run Docker containers inside it.
+- A Bacalhau Client Docker container to act as a jumpbox to interact with this Bacalhau deployment.
+- A [Registry](https://github.com/distribution/distribution/) Docker container to act as the local container image registry.
+- A Minio Docker container to support running S3 compatible input/output jobs.
+- Docker Compose is used to create 5 services: the Requester Node, the Compute Node, the Client CLI Node, the registry node, and the Minio node.
+- All the services are connected on the same Docker network, allowing them to communicate over the bridged network.
+- All the containers have an injected custom Certificate Authority, which is used for a portion of the internal TLS communication.
+  - TODO: Expand the TLS setup to more components. Now it is used for the registry communication only.
+
+## Setup
+
+---
+### Build the Docker Images
+
+Build the Requester Node image:
+```shell
+docker build -f Dockerfile-RequesterNode -t bacalhau-requester-node-image .
+```
+
+Build the Compute Node image:
+```shell
+docker build -f Dockerfile-ComputeNode -t bacalhau-compute-node-image .
+```
+
+Build the Client Node image:
+```shell
+docker build -f Dockerfile-ClientNode -t bacalhau-client-node-image .
+```
+
+Build the Registry Node image:
+```shell
+docker build -f Dockerfile-DockerImageRegistryNode -t bacalhau-container-img-registry-node-image .
+```
+
+After running these commands, you should see the above images created:
+```shell
+docker image ls
+```
+---
+### Running the setup
+
+Run Docker Compose:
+```shell
+docker-compose up
+```
+
+Access the utility client container to use the Bacalhau CLI:
+```shell
+docker exec -it bacalhau-client-node-container /bin/bash
+```
+
+Once inside the container, you can run the following commands to verify the setup:
+```shell
+# You should see two nodes: a Requestor and a Compute Node
+bacalhau node list
+```
+
+Run a test workload
+```shell
+bacalhau docker run hello-world
+
+# Describe the job; it should have completed successfully.
+bacalhau job describe ........
+```
+
+In another terminal window, you can follow the logs of the Requester node, and compute node
+```shell
+docker logs bacalhau-requester-node-container -f
+docker logs bacalhau-compute-node-container -f
+```
+
+---
+### Setting Up Minio
+
+Access the utility client container to use the Bacalhau CLI:
+```shell
+docker exec -it bacalhau-client-node-container /bin/bash
+```
+
+Setup an alias for the Minio CLI
+```shell
+# The environment variables are already injected in
+# the container, no need to replce them yourself.
+mc alias set bacalhau-minio "http://${BACALHAU_MINIO_NODE_HOST}:9000" "${MINIO_ROOT_USER}" "${MINIO_ROOT_PASSWORD}"
+mc admin info bacalhau-minio
+```
+
+Create a bucket and add some files
+```shell
+mc mb bacalhau-minio/my-data-bucket
+mc ls bacalhau-minio/my-data-bucket/section1/
+echo "This is a sample text hello hello." > example.txt
+mc cp example.txt bacalhau-minio/my-data-bucket/section1/
+```
+
+RUn a job with data input from the minion bucket
+
+```shell
+# Content of aws-test-job.yaml below
+bacalhau job run aws-test-job.yaml
+```
+
+```yaml
+Name: S3 Job Data Access Test
+Type: batch
+Count: 1
+Tasks:
+  - Name: main
+    Engine:
+      Type: docker
+      Params:
+        Image: ubuntu:latest
+        Entrypoint:
+          - /bin/bash
+        Parameters:
+          - "-c"
+          - "cat /put-my-s3-data-here/example.txt"
+    InputSources:
+      - Target: "/put-my-s3-data-here"
+        Source:
+          Type: s3
+          Params:
+            Bucket: "my-data-bucket"
+            Key: "section1/"
+            Endpoint: "http://bacalhau-minio-node:9000"
+            Region: "us-east-1" # If no region added, it fails, even for minio
+```
+
+---
+### Setting Up private registry
+
+This docker compose deployment has a private registry deployed on its own node. It allows us to
+create tests and experiment with docker images jobs without the need to use DockerHub in anyway.
+
+From inside the client container, let's pull an image from DockerHub, push it to our own private registry,
+then run a docker job running the image in out private registry.
+
+```shell
+# pull from docker hub
+docker pull ubuntu
+
+# tag the image to prepare it to be push to our private registry
+docker image tag ubuntu bacalhau-container-img-registry-node:5000/firstbacalhauimage
+
+# push the image to our private registry
+docker push bacalhau-container-img-registry-node:5000/firstbacalhauimage
+```
+
+Now, let's create a job that references that image in private registry:
+
+```shell
+# Content of private-registry-test-job.yaml below
+bacalhau job run private-registry-test-job.yaml
+```
+
+```yaml
+Name: Job to test using local registry images
+Type: batch
+Count: 1
+Tasks:
+  - Name: main
+    Engine:
+      Type: docker
+      Params:
+        Image: bacalhau-container-img-registry-node:5000/firstbacalhauimage
+        Entrypoint:
+          - /bin/bash
+        Parameters:
+          - "-c"
+          - "echo test-local-registry"
+```
+
+---
+### Notes:
+
+If for some reason after running `docker-compose up`, you faced issues with the Image registry node starting, try to remove the image registry docker volume by running:
+
+```shell
+# Destroy the deployment
+docker-compose down
+
+# Remove registry volume
+docker volume rm test-integration_registry-volume
+
+# Create deployment again
+docker-compose up
+```
diff --git a/test-integration/certificates/README.md b/test-integration/certificates/README.md
new file mode 100644
index 0000000000..f993908841
--- /dev/null
+++ b/test-integration/certificates/README.md
@@ -0,0 +1,9 @@
+# Certificate Generation
+
+The script in the folder allows you to generate certificates that are signed by a root CA, and provide the
+CN and SAN for these leaf certs. The generated certs will be added to the `generated_assets` directory.
+
+Usage: `./generate_leaf_certs.sh <CN_and_SAN>`
+```shell
+./generate_leaf_certs.sh my-bacalhau-requester-node
+```
diff --git a/test-integration/certificates/generate_leaf_certs.sh b/test-integration/certificates/generate_leaf_certs.sh
new file mode 100755
index 0000000000..0411adc9d3
--- /dev/null
+++ b/test-integration/certificates/generate_leaf_certs.sh
@@ -0,0 +1,71 @@
+#!/bin/bash
+
+# Set variables
+ROOT_CA_CERT="generated_assets/bacalhau_test_root_ca.crt"
+ROOT_CA_KEY="generated_assets/bacalhau_test_root_ca.key"
+DAYS_VALID=1825  # 5 years
+
+# Organization name and country (same as before)
+ORG_NAME="Bacalhau"
+COUNTRY="US"
+
+# Check if the input argument is provided
+if [[ -z "$1" ]]; then
+    echo "Error: Please provide a string for the Common Name and Subject Alternative Names."
+    exit 1
+fi
+
+COMMON_NAME="$1"
+OUTPUT_CERT="generated_assets/${COMMON_NAME}.crt"
+OUTPUT_KEY="generated_assets/${COMMON_NAME}.key"
+CSR_PATH="generated_assets/${COMMON_NAME}.csr"
+CNF_PATH="generated_assets/${COMMON_NAME}.cnf"
+
+# Check if the files already exist
+if [[ -f "${OUTPUT_CERT}" ]] || [[ -f "${OUTPUT_KEY}" ]]; then
+    echo "Error: One or both of the following files already exist:"
+    [[ -f "${OUTPUT_CERT}" ]] && echo " - ${OUTPUT_CERT}"
+    [[ -f "${OUTPUT_KEY}" ]] && echo " - ${OUTPUT_KEY}"
+    echo "Please remove or rename the existing files before running this script."
+    exit 1
+fi
+
+# Generate a private key for the new certificate
+echo "Generating certificate signed by the root CA..."
+openssl genpkey -algorithm RSA -out "${OUTPUT_KEY}" -pkeyopt rsa_keygen_bits:4096
+
+# Create an OpenSSL configuration file for the SAN
+cat > "${CNF_PATH}" <<EOF
+[ req ]
+default_bits       = 4096
+distinguished_name = req_distinguished_name
+req_extensions     = v3_req
+prompt             = no
+
+[ req_distinguished_name ]
+CN = ${COMMON_NAME}
+O = ${ORG_NAME}
+C = ${COUNTRY}
+
+[ v3_req ]
+keyUsage = critical, digitalSignature, cRLSign, keyEncipherment
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+
+[ alt_names ]
+DNS.1 = ${COMMON_NAME}
+EOF
+
+# Generate a certificate signing request (CSR) using the config file
+openssl req -new -key "${OUTPUT_KEY}" -out "${CSR_PATH}" -config "${CNF_PATH}"
+
+# Sign the certificate with the root CA
+openssl x509 -req -in "${CSR_PATH}" -CA "${ROOT_CA_CERT}" -CAkey "${ROOT_CA_KEY}" \
+    -out "${OUTPUT_CERT}" -days "${DAYS_VALID}" -sha256 -extensions v3_req -extfile "${CNF_PATH}"
+
+# Clean up the CSR and config file
+rm "${CSR_PATH}" "${CNF_PATH}"
+
+echo "Certificate generated and saved to ${OUTPUT_CERT} and ${OUTPUT_KEY}"
+
+echo "Done!"
diff --git a/test-integration/certificates/generate_root_ca.sh b/test-integration/certificates/generate_root_ca.sh
new file mode 100755
index 0000000000..85d18ce312
--- /dev/null
+++ b/test-integration/certificates/generate_root_ca.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Set variables
+ROOT_CA_CERT="generated_assets/bacalhau_test_root_ca.crt"
+ROOT_CA_KEY="generated_assets/bacalhau_test_root_ca.key"
+DAYS_VALID=3650  # 10 years
+
+# Organization name and country
+ORG_NAME="Bacalhau"
+COUNTRY="US"
+
+# Check if the files already exist
+if [[ -f "${ROOT_CA_CERT}" ]] || [[ -f "${ROOT_CA_KEY}" ]]; then
+    echo "Error: One or both of the following files already exist:"
+    [[ -f "${ROOT_CA_CERT}" ]] && echo " - ${ROOT_CA_CERT}"
+    [[ -f "${ROOT_CA_KEY}" ]] && echo " - ${ROOT_CA_KEY}"
+    echo "Please remove or rename the existing files before running this script."
+    exit 1
+fi
+
+# Generate a Root CA
+echo "Generating Root CA..."
+openssl genpkey -algorithm RSA -out "${ROOT_CA_KEY}" -pkeyopt rsa_keygen_bits:4096
+openssl req -x509 -new -nodes -key "${ROOT_CA_KEY}" -sha256 -days "${DAYS_VALID}" \
+    -out "${ROOT_CA_CERT}" -subj "/CN=BacalhauTestRootCA/O=${ORG_NAME}/C=${COUNTRY}"
+
+echo "Root CA generated and saved to ${ROOT_CA_CERT} and ${ROOT_CA_KEY}"
+
+echo "Done!"
diff --git a/test-integration/certificates/generated_assets/bacalhau-container-img-registry-node.crt b/test-integration/certificates/generated_assets/bacalhau-container-img-registry-node.crt
new file mode 100644
index 0000000000..975b9e49a8
--- /dev/null
+++ b/test-integration/certificates/generated_assets/bacalhau-container-img-registry-node.crt
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFvjCCA6agAwIBAgIUYifgdP0lbUCNSHVlpbDOv3te6/IwDQYJKoZIhvcNAQEL
+BQAwPTEbMBkGA1UEAwwSQmFjYWxoYXVUZXN0Um9vdENBMREwDwYDVQQKDAhCYWNh
+bGhhdTELMAkGA1UEBhMCVVMwHhcNMjQxMDA0MTY0MjU0WhcNMjkxMDAzMTY0MjU0
+WjBPMS0wKwYDVQQDDCRiYWNhbGhhdS1jb250YWluZXItaW1nLXJlZ2lzdHJ5LW5v
+ZGUxETAPBgNVBAoMCEJhY2FsaGF1MQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBALTFGCjPrXoIIClILuq/eW6MUCHNtpaiQPjyUosz
+JI4/hHWBJ4J4yv9wg9w7LJLk5Pvt/8gRdyauIUgUe20/uaU9dGV2iV1r/bTe2oU3
+PDbq9phQerKOS14bGmFRTkVZLLe7vyKe5GHoCfPAQlAVsv97KYTtxxgmhljlsM3y
+GOFbZtv9WR18LEjzyiLONSopQ9bv96R4YEMKf3NA2qEisZsiY8v9Kg1Gd+rMCx73
+UIbg1y4ykBan2N5nO8FJbqg6VJPSajIIOKWHZxjhwG7BfOnk3TWCF5obb5Zy1nPG
+SOTZod3jV3p8XdDDHohgIvvUC9bO+Wc+JRKSSdDtn6BO3bzjgkAFLbaCmi0fd3HR
+fwhtRT4ZI3t2RNUhNZvx6UN0Lcl5KBvivd3T/e1jCvQR2ivEm2lphjjNWSSz5043
+c1yjEcMPsY6rFSIbnxiM2F32hIGFejXJqA4MaHHpk9stF14MSPSxCYRffdsjf9tQ
+BAg9bRN98uSbxlayKPK7k0vaB3ol/GpCpTIHLrTt/XwfFC23r/g7NS6lXX8X0Ldc
+UfZm8eJB9qYVuQgzZISH60q4rvOCvn15CuE8HkPUoLTYNIJqhVU5kTo0pEs9AIuF
+fKtXYTdK/YgYZ2uOiLyU3uelwcB7hWldHyTFFqbrxOsm+ZrlPD4AW8i87IpGPMGQ
+nf1dAgMBAAGjgaMwgaAwDgYDVR0PAQH/BAQDAgGiMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAvBgNVHREEKDAmgiRiYWNhbGhhdS1jb250YWluZXItaW1n
+LXJlZ2lzdHJ5LW5vZGUwHQYDVR0OBBYEFFY0/QjT73AvlWyhJ45O+/pxUFxuMB8G
+A1UdIwQYMBaAFEv+OZzYAJx/WZch9ckcScnAtXOYMA0GCSqGSIb3DQEBCwUAA4IC
+AQCPigiWa45CWt2D/tq2tAC0UpXUSJKVfkFcGE3rO6OANWsbuFDNpMvc5IR2/YoB
+hqYQqEP8kszaBOLEh8s5c0WPUo7ayarr+D0vvFPiMZ7OY2WFs3r2rg9mqK92UDEL
+PtpRKhfBXmWNyfaEfxIi+VfwbHk6QzwtbOTGydMiv/mUHFsXMqRFSLg+g2o5/7Xj
+RhV8n7x21c02wNWnEHVl1sss6VyW+MvaepHtzAeTNhEHpw4lhCqgn2Imh3J+5lCv
+xYMVQYCXCSSO+y62hCRs0DN5Nad5LvfTACAhKvtt9HShrOTdZLFz/KgWrbKTzfjr
+vKpzB6ck98la39xqInHahfjRAQ4mIdkELh6iXN1SAxKDw2vFqRI4PsQznntEs1xM
+42RvZ3IeEazH+M7/h4fZZVr8c5+pwyHe79iDM6mNKzCLcxTqB46Fuj/Q/kQ+eHiJ
+wf3+RJarc3vHEYXg0+ggqX6ZgBz43nqVL4G8o86ijA1ipVOaygL+9mSwMrmWhT12
+IBwjOnEhSxBOp6UwXTSAVpuZH+zhT89ws9kGGU2wSUQdA3FSM0JUmEA5mMYIU17F
+zhzG+04M7sGFrNsnR97/BaTfx88fXgsXUMjtEDNvg6iKxEt3r8iBCL9cOkq6nmbi
+peZAYCMmyU7QGl0Y/7fztb2p5ZUEwuus3GnMo/KBX3RefQ==
+-----END CERTIFICATE-----
diff --git a/test-integration/certificates/generated_assets/bacalhau-container-img-registry-node.key b/test-integration/certificates/generated_assets/bacalhau-container-img-registry-node.key
new file mode 100644
index 0000000000..ab085ff4d8
--- /dev/null
+++ b/test-integration/certificates/generated_assets/bacalhau-container-img-registry-node.key
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC0xRgoz616CCAp
+SC7qv3lujFAhzbaWokD48lKLMySOP4R1gSeCeMr/cIPcOyyS5OT77f/IEXcmriFI
+FHttP7mlPXRldolda/203tqFNzw26vaYUHqyjkteGxphUU5FWSy3u78inuRh6Anz
+wEJQFbL/eymE7ccYJoZY5bDN8hjhW2bb/VkdfCxI88oizjUqKUPW7/ekeGBDCn9z
+QNqhIrGbImPL/SoNRnfqzAse91CG4NcuMpAWp9jeZzvBSW6oOlST0moyCDilh2cY
+4cBuwXzp5N01gheaG2+WctZzxkjk2aHd41d6fF3Qwx6IYCL71AvWzvlnPiUSkknQ
+7Z+gTt2844JABS22gpotH3dx0X8IbUU+GSN7dkTVITWb8elDdC3JeSgb4r3d0/3t
+Ywr0EdorxJtpaYY4zVkks+dON3NcoxHDD7GOqxUiG58YjNhd9oSBhXo1yagODGhx
+6ZPbLRdeDEj0sQmEX33bI3/bUAQIPW0TffLkm8ZWsijyu5NL2gd6JfxqQqUyBy60
+7f18HxQtt6/4OzUupV1/F9C3XFH2ZvHiQfamFbkIM2SEh+tKuK7zgr59eQrhPB5D
+1KC02DSCaoVVOZE6NKRLPQCLhXyrV2E3Sv2IGGdrjoi8lN7npcHAe4VpXR8kxRam
+68TrJvma5Tw+AFvIvOyKRjzBkJ39XQIDAQABAoICAAuexdb4bqbdty+K1SqVmg6P
+VNFaIhwccapvF/ucaIOqX+9BGP3r749XDMA59OYRHQp4JKKYQ31di9nQfen/wtp1
+O7JlWcmDGSEo2DQ1tkMI0fGS7tLj5G1itvc9h5db9vdtSV6bhy58q4hwj0gK9Qwz
+lG+Cl3NH0AgOj9HVTQsjhIECEASeCFISNdK3SGHy8B+fd7RUtp9ooS5n+LCLWeO7
+5LK8De7M3QWKDfGfepzeVDFt4lGf2DLdFlFuUSoy7F/qPUBabfBvZqMJ/q7qn4cr
+hUVyHOafpTSEd6D5RJNNeCMa1kiTOQv5QaZeQ7Fw0pKsOwpgy3eeUWzC8als7cJM
+SZ5fX7bWc9y7UBj/FqdKVON4aK4BZREvohTEpWW5+B7dlFOoSitc8E0x0DJXrHbe
+ti82oWf2t277qm9rhyWHW4pb6FGeuglqr2Y7rlUfy6cxsfTFlarM4FKY5kT25ncR
+7GSeRq37dj0mtfYOPjCZ7K0dtOlup2Ao86n72sB1vVKwvBYWBycpV36g6Ibjptzm
+Mp/cedY68ykABzA7rLAuQoDjqMM6MkQYlBGW3GCmLiDktRGZFMk1lvVpTeXe5KW9
+WY8Zw1EIX/L1a5LjWSzB1R45kN04PNLjwgXnxvmaRiaCpwbxXVJLtG18ryB9MR8j
+KDyrueV+/nggKXSbisLhAoIBAQD0EQDvcdpCSCoCVwjVhbBkGQjm7gVqbDlr9Zll
+Yjzm/JMgRQZgOl9BPy9d0svPHyXrB2YO0adzbUhx2jICtBS+cA6jL96u1BzwUMlI
+X9WJ/jJgDdeCxj6eYDRyOA9kKr0A/9luacYH0wJV9BOz8mNfRbnCy8X0TweMBXBD
+1DM9EvMHkFU/2mww2MBC2z9w51Xvu+an4WChyxvRBYNx61UI5BzifwQdVWldUhvp
+6YMrWJxiasxm3qQRiuzCE91QGxTP16LNMu7Tky7urdKOXhuOHbG9FjV+uTB3Oc2W
+DBmz5trwnoCVjqVHtmpRH/2Ecv68c3ioUg0Xpii7fcB2QgixAoIBAQC9m83D/Lng
+prrhxJU7O7AwYGiGopKsSTwCL0jsWLLfrqUSf1TKkCeuLm755zJI8MSygxLpZgf9
+pKj5mh01/72g2jHMgdZyqyvArn+IFw4Aafjlpk+zVYb2fyG7pfCPBJfdbeDAe++t
+Ka4tmel8HGjAn95hu6AIWZhvGY7VKTTCPRZnOWIWJun7zygfn8sYttniS1ioBDp0
+eQ+uNQ16mE5IP2NYqY83UtdZPKlmF+2o0TyNAq5l9PbOV3wfyeRGY6BYNkNVFFf6
+BIq/S+2lB6VtxuVU61YOzkcMCAJH3Ld8h5F2rK3KsrhdpGKTlAjjvfVmBkRhAdR3
+H+2+OIBHF2ptAoIBAQDRb53r2zk904spAuKzx8r7unfnIq1HC6OivthpJYm5dVgT
+QugbvztqU/wjePYnwETbkDfF06br6AVYnbJ4m2uJl8MXycY/JAnJNqnjD0nA5n73
+6ijbMZ8ebNPUh8K9Y+dYajR9CQtEP5Arjg0yR3d6k+y5+f7ejMqfHzOdIQTvDcm6
+3eIprxdUO0uQk2+3ROx7kjR2L3KqpA40qZSINzd7L7SRsAkp2tdVm1YUvasvkRRx
+Z9ALHlaQLzTHviAV04dia1pq16AVsqF9c2/Rd3QR2e1hoyM4oVWzmciPT8bml92c
+yYbxz7yI80H8Z4U3GS77K+OIHRDbEFy3t0tmr3ehAoIBAAEo/+RQGo8OVhxliIg5
+QEW7gUg5nG4jcJOO2IJhtI570hS/5LPsl+GP9SvgR0V8+6cf+DCnaCscI9CLKdyX
+uQBP9XgL31UKSRU/vBYIFhTYkSZOkzREtLOzaXBtfoBRheBb+MEUwQ2tMJyk0XHp
+9pYfJEwyyrLiYXVkkaQqQWFi4E03Y6tBB7N7vAIdhy+ahtDEp0E37WejCf6F4pQ6
+dFgq0x/Kwc6T2i94mIzAXrrmtNkkCA8lpZDzphXHtXbcyzFe+6B8pGEqP/MVstmM
+p215hxOy8O7cQkEHl4P7DMBdT/2K5vFTkJ86D0RZ5ogGNIcwSKDTUwp7jofYbqiA
+sy0CggEAQGVQibpqusZXJrSf619vedOGX+HbrYQR9sdF2uSyHvgGRcHAKTbk646/
+yXQcqBTBnf+p7cBaOF6icTpF9WfJZlK+sMJPJBWQpTaqCImb0EzQn/irYw1B2LqM
+od7w9YUFE2/hGH38XGqDtpNV0PBpc320BDLfAcpzVLlNMQDgMfFVNSM+IHB2clcO
+ad0eAxaqRhu7gSEnaxIfNtTOuMp5gvOI5qg0+WZZv4yFoYk3Ge8kKZTDIsFsHB8X
+nnwpq0xLqt6L9m5Ifqv+n0OYpB3MxFv9UXLAXrDJ4OvIKQfRbKI1q42AjwFRkb7U
+b/zrt9Y++SxL+wcMtRb9JAlHmmh0DA==
+-----END PRIVATE KEY-----
diff --git a/test-integration/certificates/generated_assets/bacalhau_test_root_ca.crt b/test-integration/certificates/generated_assets/bacalhau_test_root_ca.crt
new file mode 100644
index 0000000000..b7ba413f98
--- /dev/null
+++ b/test-integration/certificates/generated_assets/bacalhau_test_root_ca.crt
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFWzCCA0OgAwIBAgIUBLGr9ixtYXxd37LeDg2/Ml81KxUwDQYJKoZIhvcNAQEL
+BQAwPTEbMBkGA1UEAwwSQmFjYWxoYXVUZXN0Um9vdENBMREwDwYDVQQKDAhCYWNh
+bGhhdTELMAkGA1UEBhMCVVMwHhcNMjQxMDA0MTU1MTIyWhcNMzQxMDAyMTU1MTIy
+WjA9MRswGQYDVQQDDBJCYWNhbGhhdVRlc3RSb290Q0ExETAPBgNVBAoMCEJhY2Fs
+aGF1MQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AMuUD1dPMYoOmsevycxyd2n3QIIZZ6rDWElV6nIJ5vuvdCjVuwtRavhN5HcnP7tu
+CMCibb6Y8LTGVXzkXmFfu9B8zFd7n3aSc2LNDUJNqBUxAyNvseT95Pev77HciWFy
+D/udB0Yq4wE7SJemYqJPJ5+3AKyGT1pgQbwd3lTXsUdpyNF2hbhtq/x648OjTGPh
+lCxxsaEW0npVdqMLBhArzHnbv1iXDuKCDZXEBqkN+CR0hhApzbqLWXYj0LFEw8TY
+ieWSJJzuO9W2Q0SagxIJD+exK+XQMF6A1+fBbxGXAgm/SMYl9zjHQgQJgy50etRk
+yeX9hhjyngZFVGPkdtKDG8A4mXJcVHFF5X/+I4Ky+Kpg5hi37qIgrZrXYgCkRiHJ
+jQLocVYQxv2SqwOgJjOaUqH6zYQF74fLqIq7Tay/RChIXJEOkuNk5nGd3C8GVXQr
+xzeG7ayaqjT0uIiMhbnHmfXTDC6ueX+/cDygUrJwMaTPVQeJnlonppjh+N6PkMP6
+zMbM03eXh/7BHfFI/DqUH1VyPXat7ahbOspHP9b5b7ZcDs9CKc23fmH2pDW++xZb
+Gq3XYje3Bb92tlb9gkPBLPbAV1Jeh/vw6GUCy7vcMLTvPMRPI5Tj881rH0qIvbbg
+odwJni7sC29Wh4V1zE0HNUBBunBb0o8+oilD88sMikBpAgMBAAGjUzBRMB0GA1Ud
+DgQWBBRL/jmc2ACcf1mXIfXJHEnJwLVzmDAfBgNVHSMEGDAWgBRL/jmc2ACcf1mX
+IfXJHEnJwLVzmDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQAx
+S6raHCA1hWf9/yJ4UdTnWhfv3ZEx5GgwWJzqu567iO5NBV7kzhFRhyMD8R2dczgT
+Y5kkHM+lzfeanSw9GEHG9XM91x0dNIhrncFGzckK8QfXCZoq6PfvLf67v6xXTwTD
+pfPxjCjw6dV3jeGpY7JMghDJkgVllDAKLo+qCysCGn+PQTelEpVdkXwYwm+vDtiQ
+6fYgobYLjIkE9P5iCO9dAGi+lX+s6cO6YmvcfNx6hbpEP6cpmShNpJH1GcQy2tlP
+4VVjzjEP1GVHed5S7HryXgRpbG+9QvwVva0KJasZe+2N8sCCab63CUdP93BJrAUG
+QxYzxZHSK5kFYz8EuflDnS/bBVo15ucDp9121G88x1oMxT3/69QzuQFBBWSQRD7Q
+EBdT+n83pBWKy1S9y5UxkZJeWI81nbTELHDc9gzuWzyGxOHj+GNN6oeF/RlEdfSG
+YiPa6gyrKxI8tBkKzeZILVxmLq9XMVyIfy6W+BXfS+SYOZg97fjXdlEkNkXfIml4
+Z4Pefu1JAP+VDJd0F8oWG5j0OayF/N77KjtGft92i30Q50jmSMF4xfTwOUeY7TVL
+whWZjA0BFgeVURcYPByRR3DNfCo00Xga8cXGk4wC9qBSugJNgJMY4svs61xNN5Vx
+yelv/Ra0DOWWDe1q8aWhWTJk1AoNqCbXt7mI/DBYCg==
+-----END CERTIFICATE-----
diff --git a/test-integration/certificates/generated_assets/bacalhau_test_root_ca.key b/test-integration/certificates/generated_assets/bacalhau_test_root_ca.key
new file mode 100644
index 0000000000..d0045bb558
--- /dev/null
+++ b/test-integration/certificates/generated_assets/bacalhau_test_root_ca.key
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDLlA9XTzGKDprH
+r8nMcndp90CCGWeqw1hJVepyCeb7r3Qo1bsLUWr4TeR3Jz+7bgjAom2+mPC0xlV8
+5F5hX7vQfMxXe592knNizQ1CTagVMQMjb7Hk/eT3r++x3Ilhcg/7nQdGKuMBO0iX
+pmKiTyeftwCshk9aYEG8Hd5U17FHacjRdoW4bav8euPDo0xj4ZQscbGhFtJ6VXaj
+CwYQK8x5279Ylw7igg2VxAapDfgkdIYQKc26i1l2I9CxRMPE2InlkiSc7jvVtkNE
+moMSCQ/nsSvl0DBegNfnwW8RlwIJv0jGJfc4x0IECYMudHrUZMnl/YYY8p4GRVRj
+5HbSgxvAOJlyXFRxReV//iOCsviqYOYYt+6iIK2a12IApEYhyY0C6HFWEMb9kqsD
+oCYzmlKh+s2EBe+Hy6iKu02sv0QoSFyRDpLjZOZxndwvBlV0K8c3hu2smqo09LiI
+jIW5x5n10wwurnl/v3A8oFKycDGkz1UHiZ5aJ6aY4fjej5DD+szGzNN3l4f+wR3x
+SPw6lB9Vcj12re2oWzrKRz/W+W+2XA7PQinNt35h9qQ1vvsWWxqt12I3twW/drZW
+/YJDwSz2wFdSXof78OhlAsu73DC07zzETyOU4/PNax9KiL224KHcCZ4u7AtvVoeF
+dcxNBzVAQbpwW9KPPqIpQ/PLDIpAaQIDAQABAoICAARn0waYUYBAqAoHVlp6RwJ5
++ojzLacfRScbOl/hvisK55TX4qvbAf3400Xqp+5CR6ZB2QpKAUBKKUJaiNQOG6CE
+3SjTaHXdaktPGHUZOdb9qGwWHLya680UHyvU4xRPCg8sfuVmDWNV71y7pggsXYqb
+UPtMV+7yHVM0c+Nak1C7WAN325ut1N1YHFUafo9PE30IWtdSWDv1dUccIzlhppnC
+UJbUhFSi+MX1A1p1FJ/Q9aPDAGfG2habD0ovji5zJatJ9XmYOD2ahxOGEJTKgMt+
+QFyKd2QrZzSKScpZ9++h04D9runsPQfN3AnTWaAW0Nwx2oP8gahwXl4WwmhiLk0q
+V1R7LPTPiY+IxijxwFKV80OFyGJtZCRHkPEQLSnxZc0iVf9F7XgBk7FvKld3G2JL
+Y0r8l4p7btp0St6adyIHZQiN0+j6gP/AvNlBkn/XcQk5OR+HHjAENKVpg/M1nUVO
+FToh68MLZPwvE0M+/lbUe2plX4nfD5gX4iDwNF4yCGcRzZg0LtBXoM26j44MQvmP
+xg5KqVzIr6c4iKDBKJqGRZh87h+g3MGVzbQfNyfvJ31CzWM/bsgZF+U5H673r73n
+Y8ws/f8mBXwLzbyLWLb9QRK392+v9BJlJ1AhHTwTPJLVZpcmNu/UJ1dQMbGIZ+te
+/vmKu1MtSPNdJOKCIf/HAoIBAQD5/u4JYEL5s3jWmvx8bLkDZjR+9jbZwii+zBFB
+9ukWDtRb5gGsVxStOxPubleYhLkBLyh1uXGNE/0insQQsXNtwCXmq08lxANYoVFz
+47fTFwK/3Y1Uhk7suAgM6fXGhm03BNuK3M0baX8BON2Su0dCv2RA7OtfY/L6J53N
+eZylj/0dcGDCbvD4Z0z6MG7ayKM6TiFNz6YT2XyGEdsRkUxD6UdDjsR2UILVPNJR
+J3quXDz1d5Vk365NgmDzCilHP2fYEr15Gdcf0uXorzoXaVlvCMrdaSywcNWpUVpr
+KX+BjhVNXMNoSJ7Q85aK9cx794LN7L85IO5dzPwN/+g1zM9jAoIBAQDQd7zdAs3V
+QSffVxU/UlTtekMbYWQECQsHupr4GTrKpujWWs+Fh1KUtCbBgEVmV2gIw9j12uTW
+tY/9XMk/lw6HWFb0v0fCVXiPMAci5RIrPa1yyY5j12AlzYXn51e/M2Kqd6LIZmTt
+d+bWl/dhfBH6Ar91gQJ1XClOktXmj6g+HYv0armUGdB1P2PKKVHMKIyq8yI9t2/3
+5+O38yB2L7TXMPWJrPbPvtrScA2Wve8FA9EIkIYtfiWSXB4MgYQcaUstiBqCqghL
+RwT2IJ8W828ak88a3HohK2ml3K3z9plZz8C5J0fyqPb6cbQzSpJV5xVKboacgoii
+/enLCY/WvRjDAoIBAQD4LxPVjxEun/Po6bibNbx/GWooWPqfOFgHAsRnPl6sHVDJ
+YxBqLZFDYREqdbTUn36jJFQAe3e1XRDC2+c9w00audVmqM9MaMoBpTUd3gZSs9dw
+7twt+6BC9XhYibQLwMyQAGyL8SRWgGcrqW6fCvl11FgM9Ke+7ZT8r3PD12WiH85i
++Xu1yznDAZq0Dn0fCmyxp3r8qpbvwcwTtYpMaHjUOrUa5pM3+jnIxDbvhkgO7Vc/
+Qda4bC+4lyT0YzQTnWjUY9ZicTrWRyMj20HKmDXHO21aXd2V1I7pJvCiznHdBlcz
+lFISJ3YzboAXuGmm8FOVZ+F3L7A0wxnANDwtnQSNAoIBAHSdlqv3ppcV9K0ONNeQ
+Qev6idGmQGG1gVMYgxooWugESJmogRAMLBj9UfTKwYfHe23zyMl3Yq3tMRglMHr/
+EGSL+VC+M/E1CNTopAVUKT7BKObec2XMlH9xIeghVMejgh0kAY6jIPBqM1p19i+1
+TQUTRnD/8xUdsgm/QCLS1+Wvd5wJm7iKXD9Kb5MmXBid0lrK2au2ks8WDB/ZxJ34
+f+wk+iXC+OortJMllaRuqWefw+5LkpOeTnw6RaDvTqzqBeD5kwLnBO6/Urowc25O
+TSeL6b33+eXWOCpNcY3Ys942xnOM0sWe2VIuCwTqQUQGmbVicLDaoH61FXS765fP
+fisCggEAQmxfrDvGpX48vDAgCwRhj/a76elRheXtFdwouMEa9YMXR0Y00Q/NTqzG
+2d9QaSJ3PHiXq2PUJq8aicik10Tzf7xdI9k8yPmehkvWfHyFDwiiTehdNRdWsUub
+NflZ75vBK781xG6/us2FYu6imW4nSj866BOzYhlZ7pJb61o0jJRjlTn1nulJBViR
+nJOAgi9Nw55G2NJUAhOMHqdszGHKgf7NnwU5cSyyKdVlziNR9eFQNy2uLCnwY+09
+346zH7Vahc+UdxuBIbZXCvv1uCml3k240CF9gxwi9CpoAtirvX4vyCqD/XfJVkq+
+kD+4DHssfsjShHyCWks5PAwHfErfrA==
+-----END PRIVATE KEY-----
diff --git a/test-integration/compute_node_image_setup.sh b/test-integration/compute_node_image_setup.sh
new file mode 100755
index 0000000000..a537e55550
--- /dev/null
+++ b/test-integration/compute_node_image_setup.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+# Total wait time in seconds
+TOTAL_WAIT_TIME_FOR_DOCKERD=30
+# Time interval between retries in seconds
+RETRY_INTERVAL=3
+# Calculating the maximum number of attempts
+MAX_ATTEMPTS=$((TOTAL_WAIT_TIME_FOR_DOCKERD / RETRY_INTERVAL))
+attempt=1
+
+# Start the first docker daemon
+dockerd-entrypoint.sh &
+
+while [[ ${attempt} -le ${MAX_ATTEMPTS} ]]; do
+    echo "Checking if dockerd is available (attempt ${attempt} of ${MAX_ATTEMPTS})..."
+
+    # Try to communicate with Docker daemon
+    if docker info >/dev/null 2>&1; then
+        echo "dockerd is available! Now Starting Bacalhau as a compute node"
+        bacalhau config set compute.auth.token="${NETWORK_AUTH_TOKEN}"
+        bacalhau serve --compute -c compute.orchestrators="nats://${REQUESTER_NODE_LINK}:4222"
+        # Wait for any process to exit
+        wait -n
+
+        # Exit with status of process that exited first
+        exit $?
+    fi
+
+    # Wait before retrying
+    echo "dockerd is not available yet. Retrying in ${RETRY_INTERVAL} seconds..."
+    sleep "${RETRY_INTERVAL}"
+
+    # Increment attempt counter
+    attempt=$((attempt + 1))
+done
+
+echo "dockerd did not become available within ${TOTAL_WAIT_TIME_FOR_DOCKERD} seconds."
+exit 1
diff --git a/test-integration/docker-compose.yml b/test-integration/docker-compose.yml
new file mode 100644
index 0000000000..2340fba1a6
--- /dev/null
+++ b/test-integration/docker-compose.yml
@@ -0,0 +1,117 @@
+x-common-env-variables: &common-env-variables
+  NETWORK_AUTH_TOKEN: "i_am_very_secret_token"
+  BACALHAU_API_PORT: "1234"
+  MINIO_ROOT_USER: "minioadmin"
+  MINIO_ROOT_PASSWORD: "minioadminpass"
+  AWS_ACCESS_KEY_ID: "minioadmin"
+  AWS_SECRET_ACCESS_KEY: "minioadminpass"
+
+networks:
+  bacalhau-network:
+    driver: bridge
+
+volumes:
+  minio-volume:
+    driver: local
+  registry-volume:
+    driver: local
+
+services:
+  bacalhau-minio-node:
+    image: quay.io/minio/minio
+    container_name: bacalhau-minio-node-container
+    command: server /data --console-address ":9001"
+    volumes:
+      - minio-volume:/data
+    restart: always
+    networks:
+      - bacalhau-network
+    environment: *common-env-variables
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost:9000/minio/health/live" ]
+      interval: 1s
+      timeout: 5s
+      retries: 30
+      start_period: 2s
+
+  bacalhau-container-img-registry-node:
+    image: bacalhau-container-img-registry-node-image
+    container_name: bacalhau-container-img-registry-container
+    volumes:
+      - registry-volume:/var/lib/registry
+    restart: always
+    networks:
+      - bacalhau-network
+    environment:
+      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /var/lib/registry
+      REGISTRY_HTTP_ADDR: "0.0.0.0:5000"
+      REGISTRY_HTTP_TLS_CERTIFICATE: "/certs/bacalhau-container-img-registry-node.crt"
+      REGISTRY_HTTP_TLS_KEY: "/certs/bacalhau-container-img-registry-node.key"
+    healthcheck:
+      test: [ "CMD-SHELL", "nc -zv localhost 5000" ]
+      interval: 1s
+      timeout: 5s
+      retries: 30
+      start_period: 2s
+
+  bacalhau-requester-node:
+    image: bacalhau-requester-node-image
+    container_name: bacalhau-requester-node-container
+    networks:
+      - bacalhau-network
+    environment: *common-env-variables
+    depends_on:
+      bacalhau-minio-node:
+        condition: service_healthy
+    privileged: true
+    command:
+      - /bin/bash
+      - -c
+      - |
+        bacalhau config set "orchestrator.auth.token" "$${NETWORK_AUTH_TOKEN}" && bacalhau serve --orchestrator -c api.port=$${BACALHAU_API_PORT}
+    healthcheck:
+      test: [ "CMD-SHELL", "nc -zv localhost 1234" ]
+      interval: 1s
+      timeout: 5s
+      retries: 30
+      start_period: 2s
+
+  bacalhau-compute-node:
+    image: bacalhau-compute-node-image
+    container_name: bacalhau-compute-node-container
+    privileged: true
+    networks:
+      - bacalhau-network
+    depends_on:
+      bacalhau-requester-node:
+        condition: service_healthy
+      bacalhau-container-img-registry-node:
+        condition: service_healthy
+    environment:
+      <<: *common-env-variables
+      REQUESTER_NODE_LINK: 'bacalhau-requester-node'
+    healthcheck:
+      test: [ "CMD-SHELL", "nc -zv localhost 1234" ]
+      interval: 1s
+      timeout: 5s
+      retries: 30
+      start_period: 2s
+
+  bacalhau-client-node:
+    image: bacalhau-client-node-image
+    container_name: bacalhau-client-node-container
+    privileged: true
+    networks:
+      - bacalhau-network
+    depends_on:
+      bacalhau-requester-node:
+        condition: service_healthy
+      bacalhau-compute-node:
+        condition: service_healthy
+      bacalhau-container-img-registry-node:
+        condition: service_healthy
+    environment:
+      <<: *common-env-variables
+      BACALHAU_API_HOST: 'bacalhau-requester-node'
+      BACALHAU_COMPUTE_NODE_HOST: 'bacalhau-compute-node'
+      BACALHAU_MINIO_NODE_HOST: 'bacalhau-minio-node'