diff --git a/schutzbot/vendor/87-podman-bridge.conflist b/schutzbot/vendor/87-podman-bridge.conflist
new file mode 100644
index 0000000..5f4c94f
--- /dev/null
+++ b/schutzbot/vendor/87-podman-bridge.conflist
@@ -0,0 +1,41 @@
+{
+  "cniVersion": "0.4.0",
+  "name": "podman",
+  "plugins": [
+    {
+      "type": "bridge",
+      "bridge": "cni-podman0",
+      "isGateway": true,
+      "ipMasq": true,
+      "hairpinMode": true,
+      "ipam": {
+        "type": "host-local",
+        "routes": [{ "dst": "0.0.0.0/0" }],
+        "ranges": [
+          [
+            {
+              "subnet": "10.88.0.0/16",
+              "gateway": "10.88.0.1"
+            }
+          ]
+        ]
+      }
+    },
+    {
+      "type": "portmap",
+      "capabilities": {
+        "portMappings": true
+      }
+    },
+    {
+      "type": "firewall"
+    },
+    {
+      "type": "tuning"
+    },
+    {
+      "domainName": "dns.podman",
+      "type": "dnsname"
+    }
+  ]
+}
diff --git a/schutzbot/vendor/README.md b/schutzbot/vendor/README.md
new file mode 100644
index 0000000..31354d6
--- /dev/null
+++ b/schutzbot/vendor/README.md
@@ -0,0 +1,9 @@
+This directory includes 3rd party modules, needed in CI.
+
+ - [`dnsname`](https://github.com/containers/dnsname) plugin for podman,
+   needed to translate host names of containers into IPs. It is shipped
+   in Fedora, but missing in RHEL 8, see
+   [rhgbz#1877865](https://bugzilla.redhat.com/show_bug.cgi?id=1877865).
+   The `87-podman-bridge.conflist` file contains the corresponding config,
+   where the `{"domainName": "dns.podman", "type": "dnsname"}` bit is the
+   newly added part.
diff --git a/schutzbot/vendor/dnsname b/schutzbot/vendor/dnsname
new file mode 100755
index 0000000..22f03da
Binary files /dev/null and b/schutzbot/vendor/dnsname differ
diff --git a/test/integration.sh b/test/integration.sh
index 8bbd7bd..c12283b 100755
--- a/test/integration.sh
+++ b/test/integration.sh
@@ -1,3 +1,103 @@
 #!/bin/bash
+set -euxo pipefail
 
-echo "IT IS ALIVE!"
+function greenprint {
+    echo -e "\033[1;32m${1}\033[0m"
+}
+
+# Get OS data.
+source /etc/os-release
+ARCH=$(uname -m)
+
+greenprint "Disable SELinux"
+sudo setenforce 0
+
+if [[ $ID == rhel ]] && ! rpm -q epel-release; then
+    greenprint "📦 Setting up EPEL repository"
+    curl -Ls --retry 5 --output /tmp/epel.rpm \
+        https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
+    sudo rpm -Uvh /tmp/epel.rpm
+fi
+
+greenprint "Installing required packages"
+sudo dnf -y install \
+    dnsmasq \
+    jq \
+    krb5-workstation \
+    koji \
+    koji-osbuild-cli \
+    podman
+
+if [[ $ID == rhel ]]; then
+  greenprint "Tweaking podman, maybe."
+  sudo cp schutzbot/vendor/87-podman-bridge.conflist /etc/cni/net.d/
+  sudo cp schutzbot/vendor/dnsname /usr/libexec/cni/
+fi
+
+greenprint "Fetching RPMs"
+sudo mkdir -p /tmp/osbuild-composer-koji-test/rpms
+sudo dnf -y \
+     --downloadonly \
+     --downloaddir=/tmp/osbuild-composer-koji-test/rpms \
+     download \
+     "koji-osbuild*"
+
+greenprint "Building containers"
+sudo podman build -t koji.hub -f container/hub/Dockerfile .
+sudo podman build -t koji.builder -f container/builder/Dockerfile .
+
+greenprint "Starting containers"
+sudo ./run-koji-container.sh start
+
+greenprint "Print logs"
+sudo podman logs org.osbuild.koji.koji
+
+greenprint "Adding kerberos config"
+sudo cp \
+    /tmp/osbuild-composer-koji-test/client.keytab \
+    /etc/krb5.keytab
+
+sudo cp \
+    osbuild-local.conf \
+    /etc/krb5.conf.d/local
+
+greenprint "Initializing Kerberos"
+kinit osbuild-krb@LOCAL -k
+sudo -u _osbuild-composer kinit osbuild-krb@LOCAL -k
+sudo kinit osbuild-krb@LOCAL -k
+
+greenprint "Adding generated CA cert"
+sudo cp \
+    /tmp/osbuild-composer-koji-test/ca-crt.pem \
+    /etc/pki/ca-trust/source/anchors/koji-ca-crt.pem
+sudo update-ca-trust
+
+greenprint "Testing Koji"
+koji --server=http://localhost/kojihub --user=osbuild --password=osbuildpass --authtype=password hello
+koji --server=http://localhost/kojihub hello
+sudo -u _osbuild-composer koji --server=http://localhost/kojihub hello
+
+greenprint "Starting koji builder"
+sudo ./run-builder.sh start
+
+greenprint "Creating Koji tag infrastructure"
+./make-tags.sh
+
+greenprint "Creating a compose"
+koji --server=http://localhost/kojihub \
+     --user=kojiadmin \
+     --password=kojipass \
+     --authtype=password \
+     osbuild-image Fedora-Cloud 32 fedora-32 f32-candidate x86_64 \
+     --repo 'http://download.fedoraproject.org/pub/fedora/linux/releases/32/Everything/$arch/os/'
+
+greenprint "Stopping koji builder"
+sudo ./run-builder.sh stop
+
+greenprint "Stopping containers"
+sudo ./run-koji-container.sh stop
+
+greenprint "Removing generated CA cert"
+sudo rm \
+    /etc/pki/ca-trust/source/anchors/koji-ca-crt.pem
+sudo update-ca-trust