Merge pull request #5 from AndrewQuijano/single-server

Single server

.gitattributes

@@ -0,0 +1,3 @@
+# On GitHub Actions with Windows, git will use CRLF by default when checking out
+# the repo. If this file has CRLF line endings
+configure.ac text eol=lf

.github/workflows/build-gradle-project.yml

@@ -6,11 +6,16 @@ on:
 jobs:
  build-gradle-project:
  runs-on: ubuntu-latest
+ env:
+ ALIAS: andrew
+ KEYSTORE: andrew_keystore
+ PASSWORD: ${{ secrets.PASSWORD }}
+
  steps:
  - name: Checkout project sources
  uses: actions/checkout@v3
 
- - name: Install packages
+ - name: Install Graphviz to visualize trees
  run: sudo apt-get install -y graphviz
 
  - name: Setup Gradle
@@ -19,7 +24,12 @@ jobs:
  distribution: 'oracle'
  java-version: '17'
  cache: 'gradle'
- - run: sh gradlew build
+
+ - name: Create Key Store
+ run: sh create_keystore.sh
+
+ - name: Run Gradle Testing
+ run: sh gradlew build
 
  - name: Upload coverage reports to Codecov
  uses: codecov/codecov-action@v3

.gitignore

@@ -1,3 +1,7 @@
+# Making certificates, dont mess around here
+.env
+andrew_*
+
 # No Binaries
 bin
 

build.gradle

@@ -21,6 +21,9 @@ dependencies {
  testImplementation 'org.junit.jupiter:junit-jupiter-api:5.8.1'
  testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.8.1'
 
+ // https://mvnrepository.com/artifact/commons-io/commons-io
+ implementation 'commons-io:commons-io:2.14.0'
+
  implementation fileTree(dir: 'libs', include: ['*.jar'])
 }
 

create_keystore.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+# https://docs.oracle.com/cd/E54932_01/doc.705/e54936/cssg_create_ssl_cert.htm#CSVSG179
+
+# Generate the self-signed certificate and place it in the KeyStore
+keytool -genkey -noprompt \
+ -alias "${ALIAS}" \
+ -dname "CN=mqttserver.ibm.com, OU=ID, O=IBM, L=Hursley, S=Hants, C=US" \
+ -keystore "${KEYSTORE}" \
+ -storepass "${PASSWORD}" \
+ -keypass "${PASSWORD}" \
+ -keyalg RSA \
+ -sigalg SHA256withRSA
+
+# Export the certificate needs to a certificate file, use this on both client and server to run
+# Technically you just need the key store between level-sites, instead of hashing, just encrypt the leaf value
+# with Paillier?
+
+# -Djavax.net.ssl.keyStore=${KEYSTORE} -Djavax.net.ssl.keyStorePassword=${PASSWORD}
+# -Djavax.net.ssl.trustStore=${KEYSTORE} -Djavax.net.ssl.trustStorePassword=${PASSWORD}
+
+# keytool -export -alias "${ALIAS}" -keystore "${KEYSTORE}" -rfc -file "${CERTIFICATE}" -storepass "${PASSWORD}"

k8/server-deploy/server_deployment.yaml

@@ -0,0 +1,40 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: ppdt-server-deploy
+ labels:
+ app: ppdt-server-deploy
+ role: client
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ pod: ppdt-server-deploy
+ template:
+ metadata:
+ labels:
+ pod: ppdt-server-deploy
+ spec:
+ containers:
+ - name: ppdt-server-deploy
+ image: andrewquijano92/ppdt
+ ports:
+ - containerPort: 9000
+ env:
+ - name: TREE_ROLE
+ value: "SERVER"
+
+ - name: PRECISION
+ value: "2"
+
+ - name: PORT_NUM
+ value: "9000"
+
+ - name: LEVEL_SITE_DOMAINS
+ value: "ppdt-level-site-01-service,ppdt-level-site-02-service,ppdt-level-site-03-service,ppdt-level-site-04-service,ppdt-level-site-05-service,ppdt-level-site-06-service,ppdt-level-site-07-service,ppdt-level-site-08-service,ppdt-level-site-09-service,ppdt-level-site-10-service"
+
+ - name: CLIENT
+ value: "ppdt-client-service"
+
+ - name: GRADLE_USER_HOME
+ value: "gradle_user_home"

k8/server-deploy/server_service.yaml

@@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+ name: ppdt-server-service
+spec:
+ selector:
+ pod: ppdt-server-deploy
+ ports:
+ - protocol: TCP
+ port: 9000
+ targetPort: 9000
+ type: NodePort