Single server

.gitattributes

@@ -0,0 +1,3 @@
+# On GitHub Actions with Windows, git will use CRLF by default when checking out
+# the repo. If this file has CRLF line endings
+configure.ac text eol=lf

.github/workflows/build-gradle-project.yml

@@ -6,11 +6,16 @@ on:
 jobs:
   build-gradle-project:
     runs-on: ubuntu-latest
+    env:
+      ALIAS: andrew
+      KEYSTORE: andrew_keystore
+      PASSWORD: ${{ secrets.PASSWORD }}
+
     steps:
     - name: Checkout project sources
       uses: actions/checkout@v3
 
-    - name: Install packages
+    - name: Install Graphviz to visualize trees
       run: sudo apt-get install -y graphviz
 
     - name: Setup Gradle
@@ -19,7 +24,12 @@ jobs:
         distribution: 'oracle'
         java-version: '17'
         cache: 'gradle'
-    - run: sh gradlew build
+
+    - name: Create Key Store
+      run: sh create_keystore.sh
+
+    - name: Run Gradle Testing
+      run: sh gradlew build
 
     - name: Upload coverage reports to Codecov
       uses: codecov/codecov-action@v3

.gitignore

@@ -1,3 +1,7 @@
+# Making certificates, dont mess around here
+.env
+andrew_*
+
 # No Binaries
 bin
 

build.gradle

@@ -21,6 +21,9 @@ dependencies {
     testImplementation 'org.junit.jupiter:junit-jupiter-api:5.8.1'
     testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.8.1'
 
+    // https://mvnrepository.com/artifact/commons-io/commons-io
+    implementation 'commons-io:commons-io:2.14.0'
+
     implementation fileTree(dir: 'libs', include: ['*.jar'])
 }
 

create_keystore.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+# https://docs.oracle.com/cd/E54932_01/doc.705/e54936/cssg_create_ssl_cert.htm#CSVSG179
+
+# Generate the self-signed certificate and place it in the KeyStore
+keytool -genkey -noprompt \
+ -alias "${ALIAS}" \
+ -dname "CN=mqttserver.ibm.com, OU=ID, O=IBM, L=Hursley, S=Hants, C=US" \
+ -keystore "${KEYSTORE}" \
+ -storepass "${PASSWORD}" \
+ -keypass "${PASSWORD}" \
+ -keyalg RSA \
+ -sigalg SHA256withRSA
+
+# Export the certificate needs to a certificate file, use this on both client and server to run
+# Technically you just need the key store between level-sites, instead of hashing, just encrypt the leaf value
+# with Paillier?
+
+# -Djavax.net.ssl.keyStore=${KEYSTORE} -Djavax.net.ssl.keyStorePassword=${PASSWORD}
+# -Djavax.net.ssl.trustStore=${KEYSTORE} -Djavax.net.ssl.trustStorePassword=${PASSWORD}
+
+# keytool -export -alias "${ALIAS}" -keystore "${KEYSTORE}" -rfc -file "${CERTIFICATE}" -storepass "${PASSWORD}"

k8/server-deploy/server_deployment.yaml

@@ -0,0 +1,40 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ppdt-server-deploy
+  labels:
+    app: ppdt-server-deploy
+    role: client
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      pod: ppdt-server-deploy
+  template:
+    metadata:
+      labels:
+        pod: ppdt-server-deploy
+    spec:
+      containers:
+        - name: ppdt-server-deploy
+          image: andrewquijano92/ppdt
+          ports:
+            - containerPort: 9000
+          env:
+            - name: TREE_ROLE
+              value: "SERVER"
+
+            - name: PRECISION
+              value: "2"
+
+            - name: PORT_NUM
+              value: "9000"
+
+            - name: LEVEL_SITE_DOMAINS
+              value: "ppdt-level-site-01-service,ppdt-level-site-02-service,ppdt-level-site-03-service,ppdt-level-site-04-service,ppdt-level-site-05-service,ppdt-level-site-06-service,ppdt-level-site-07-service,ppdt-level-site-08-service,ppdt-level-site-09-service,ppdt-level-site-10-service"
+
+            - name: CLIENT
+              value: "ppdt-client-service"
+
+            - name: GRADLE_USER_HOME
+              value: "gradle_user_home"

k8/server-deploy/server_service.yaml

@@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: ppdt-server-service
+spec:
+  selector:
+    pod: ppdt-server-deploy
+  ports:
+    - protocol: TCP
+      port: 9000
+      targetPort: 9000
+  type: NodePort