repo-sync-2024-03-19T19:55:42+0800

.circleci/config.yml

@@ -0,0 +1,67 @@
+# Copyright 2024 Ant Group Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+version: 2.1
+
+parameters:
+  GHA_Actor:
+    type: string
+    default: ""
+  GHA_Action:
+    type: string
+    default: ""
+  GHA_Event:
+    type: string
+    default: ""
+  GHA_Meta:
+    type: string
+    default: ""
+
+jobs:
+  build-and-push:
+    docker:
+      - image: cimg/openjdk:17.0
+    steps:
+      - checkout
+      - setup_remote_docker
+      - run:
+          name: Build Docker image
+          command: make image
+      - run:
+          name: Push to Docker Hub
+          command: |
+            # login easypsi dockerhub registry
+            docker login -u ${DOCKER_DEPLOY_USERNAME} -p ${DOCKER_DEPLOY_TOKEN}
+            # login easypsi aliyun registry
+            docker login -u ${ALIYUN_DOCKER_USERNAME} -p ${ALIYUN_DOCKER_PASSWORD}  secretflow-registry.cn-hangzhou.cr.aliyuncs.com
+            CIRCLETAG=$(echo ${CIRCLE_TAG} | sed 's/v//')
+
+            docker tag $(docker images --format "{{.Repository}}:{{.Tag}}" | sed -n '1p') secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/easy-psi:latest
+            docker tag $(docker images --format "{{.Repository}}:{{.Tag}}" | sed -n '1p') secretflow/easy-psi:latest
+            docker tag $(docker images --format "{{.Repository}}:{{.Tag}}" | sed -n '1p') secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/easy-psi:${CIRCLETAG}
+            docker tag $(docker images --format "{{.Repository}}:{{.Tag}}" | sed -n '1p') secretflow/easy-psi:${CIRCLETAG}
+            docker push secretflow/easy-psi:${CIRCLETAG}
+            docker push secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/easy-psi:${CIRCLETAG}
+            docker push secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/easy-psi:latest
+            docker push secretflow/easy-psi:latest
+
+workflows:
+  build-deploy:
+    jobs:
+      - build-and-push:
+          filters:
+            tags:
+              only: /^v.*/
+            branches:
+              ignore: /.*/

.github/workflows/cla.yml

@@ -1,3 +1,16 @@
+# Copyright 2024 Ant Group Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
 ---
 name: CLA Assistant
 on:

.github/workflows/test.yml

@@ -0,0 +1,51 @@
+# Copyright 2024 Ant Group Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Test
+
+on:
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-m2
+
+      - name: Build with Maven
+        run: mvn clean test
+
+      - name: Add coverage to PR
+        uses: madrapps/jacoco-report@v1.6.1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          min-coverage-overall: 40
+          min-coverage-changed-files: 40
+          paths: |
+            ${{ github.workspace }}/test/target/site/jacoco.xml

.gitignore

@@ -29,11 +29,11 @@ target/
 !**/src/main/**/build/
 !**/src/test/**/build/
 !**/src/test/resources/certs/
-secretpad-api/client-java-kusciaapi/**/kusciaapi/
-secretpad-api/client-java-kusciaapi/**/common/
-secretpad-service/**/org/secretflow/proto/
-secretpad-service/**/com/opensecretflow/spec/v1/
-secretpad-web/config
+easypsi-api/client-java-kusciaapi/**/kusciaapi/
+easypsi-api/client-java-kusciaapi/**/common/
+easypsi-service/**/org/secretflow/proto/
+easypsi-service/**/com/opensecretflow/spec/v1/
+easypsi-web/config
 
 ### VS Code ###
 .vscode/
@@ -48,3 +48,7 @@ build/**/settings.xml
 docs/_build
 
 .java-version
+/easypsi-test/surefire-report/
+/easypsi-test/jacoco.xml
+/surefire-report/
+/easypsi-test/TEST-all.xml

Makefile

@@ -30,12 +30,12 @@ test: ## Run tests.
 	mvn clean test
 
 .PHONY: build
-build: ## Build SecretPad binary whether to integrate frontend.
+build: ## Build EasyPsi binary whether to integrate frontend.
 	./scripts/build.sh true
 
 .PHONY: image
 image: build ## Build docker image with the manager.
-	./scripts/build_image.sh
+	./scripts/fatimage.sh
 
 .PHONY: docs
 docs: ## Build docs.

README.md

@@ -1,10 +1,10 @@
-# Easy-PSI
+# EasyPsi
 
 <p align="center">
 <a href="./README.zh-CN.md">简体中文</a>｜<a href="./README.md">English</a>
 </p>
 
-SecretPad is a **privacy-preserving computing** web platform based on the [Kuscia](https://github.com/secretflow/kuscia) framework, designed to provide easy access to privacy-preserving data intelligence and machine learning functions. With SecretPad:
+EasyPsi is a **privacy-preserving computing** web platform based on the [Kuscia](https://github.com/secretflow/kuscia) framework, designed to provide easy access to privacy-preserving data intelligence and machine learning functions. With EasyPsi:
 
 * You can create node, register data, create project, create authorization between cooperative nodes.
 * You can use the ability of data preprocessing, analysis and modeling to meet diverse business scenarios
@@ -14,10 +14,10 @@ SecretPad is a **privacy-preserving computing** web platform based on the [Kusci
 
 Currently, we only provide detailed documentations in Chinese.
 
-- [Development](./docs/development/build_secretpad_cn.md)
+- [Development](./docs/development/build_easypsi_cn.md)
 
 ## Disclaimer
 
-Non-release version of SecretPad is only for demonstration and should not be used in production environments.
-Although this version of SecretPad covers the basic abilities, there may be some security issues and functional defects due to insufficient functionality and unfinished items in the project.
-We welcome your active suggestions and look forward to the official release.
+Non-release version of EasyPsi is only for demonstration and should not be used in production environments.
+Although this version of EasyPsi covers the basic abilities, there may be some security issues and functional defects due to insufficient functionality and unfinished items in the project.
+We welcome your active suggestions and look forward to the official release.

README.zh-CN.md

@@ -1,19 +1,19 @@
-# SecretPad
+# EasyPsi
 
 <p align="center">
 <a href="./README.zh-CN.md">简体中文</a>｜<a href="./README.md">English</a>
 </p>
 
-SecretPad 是一个基于 [Kuscia](https://github.com/secretflow/kuscia) 的隐私计算的 web 框架，能够方便的使用基于保护隐私的数据智能和机器学习的能力。通过 SecretPad：
+EasyPsi 是一个基于 [Kuscia](https://github.com/secretflow/kuscia) 的隐私计算的 web 框架，能够方便的使用基于保护隐私的数据智能和机器学习的能力。通过 EasyPsi：
 
 * 你可以快速创建节点、注册数据、创建项目、进行合作节点间的授权
 * 你可以使用丰富的数据预处理，数据分析、数据建模能力，满足多样化的业务场景。
 * 你可以使用模型训练、模型预测的能力。
 
 ## Documentation
 
-- [Development](./docs/development/build_secretpad_cn.md)
+- [Development](./docs/development/build_easypsi_cn.md)
 
 ## 声明
 
-非正式发布的 SecretPad 版本仅用于演示，请勿在生产环境中使用。尽管此版本已涵盖 SecretPad 的基础功能，但由于项目存在功能不足和待完善项，可能存在部分安全问题和功能缺陷。因此，我们欢迎你积极提出建议，并期待正式版本的发布。
+非正式发布的 EasyPsi 版本仅用于演示，请勿在生产环境中使用。尽管此版本已涵盖 EasyPsi 的基础功能，但由于项目存在功能不足和待完善项，可能存在部分安全问题和功能缺陷。因此，我们欢迎你积极提出建议，并期待正式版本的发布。

build/Dockerfiles/anolis.Dockerfile

@@ -1,16 +1,31 @@
+#
+# Copyright 2024 Ant Group Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
 FROM secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/secretpad-base-lite:0.2
 
 ENV LANG=C.UTF-8
 WORKDIR /app
 
-RUN mkdir -p /var/log/secretpad && mkdir -p /app/db && mkdir -p /app/config/certs && yum install -y sqlite
+RUN mkdir -p /var/log/easypsi && mkdir -p /app/db && mkdir -p /app/config/certs && yum install -y sqlite
 
 COPY config /app/config
 COPY scripts /app/scripts
 COPY demo/data /app/data
-COPY target/*.jar secretpad.jar
+COPY target/*.jar easypsi.jar
 
 EXPOSE 80
 EXPOSE 8080
 EXPOSE 9001
-ENTRYPOINT ["java","-jar", "-Dsun.net.http.allowRestrictedHeaders=true", "secretpad.jar"]
+ENTRYPOINT ["java","-jar", "-Dsun.net.http.allowRestrictedHeaders=true", "easypsi.jar"]

build/Dockerfiles/fatimage.Dockerfile

@@ -0,0 +1,67 @@
+#
+# Copyright 2024 Ant Group Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+ARG KUSCIA_IMAGE_NAME
+FROM secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/secretpad-base-lite:0.2 as base_pad
+FROM ${KUSCIA_IMAGE_NAME}
+ARG KUSCIA_IMAGE_NAME
+ARG EASYPSI_IMAGE_NAME
+ARG SECRETFLOW_IMAGE_NAME
+RUN echo "arg kuscia=${KUSCIA_IMAGE_NAME}"
+RUN echo "arg easypsi=${EASYPSI_IMAGE_NAME}"
+RUN echo "arg sf=${SECRETFLOW_IMAGE_NAME}"
+
+## install openjdk 17
+ARG JDK_VERSION=17.0.6+10
+ARG JDK_DIR=/usr/local/openjdk-17
+RUN mkdir -p ${JDK_DIR}
+COPY --from=base_pad ${JDK_DIR} ${JDK_DIR}
+ENV JAVA_HOME=${JDK_DIR}
+ENV PATH=${JAVA_HOME}/bin:${PATH}
+
+## set timezone and charset
+ENV TZ=Asia/Shanghai
+ENV LANG=C.UTF-8
+
+# set image version
+ENV KUSCIA_IMAGE=${KUSCIA_IMAGE_NAME}
+ENV EASYPSI_IMAGE=${EASYPSI_IMAGE_NAME}
+ENV SECRETFLOW_IMAGE=${SECRETFLOW_IMAGE_NAME}
+WORKDIR /app
+
+RUN #mkdir -p /var/log/easypsi && mkdir -p /app/db && mkdir -p /app/config/certs  && mkdir -p /app/tmp/scripts
+RUN yum install -y sqlite && yum clean all
+COPY config /app/bak/config
+COPY scripts /app/bak/scripts
+COPY demo/data /app/bak/data
+COPY target/*.jar easypsi.jar
+COPY scripts/fatimage/entrypoint_command.sh /app/entrypoint_command.sh
+RUN mkdir -p /home/kuscia/image_libs
+COPY target/secretflow.tar /home/kuscia/image_libs/secretflow.tar
+
+WORKDIR /home/kuscia
+RUN echo "env kuscia=${KUSCIA_IMAGE}"
+RUN echo "env easypsi=${EASYPSI_IMAGE}"
+RUN echo "env sf=${SECRETFLOW_IMAGE}"
+
+# Other defatul env
+ENV KUSCIA_API_ADDRESS=127.0.0.1:8083
+ENV KUSCIA_GW_ADDRESS=127.0.0.1:80
+ENV KUSCIA_PROTOCOL="mtls"
+ENV SPRING_PROFILES_ACTIVE="p2p"
+
+
+CMD ["bash",  "/app/entrypoint_command.sh"]

build/Dockerfiles/lite.Dockerfile

@@ -1,3 +1,19 @@
+#
+# Copyright 2024 Ant Group Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 FROM openanolis/anolisos:8.4-x86_64
 
 ## install openjdk 17