script wrapping build process managing certificates and triggering a build

.gitignore

@@ -6,4 +6,7 @@ build
 
 # Ignore emacs swapfiles
 \#*
-.\#*
+.\#*
+
+# Dont commit certs
+resources/*

buildwrapper.sh

@@ -0,0 +1,78 @@
+#!/bin/sh
+
+SERVER_CA_CN=jobserv-server-ca
+SERVER_CN=jobserv-server
+SERVER_PATH=resources/server
+CLIENT_CA_CN=jobserv-client-ca
+CLIENT_CN=jobserv-client
+CLIENT_PATH=resources/client
+TEST_PATH=resources/test
+
+rm -rf resources/*
+mkdir resources/client
+mkdir resources/server
+mkdir resources/test
+
+
+# Get passwords for CAs
+read -p "Enter Server CA Passphrase: " SRVCAPASS
+read -p "Enter Client CA Passphrase: " CLTCAPASS
+
+# Generate CA Keys
+echo "[+] Generating Server CA Key"
+openssl genrsa -passout pass:$SRVCAPASS -aes256 -out $SERVER_PATH/ca.key 4096
+echo "[+] Generating Client CA Key"
+openssl genrsa -passout pass:$CLTCAPASS -aes256 -out $CLIENT_PATH/ca.key 4096
+echo "[+] Generating test CA Key"
+openssl genrsa -passout pass:dontusethiskey -aes256 -out $TEST_PATH/ca.key 4096
+
+# Generate CA Certs
+echo "[+] Generating Server CA Cert"
+openssl req -passin pass:$SRVCAPASS -new -x509 -days 365 -key $SERVER_PATH/ca.key -out $SERVER_PATH/ca.crt -subj "/CN=${SERVER_CA_CN}"
+echo "[+] Generating Client CA Cert"
+openssl req -passin pass:$CLTCAPASS -new -x509 -days 365 -key $CLIENT_PATH/ca.key -out $CLIENT_PATH/ca.crt -subj "/CN=${CLIENT_CA_CN}"
+echo "[+] Generating test CA Key"
+openssl req -passin pass:dontusethiskey -new -x509 -days 365 -key $TEST_PATH/ca.key -out $TEST_PATH/ca.crt -subj "/CN=DontUseMe"
+
+
+# Generate Server Key, Signing request, cert
+echo "[+] Generating Server key"
+openssl genrsa -passout pass:${SRVCAPASS} -aes256 -out $SERVER_PATH/private.key 4096
+echo "[+] Generating Server signing request"
+openssl req -passin pass:${SRVCAPASS} -out $SERVER_PATH/request.csr -subj "/CN=${SERVER_CN}"
+echo "[+] Generating Server certificate "
+openssl x509 -req -passin pass:${SRVCAPASS} -days 365 -in $SERVER_PATH/request.csr -CA $SERVER_PATH/ca.crt -CAkey $SERVER_PATH/ca.key -set_serial 01 -out $SERVER_PATH/server.crt
+echo "[+] Removing passphrase from server key"
+openssl rsa -passin pass:${SRVCAPASS} -in $SERVER_PATH/private.key -out $SERVER_PATH/private.key
+
+# Generate Client Key, Signing request, cert
+echo "[+] Generating Client key"
+openssl genrsa -passout pass:${CLTCAPASS} -aes256 -out $CLIENT_PATH/private.key 4096
+echo "[+] Generating Client signing request"
+openssl req -passin pass:${CLTCAPASS} -out $CLIENT_PATH/request.csr -subj "/CN=${CLIENT_CN}"
+echo "[+] Generating Client certificate "
+openssl x509 -req -passin pass:${CLTCAPASS} -days 365 -in $CLIENT_PATH/request.csr -CA $CLIENT_PATH/ca.crt -CAkey $CLIENT_PATH/ca.key -set_serial 01 -out $CLIENT_PATH/server.crt
+echo "[+] Removing passphrase from client key"
+openssl rsa -passin pass:${CLTCAPASS} -in $CLIENT_PATH/private.key -out $CLIENT_PATH/private.key
+
+# Generate Test Key, Signing request, cert
+echo "[+] Generating server key"
+openssl genrsa -passout pass:dontusethiskey -aes256 -out $TEST_PATH/private.key 4096
+echo "[+] Generating server signing request"
+openssl req -passin pass:dontusethiskey -out $TEST_PATH/request.csr -subj "/CN=${DontUseMe}"
+echo "[+] Generating server certificate "
+openssl x509 -req -passin pass:dontusethiskey -days 365 -in $TEST_PATH/request.csr -CA $TEST_PATH/ca.crt -CAkey $TEST_PATH/ca.key -set_serial 01 -out $TEST_PATH/server.crt
+echo "[+] Removing passphrase from test key"
+openssl rsa -passin pass:dontusethiskey -in $TEST_PATH/private.key -out $TEST_PATH/private.key
+
+
+echo "[+] Converting private keys to X.509"
+openssl pkcs8 -topk8 -nocrypt -in $CLIENT_PATH/private.key -out $CLIENT_PATH/private.pem
+openssl pkcs8 -topk8 -nocrypt -in $SERVER_PATH/private.key -out $SERVER_PATH/private.pem
+openssl pkcs8 -topk8 -nocrypt -in $TEST_PATH/private.key -out $TEST_PATH/private.pem
+
+echo "[+] creating combine trust store"
+cat $SERVER_PATH/ca.crt $CLIENT_PATH/ca.crt > resources/truststore.pem
+
+echo "[+] initiating gradle build"
+./gradlew clear build