Merge remote-tracking branch 'upstream/main'

.docker/build.Dockerfile

@@ -0,0 +1,35 @@
+# Define ARG we use through the build
+ARG VERSION=edge
+
+# We want gvm-libs to be ready so we use the build docker image of gvm-libs
+FROM greenbone/gvm-libs:$VERSION
+
+# This will make apt-get install without question
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Redefine ARG we use through the build
+ARG VERSION
+
+WORKDIR /usr/local/src
+
+# Install Debian core dependencies required for building gvm with PostgreSQL
+# support and not yet installed as dependencies of gvm-libs-core
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    build-essential \
+    cmake \
+    gcc \
+    libglib2.0-dev \
+    libgnutls28-dev \
+    libpq-dev \
+    postgresql-server-dev-13 \
+    pkg-config \
+    libical-dev \
+    xsltproc \
+    libcgreen1-dev \
+    lcov \
+    libbsd-dev \
+    libgpgme-dev && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN ldconfig

.docker/entrypoint.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+# Copyright (C) 2022 Greenbone AG
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+#!/bin/bash
+
+exec gosu gvmd "$@"

.docker/prod.Dockerfile

@@ -0,0 +1,122 @@
+ARG VERSION=unstable
+ARG GVM_LIBS_VERSION=edge
+ARG DEBIAN_FRONTEND=noninteractive
+
+FROM greenbone/gvmd-build:${VERSION} as builder
+
+COPY . /source
+WORKDIR /source
+
+RUN mkdir /build && \
+    mkdir /install && \
+    cd /build && \
+    cmake -DCMAKE_BUILD_TYPE=Release /source && \
+    make DESTDIR=/install install
+
+FROM greenbone/gvm-libs:${GVM_LIBS_VERSION}
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Runtime dependencies
+
+# PDF Report
+# texlive-fonts-recommended
+# texlive-latex-extra
+
+# HTML Reports, cert data and scan data details
+# xsltproc
+
+# verinice report
+# xsltproc
+# xmlstarlet
+# zip
+
+# RPM credential packages
+# rpm
+# fakeroot
+
+# DEB credential packages
+# dpkg
+# fakeroot
+
+# Windows Executable (.exe) credential installer
+# nsis
+
+# signature verification
+# gnupg
+
+# HTTP alerts
+# wget
+
+# SCP alert
+# sshpass
+# openssh-client
+
+# Send alert
+# socat
+
+# SNMP alert
+# snmp
+
+# SMB alert
+# python3
+# smbclient
+
+# s/mime email encryption
+# gpgsm
+
+# Loading scap and cert data
+# xml-twig-tools
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    dpkg \
+    fakeroot \
+    nsis \
+    gosu \
+    gnupg \
+    gpgsm \
+    libbsd0 \
+    libgpgme11 \
+    libical3 \
+    libpq5 \
+    openssh-client \
+    postgresql-client-13 \
+    postgresql-client-common \
+    python3 \
+    rpm \
+    rsync \
+    socat \
+    smbclient \
+    snmp \
+    sshpass \
+    texlive-fonts-recommended \
+    texlive-latex-extra \
+    wget \
+    xml-twig-tools \
+    xmlstarlet \
+    xsltproc \
+    zip && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY --from=builder /install/ /
+
+COPY .docker/start-gvmd.sh /usr/local/bin/start-gvmd
+COPY .docker/entrypoint.sh /usr/local/bin/entrypoint
+
+RUN addgroup --gid 1001 --system gvmd && \
+    adduser --no-create-home --shell /bin/false --disabled-password --uid 1001 --system --group gvmd
+
+RUN mkdir -p /run/gvmd && \
+    mkdir -p /var/lib/gvm && \
+    mkdir -p /var/log/gvm && \
+    chown -R gvmd:gvmd /etc/gvm && \
+    chown -R gvmd:gvmd /run/gvmd && \
+    chown -R gvmd:gvmd /var/lib/gvm && \
+    chown -R gvmd:gvmd /var/log/gvm && \
+    chmod 755 /usr/local/bin/entrypoint && \
+    chmod 755 /usr/local/bin/start-gvmd
+
+ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
+
+CMD [ "/usr/local/bin/start-gvmd" ]

.docker/start-gvmd.sh

@@ -0,0 +1,51 @@
+#!/bin/sh
+# Copyright (C) 2022 Greenbone AG
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+#!/bin/sh
+
+[ -z "$USER" ] && USER="admin"
+[ -z "$PASSWORD" ] && PASSWORD="admin"
+[ -z "$GVMD_ARGS" ] && GVMD_ARGS="--listen-mode=666"
+[ -z "$GVMD_USER" ] && GVMD_USER="gvmd"
+[ -z "$PGRES_DATA"] && PGRES_DATA="/var/lib/postgresql"
+
+# check for psql connection
+FILE=$PGRES_DATA/started
+until test -f "$FILE"; do
+	echo "waiting 1 second for ready postgres container"
+    sleep 1
+done
+until psql -U "$GVMD_USER" -d gvmd -c "SELECT 'connected' as connection"; do
+	echo "waiting 1 second to retry psql connection"
+	sleep 1
+done
+
+# migrate db if necessary
+gvmd --migrate || true
+
+gvmd --create-user=$USER --password=$PASSWORD || true
+
+# set the feed import owner
+uid=$(gvmd --get-users --verbose | grep $USER | awk '{print $2}')
+gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value "$uid"
+
+echo "starting gvmd"
+gvmd $GVMD_ARGS ||
+	(cat /var/log/gvm/gvmd.log && exit 1)
+
+tail -f /var/log/gvm/gvmd.log

.dockerignore

@@ -0,0 +1,4 @@
+.git
+.github
+.vscode
+build

.github/CODEOWNERS

@@ -1,2 +1,6 @@
 # default reviewers
-*                 @timopollmeier @mattmundell
+*                 @greenbone/gvmd-maintainers @mattmundell
+
+# dev ops
+.github/          @greenbone/devops @greenbone/gvmd-maintainers @mattmundell
+.docker/          @greenbone/devops @greenbone/gvmd-maintainers @mattmundell