2 files changed, 103 insertions, 0 deletions

diff --git a/net-analyzer/greenbone-feed-sync/Manifest b/net-analyzer/greenbone-feed-sync/Manifest
index e516e8f26691..23d120d9afc1 100644
--- a/net-analyzer/greenbone-feed-sync/Manifest
+++ b/net-analyzer/greenbone-feed-sync/Manifest
@@ -1 +1,2 @@
 DIST greenbone-feed-sync-23.10.0.tar.gz 63001 BLAKE2B 5566cef8649e578cb498f0a5bc1e41f237a3702698b2012f3a62d8f5f647e6b1e3253c7d92e4a9fc82ad7991de8010b94ba8c1194a820511c49e5f5262e471ff SHA512 fe5864c4e650f17a072cd6e4153779ea33ad8f0ac28e92114b40c465a04b70791b603ccbe82934dcdad13fce2003e2d9786cec75854efecf8aefa74c7ce178f4
+DIST greenbone-feed-sync-24.3.0.tar.gz 58949 BLAKE2B 10260850dad8781682e9f3e3eb31faa4139080b3c5661261770fe28053df472b21b4e2ef98f258b5c634c26d543313da30bb01d9eadfdb8ea8e7b7b57205b7f5 SHA512 ac1ce1f0a2898997e5a330e9a186b6203b7593e5b847d23202c28e7b3b7be1556001cc6d8ba5abd7077d1b51e0f21640728f78659ecf9a60eede28ea483344b4
diff --git a/net-analyzer/greenbone-feed-sync/greenbone-feed-sync-24.3.0.ebuild b/net-analyzer/greenbone-feed-sync/greenbone-feed-sync-24.3.0.ebuild
new file mode 100644
index 000000000000..b4e72dcf6899
--- /dev/null
+++ b/net-analyzer/greenbone-feed-sync/greenbone-feed-sync-24.3.0.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} pypy3 )
+DISTUTILS_USE_PEP517=poetry
+inherit distutils-r1 systemd
+
+DESCRIPTION="New script for syncing the Greenbone Community Feed"
+HOMEPAGE="https://github.com/greenbone/greenbone-feed-sync"
+SRC_URI="https://github.com/greenbone/greenbone-feed-sync/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-3+"
+KEYWORDS="~amd64"
+IUSE="cron"
+
+COMMON_DEPEND="
+	acct-user/gvm
+	net-misc/rsync
+	>=net-analyzer/gvmd-22.5.0
+	>=dev-python/tomli-2.0.1[${PYTHON_USEDEP}]
+	>=dev-python/rich-13.2.0[${PYTHON_USEDEP}]
+	>=dev-python/shtab-1.7.0[${PYTHON_USEDEP}]
+"
+DEPEND="
+	${COMMON_DEPEND}
+	test? ( >=net-analyzer/pontos-22.12.2[${PYTHON_USEDEP}] )
+"
+RDEPEND="
+	${COMMON_DEPEND}
+	cron? ( virtual/cron )
+"
+
+distutils_enable_tests unittest
+
+src_test() {
+	# Make a copy of the original config
+	cp "${WORKDIR}/${P}/greenbone/feed/sync/config.py" "${WORKDIR}/${P}/greenbone/feed/sync/config.py.orig" || die
+
+	# Patch the config.py to avoid sandbox violation.
+	sed -i \
+		-e 's:DEFAULT_CONFIG_FILE = "/etc/gvm/greenbone-feed-sync.toml":DEFAULT_CONFIG_FILE = "'"${WORKDIR}/${P}-${TARGET}"'/install/etc/gvm/greenbone-feed-sync.toml":' \
+		-e 's:DEFAULT_ENTERPRISE_KEY_PATH = "/etc/gvm/greenbone-enterprise-feed-key":DEFAULT_ENTERPRISE_KEY_PATH = "'"${WORKDIR}/${P}-${TARGET}"'/install/etc/gvm/greenbone-enterprise-feed-key":' \
+		"${WORKDIR}/${P}/greenbone/feed/sync/config.py" || die
+
+	# Disable tests that require network access.
+	sed -i \
+		-e 's:test_do_not_run_as_root:_&:' \
+		-e 's:test_sync_nvts:_&:' \
+		-e 's:test_sync_nvts_quiet:_&:' \
+		-e 's:test_sync_nvts_rsync_error:_&:' \
+		-e 's:test_sync_nvts_verbose:_&:' \
+		-e 's:test_sync_nvts:_&:' \
+		-e 's:test_sync_nvts_error:_&:' \
+		    "${WORKDIR}/${P}"/tests/test_main.py || die
+
+	distutils-r1_src_test
+
+	# Restore config.py after test.
+	mv "${WORKDIR}/${P}/greenbone/feed/sync/config.py.orig" "${WORKDIR}/${P}/greenbone/feed/sync/config.py" || die
+}
+
+python_install() {
+	distutils-r1_python_install
+
+	# greenbone-feed-sync should not be run as root to avoid changing file permissions
+	insinto /etc/sudoers.d
+	newins - greenbone-feed-sync <<-EOF
+	gvm ALL = NOPASSWD: /usr/bin/greenbone-feed-sync
+	EOF
+
+	fperms 0750 /etc/sudoers.d
+	fperms 0440 /etc/sudoers.d/greenbone-feed-sync
+
+	if use cron; then
+		exeinto /etc/cron.daily
+		newexe "${FILESDIR}"/${PN}.cron ${PN}
+	fi
+
+	systemd_dounit "${FILESDIR}/${PN}.timer" "${FILESDIR}/${PN}.service"
+}
+
+pkg_postinst() {
+	if [[ -n ${REPLACING_VERSIONS} ]]; then
+		return
+	fi
+
+	if use cron; then
+		elog
+		elog "Edit ${EROOT}/etc/cron.weekly/greenbone-feed-sync to activate daily feed update!"
+		elog
+	fi
+
+	if systemd_is_booted; then
+		elog
+		elog "To enable the systemd timer, run the following command:"
+		elog "   systemctl enable --now greenbone-feed-sync.timer"
+		elog
+	fi
+}