FROM gvm-libs:latest AS openvas-scanner-base

RUN apt install -y --no-install-recommends\
    bison \
    libglib2.0-dev \
    libgnutls28-dev \
    libgcrypt20-dev \
    libpcap-dev \
    libgpgme-dev \
    libksba-dev \
    rsync \
    nmap \
    python3-impacket \
    libsnmp-dev

RUN apt install -y --no-install-recommends \
    python3 \
    python3-pip \
    python3-setuptools \
    python3-packaging \
    python3-wrapt \
    python3-cffi \
    python3-psutil \
    python3-lxml \
    python3-defusedxml \
    python3-paramiko \
    python3-redis

FROM openvas-scanner-base

ENV OPENVAS_SCANNER_VERSION=$GVM_VERSION

RUN curl -f -L https://github.com/greenbone/openvas-scanner/archive/refs/tags/v$OPENVAS_SCANNER_VERSION.tar.gz -o $SOURCE_DIR/openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz && \
    curl -f -L https://github.com/greenbone/openvas-scanner/releases/download/v$OPENVAS_SCANNER_VERSION/openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz.asc -o $SOURCE_DIR/openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz.asc && \
    gpg --verify $SOURCE_DIR/openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz.asc $SOURCE_DIR/openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz && \
    tar -C $SOURCE_DIR -xvzf $SOURCE_DIR/openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz

RUN mkdir -p $BUILD_DIR/openvas-scanner && cd $BUILD_DIR/openvas-scanner && \
    cmake $SOURCE_DIR/openvas-scanner-$OPENVAS_SCANNER_VERSION \
        -DCMAKE_BUILD_TYPE=Release && \
    make -j$(nproc) && \
    make install && ldconfig

RUN sed -i 's|/var/log/gvm/openvas.log|/dev/stdout|g' /etc/openvas/openvas_log.conf && \
    sed -i 's/if \[ "`id -u`" -eq "0" \]/if false \&\& [ "`id -u`" -eq "0" ]/' /usr/local/bin/greenbone-nvt-sync

ENV OSPD_OPENVAS_VERSION=$GVM_VERSION

RUN curl -f -L https://github.com/greenbone/ospd-openvas/archive/refs/tags/v$OSPD_OPENVAS_VERSION.tar.gz -o $SOURCE_DIR/ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz && \
    curl -f -L https://github.com/greenbone/ospd-openvas/releases/download/v$OSPD_OPENVAS_VERSION/ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz.asc -o $SOURCE_DIR/ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz.asc && \
    gpg --verify $SOURCE_DIR/ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz.asc $SOURCE_DIR/ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz && \
    tar -C $SOURCE_DIR -xvzf $SOURCE_DIR/ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz

RUN cd $SOURCE_DIR/ospd-openvas-$OSPD_OPENVAS_VERSION && \
    python3 -m pip install . --prefix=$INSTALL_PREFIX --root=$INSTALL_DIR --no-warn-script-location && \
    python3 -m pip install gvm-tools --prefix=$INSTALL_PREFIX --root=$INSTALL_DIR --no-warn-script-location && \
    cp -rv $INSTALL_DIR/* /


ARG TINI_VERSION="v0.19.0"
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
RUN chmod +x /tini

VOLUME /var/lib/openvas \
       /run/redis

COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["/tini", "--", "bash", "/usr/local/bin/docker-entrypoint.sh" ]

CMD ["ospd-openvas", "--pid-file", "/run/ospd/ospd.pid", "--unix-socket=/run/ospd/ospd.sock", "-l/dev/stdout", "-LINFO", "-f"]
