Change: Deprecate greenbone-nvt-sync script

* Change: Make installing nvt feed sync script optional A new Python based greenbone-feed-sync script is available at https://github.com/greenbone/greenbone-feed-sync/ and should be used instead of the shell based greenbone-nvt-sync script shipped with openvas-scanner. The new script is easier to maintain, to adapt and can be released independently. Therefore make installing the shell optional and don't install it by default anymore. (cherry picked from commit de4cf86) # Conflicts: # src/CMakeLists.txt * Fix: conflicts * Change: set greenbone-nvt-sync as deprecated in favor of greenbone-feed-sync. However, it is still installed as default * Change: Update INSTALL.md --------- Co-authored-by: Björn Ricks <bjoern.ricks@greenbone.net> Co-authored-by: Juan Jose Nicola <juan.nicola@greenbone.net>
greenbone · May 2, 2023 · 952e956 · 952e956
1 parent 803cd1d
commit 952e956
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 11 deletions.
diff --git a/.docker/prod.Dockerfile b/.docker/prod.Dockerfile
@@ -8,7 +8,7 @@ FROM greenbone/gvm-libs:$VERSION AS build
 COPY . /source
 RUN sh /source/.github/install-openvas-dependencies.sh
 COPY --from=openvas-smb /usr/local/lib/ /usr/local/lib/
-RUN cmake -DCMAKE_BUILD_TYPE=Release -B/build /source
+RUN cmake -DCMAKE_BUILD_TYPE=Release -DINSTALL_OLD_SYNC_SCRIPT=OFF -B/build /source
 RUN DESTDIR=/install cmake --build /build -- install
 
 FROM greenbone/gvm-libs:$VERSION

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -37,6 +37,12 @@ endif (NOT CMAKE_BUILD_TYPE)
 
 OPTION (ENABLE_COVERAGE "Enable support for coverage analysis" OFF)
 
+# the shell based script got replaced by https://github.com/greenbone/greenbone-feed-sync/
+OPTION (INSTALL_OLD_SYNC_SCRIPT "Install shell based VT feed sync script" ON)
+if (INSTALL_OLD_SYNC_SCRIPT)
+  message (DEPRECATION "greenbone-nvt-sync is deprecated in favor of greenbone-feed-sync (https://github.com/greenbone/greenbone-feed-sync/) and will be removed in the next major version")
+endif (INSTALL_OLD_SYNC_SCRIPT)
+
 ## Retrieve git revision (at configure time)
 include (GetGit)
 

diff --git a/INSTALL.md b/INSTALL.md
@@ -147,9 +147,16 @@ Setting up an openvas requires the following steps:
    your NVT collection will be empty. It is recommended that you synchronize
    with an NVT feed service before starting openvas for the first time.
 
+   With OpenVAS, the `greenbone-nvt-sync` shell based script is installed per default.
+   However, this script has been deprecated in favor of [greenbone-feed-sync](https://github.com/greenbone/greenbone-feed-sync/)
+   and it is strongly recommended to switch to the new script.
+   The installation of the `greenbone-nvt-sync` script can be disabled with cmake
+   option 
+       `-DINSTALL_OLD_SYNC_SCRIPT=OFF`
+
    Simply execute the following command to retrieve the initial NVT collection:
 
-       greenbone-nvt-sync
+       greenbone-nvt-sync 
 
    This tool will use the Greenbone Security Feed in case a Greenbone
    subscription key is present. Else, the Community Feed will be used.

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -234,17 +234,18 @@ install (TARGETS openvas
 install (FILES ${CMAKE_BINARY_DIR}/src/openvas_log.conf
          DESTINATION ${OPENVAS_SYSCONF_DIR})
 
-install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
-         DESTINATION ${BINDIR}
-         PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
-                     GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+if (INSTALL_OLD_SYNC_SCRIPT)
+  install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
+          DESTINATION ${BINDIR}
+          PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+                      GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
+  install (FILES ${CMAKE_SOURCE_DIR}/doc/man/greenbone-nvt-sync.8
+          DESTINATION ${DATADIR}/man/man8 )
+endif (INSTALL_OLD_SYNC_SCRIPT)
 
 install (FILES ${CMAKE_BINARY_DIR}/doc/man/openvas.8
-                     DESTINATION ${DATADIR}/man/man8 )
-
-
-install (FILES ${CMAKE_SOURCE_DIR}/doc/man/greenbone-nvt-sync.8
-                     DESTINATION ${DATADIR}/man/man8 )
+         DESTINATION ${DATADIR}/man/man8 )
 
 install (DIRECTORY DESTINATION ${OPENVAS_NVT_DIR})
 

diff --git a/tools/greenbone-nvt-sync.in b/tools/greenbone-nvt-sync.in
@@ -523,6 +523,16 @@ do_feedversion () {
 
 do_sync ()
 {
+
+
+  echo "This script has been DEPRECATED in favor of greenbone-feed-sync"
+  echo "and will be removed in the next major version."
+  echo "It is strongly recommended to switch to the new script as soon as possible."
+  echo "The installation of the greenbone-nvt-sync script can be disabled"
+  echo "with cmake option -DINSTALL_OLD_SYNC_SCRIPT=OFF"
+  echo "For more information please visit https://github.com/greenbone/greenbone-feed-sync/"
+  echo ""
+
   do_self_test
   if [ $SELFTEST_FAIL -ne 0 ] ; then
     exit $SELFTEST_FAIL