Skip to content

Commit

Permalink
Merge pull request #311 from Secure-Compliance-Solutions-LLC/dev
Browse files Browse the repository at this point in the history
V21.4.4-v2
  • Loading branch information
austinsonger authored Nov 27, 2021
2 parents d1b84b8 + 56c565e commit ed96bc9
Show file tree
Hide file tree
Showing 4 changed files with 80 additions and 62 deletions.
33 changes: 33 additions & 0 deletions .github/release-drafter.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name-template: 'v$RESOLVED_VERSION'
tag-template: 'v$RESOLVED_VERSION'
template: |
# What's Changed
$CHANGES
categories:
- title: 'Breaking'
label: 'type: breaking'
- title: 'New'
label: 'type: feature'
- title: 'Bug Fixes'
label: 'type: bug'
- title: 'Maintenance'
label: 'type: maintenance'
- title: 'Dependency Updates'
label: 'type: dependencies'

version-resolver:
major:
labels:
- 'type: breaking'
minor:
labels:
- 'type: feature'
patch:
labels:
- 'type: bug'
- 'type: maintenance'
- 'type: dependencies'
- 'type: security'

exclude-labels:
- 'skip-changelog'
71 changes: 10 additions & 61 deletions .github/workflows/docker-publish-debian.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@ on:
push:
branches: [master]
pull_request:
branches: [master, dev]
branches: [master]
create:
tags:
release:
types: [published, edited]

concurrency: ci-debian-${{ github.ref }}

Expand Down Expand Up @@ -38,26 +40,6 @@ jobs:
id: vars
run: echo ::set-output name=docker_tag::$(echo ${GITHUB_REF} | cut -d'/' -f3)-${GITHUB_SHA}

- name: Download artifact
uses: dawidd6/action-download-artifact@v2
with:
# Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
# Required, if artifact is from a different repo
github_token: ${{secrets.GITHUB_TOKEN}}
# Required, workflow file name or ID
workflow: build-apk.yml
# Optional, will use the branch
branch: master
# Optional, uploaded artifact name,
# will download all artifacts if not specified
# and extract them in respective subdirectories
# https://github.com/actions/download-artifact#download-all-artifacts
name: apk-builds
# Optional, directory where to extract artifact. Defaults to the artifact name (see `name` input)
path: ${{ github.workspace }}/apk-build/
# Optional, defaults to current repo
repo: Secure-Compliance-Solutions-LLC/GVM-APK-build

- name: Build the Docker image
run: docker build . --file Dockerfile.debian --build-arg OPT_PDF=1 --tag ${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}

Expand Down Expand Up @@ -102,6 +84,8 @@ jobs:

build_test_anchore:
name: Build and Test - Anchore
# ...but only when a `release` is `published` (combined with `on`)
if: github.event_name == 'release'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
Expand All @@ -115,26 +99,6 @@ jobs:
id: vars
run: echo ::set-output name=docker_tag::$(echo ${GITHUB_REF} | cut -d'/' -f3)-${GITHUB_SHA}

- name: Download artifact
uses: dawidd6/action-download-artifact@v2
with:
# Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
# Required, if artifact is from a different repo
github_token: ${{secrets.GITHUB_TOKEN}}
# Required, workflow file name or ID
workflow: build-apk.yml
# Optional, will use the branch
branch: master
# Optional, uploaded artifact name,
# will download all artifacts if not specified
# and extract them in respective subdirectories
# https://github.com/actions/download-artifact#download-all-artifacts
name: apk-builds
# Optional, directory where to extract artifact. Defaults to the artifact name (see `name` input)
path: ${{ github.workspace }}/apk-build/
# Optional, defaults to current repo
repo: Secure-Compliance-Solutions-LLC/GVM-APK-build

- name: Build the Docker image
run: docker build . --file Dockerfile.debian --build-arg OPT_PDF=1 --tag ${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}

Expand Down Expand Up @@ -218,26 +182,6 @@ jobs:
fi
echo -n "${IMAGE_NAME_GHCR}"
- name: Download artifact
uses: dawidd6/action-download-artifact@v2
with:
# Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
# Required, if artifact is from a different repo
github_token: ${{secrets.GITHUB_TOKEN}}
# Required, workflow file name or ID
workflow: build-apk.yml
# Optional, will use the branch
branch: master
# Optional, uploaded artifact name,
# will download all artifacts if not specified
# and extract them in respective subdirectories
# https://github.com/actions/download-artifact#download-all-artifacts
name: apk-builds
# Optional, directory where to extract artifact. Defaults to the artifact name (see `name` input)
path: ${{ github.workspace }}/apk-build/
# Optional, defaults to current repo
repo: Secure-Compliance-Solutions-LLC/GVM-APK-build

# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
Expand Down Expand Up @@ -375,3 +319,8 @@ jobs:
build-args: |
SETUP=1
OPT_PDF=1
- name: Update changelog
uses: thomaseizinger/keep-a-changelog-new-release@1.1.0
with:
version: ${{ github.event.inputs.version }}
2 changes: 1 addition & 1 deletion .github/workflows/docker-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on:
push:
branches: [master]
pull_request:
branches: [master, dev]
branches: [master]
create:
tags:

Expand Down
36 changes: 36 additions & 0 deletions Readme.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,42 @@ You want to send GVM/OpenVAS results to Elasticsearch, try our [GVM Logstash pro

If you would like something added to the documentation please create a issue [GVM-Docker Gitbook Repo](https://github.com/Secure-Compliance-Solutions-LLC/gitbook/issues)

## Quick Start

- Now all `-data` images are full pre-initialized (with available data from the build time)

> Pre Initialized (-data) images, have a web ui password: `adminpassword` and should be changed after the deployment. Also the Postgres got a default password: `none`
### Github Registry

```
docker pull ghcr.io/secure-compliance-solutions-llc/gvm-docker:debian-master-data-full
docker pull ghcr.io/secure-compliance-solutions-llc/gvm-docker:debian-master-data
docker pull ghcr.io/secure-compliance-solutions-llc/gvm-docker:debian-master-full
docker pull ghcr.io/secure-compliance-solutions-llc/gvm-docker:debian-master
```


### Docker Hub

```
docker pull securecompliance/gvm:debian-master-data-full
docker pull securecompliance/gvm:debian-master-data
docker pull securecompliance/gvm:debian-master-full
docker pull securecompliance/gvm:debian-master
```

## Estimated Hardware Requirements

| Hosts | CPU Cores | Memory | Disk Space |
| :----------------- | :------------ | :-------- | :--------- |
| 512 active IPs | 4@2GHz cores | 8 GB RAM | 30 GB |
| 2,500 active IPs | 6@2GHz cores | 12 GB RAM | 60 GB |
| 10,000 active IPs | 8@3GHz cores | 16 GB RAM | 250 GB |
| 25,000 active IPs | 16@3GHz cores | 32 GB RAM | 1 TB |
| 100,000 active IPs | 32@3GHz cores | 64 GB RAM | 2 TB |


## Architecture

The key points to take away from the diagram below, is the way our setup establishes connection with the remote sensor, and the available ports on the GMV-Docker container. You can still use any add on tools you've used in the past with OpenVAS on 9390. One of the latest/best upgrades allows you connect directly to postgres using your favorite database tool.
Expand Down

0 comments on commit ed96bc9

Please sign in to comment.