Skip to content

greenbone/feed-key-service

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

95 Commits
.docker
.docker
 
 
.github
.github
 
 
certs
certs
 
 
jwt
jwt
 
 
src
src
 
 
tests
tests
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
cliff.toml
cliff.toml
 
 

Repository files navigation

Greenbone Logo

feed-key-service

Service for Managing a Greenbone Feed Key

Installation

The project contains the greenbone-feed-key application which implements a HTTP service providing a REST based API. It is implemented in Rust and requires cargo for building and installing.

make DESTDIR=path/to/install install

The binary can be found at path/to/install/usr/local/bin afterwards.

Usage

After installation the service is available as greenbone-feed-key. By default it listens for http on 127.0.0.1 on port 3000. Running the service requires setting a JWT key. See settings the JWT README for all possible options.

Example using a shared secret

greenbone-feed-key --jwt-secret-key some-secret-key

Settings

The following settings can be adjusted for the greenbone-feed-key service.

CLI Env Type Default Description
-p, --port GREENBONE_FEED_KEY_PORT int 3000 Port to listen on
-s, --server GREENBONE_FEED_KEY_SERVER string 127.0.0.1 IP address to listen on
-k, --feed-key-path GREENBONE_FEED_KEY_PATH path /etc/gvm/greenbone-enterprise-feed-key Path to the enterprise feed key location
-l, --log GREENBONE_FEED_KEY_LOG string greenbone_feed_key=info Logging directive
--enable-api-doc GREENBONE_FEED_KEY_API_DOC bool false Enable OpenAPI documentation and Swagger UI
--tls-server-cert GREENBONE_FEED_KEY_TLS_SERVER_CERT string Path to a TLS certificate (.pem) file
--tls-server-key GREENBONE_FEED_KEY_TLS_SERVER_KEY string Path to a TLS private key file
--tls-client-certs GREENBONE_FEED_KEY_TLS_CLIENT_CERTS string Path to a .pem file containing one ore more root certificates (aka. CA certs)
--upload-limit GREENBONE_FEED_KEY_UPLOAD_LIMIT int 2 MiB File size limit for the feed key in bytes
--jwt-shared-secret GREENBONE_FEED_KEY_JWT_SHARED_SECRET string A shared secret for validating JSON Web Tokens
--jwt-rsa-key GREENBONE_FEED_KEY_JWT_RSA_KEY path Path to a .pem file containing a RSA public key for JWT signature validation
--jwt-ecdsa-key GREENBONE_FEED_KEY_JWT_ECDSA_KEY path Path to a .pem file containing an ECDSA public key (ECDSA using P-256 and SHA-256) for JWT signature validation

TLS

TLS can be enabled for secure communication with the greenbone-feed-key service.

See TLS documentation for more details

JWT

JSON Web Tokens are used to secure the key API.

See JWT documentation for more details.

CLI

Additionally to the service the project provides a CLI helper tool greenbone-feed-service-cli. Currently it implements the following features:

  • jwt - Generating JSON Web tokens for testing purposes
  • openapi - Generating the OpenAPI spec file

Run greenbone-feed-service-cli --help for more details.

API

This is just a summary of the REST API.

The full API specification can be created by running greenbone-feed-service-cli openapi or by enabling the Swagger UI via --enable-api-doc or GREENBONE_FEED_KEY_API_DOC=true when running the greenbone-feed-key service.

Path Method Description
/api/v1/health GET A JSON response to indicate the health of the service
/api/v1/key GET Get the current available key as application/octet-stream
/api/v1/key PUT Upload a feed key as application/octet-stream. Existing key gets overridden.
/api/v1/key POST Upload a feed key via form/multipart data in the file field. Existing key gets overridden.
/api/v1/key DELETE Delete the feed key

Logging

The console output of the greenbone-feed-key service can be adjusted via the GREENBONE_FEED_KEY_LOG environment variable or the -l, --log CLI argument. The logging is implemented via the tracing library and uses env filter directives.

To enable debug logs for all logging/tracing targets the following command can be used:

export GREENBONE_FEED_KEY_LOG=debug

To enable debug log for http requests and the feed service itself the following command can be used:

export GREENBONE_FEED_KEY_LOG=greenbone_feed_key=debug,tower_http=debug

Maintainer

This project is maintained by Greenbone AG.

Contributing

Your contributions are highly appreciated. Please create a pull request on GitHub. Bigger changes need to be discussed with the development team via the issues section at github first.

License

Copyright (C) 2026 Greenbone AG

Licensed under the GNU Affero General Public License v3.0 or later.

About

Service for Managing a Greenbone Feed Key

Topics

openvas gea greenbone-vulnerability-manager

Resources

Readme

License

AGPL-3.0 license

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 4

feed-key-service 0.2.0 Latest
Mar 9, 2026
+ 3 releases

Packages

 
 
 

Contributors

Languages