include $(TOPDIR)/rules.mk

PKG_NAME:=secubox-cve-triage
PKG_VERSION:=1.0.0
PKG_RELEASE:=1

PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
PKG_LICENSE:=GPL-3.0

PKG_FLAGS:=nonshared

include $(INCLUDE_DIR)/package.mk

define Package/secubox-cve-triage
  SECTION:=secubox
  CATEGORY:=SecuBox
  TITLE:=CVE Triage Agent
  DEPENDS:=+wget +jsonfilter
  PKGARCH:=all
endef

define Package/secubox-cve-triage/description
  AI-powered CVE analysis and vulnerability management agent for SecuBox.

  Features:
  - Automated CVE scanning against installed packages
  - NVD API integration for vulnerability data
  - CrowdSec CVE alert correlation
  - LocalAI-powered impact analysis
  - Approval workflow for patch recommendations
  - LXC and Docker package monitoring
endef

define Package/secubox-cve-triage/conffiles
/etc/config/cve-triage
endef

define Build/Compile
endef

define Package/secubox-cve-triage/install
	$(INSTALL_DIR) $(1)/etc/config
	$(INSTALL_CONF) ./files/etc/config/cve-triage $(1)/etc/config/

	$(INSTALL_DIR) $(1)/etc/init.d
	$(INSTALL_BIN) ./files/etc/init.d/cve-triage $(1)/etc/init.d/

	$(INSTALL_DIR) $(1)/usr/bin
	$(INSTALL_BIN) ./files/usr/bin/cve-triage $(1)/usr/bin/

	$(INSTALL_DIR) $(1)/usr/lib/cve-triage
	$(INSTALL_DATA) ./files/usr/lib/cve-triage/*.sh $(1)/usr/lib/cve-triage/
endef

define Package/secubox-cve-triage/postinst
#!/bin/sh
[ -n "$${IPKG_INSTROOT}" ] || {
	mkdir -p /var/lib/cve-triage
	mkdir -p /var/cache/cve-triage
	/etc/init.d/cve-triage enable 2>/dev/null
}
exit 0
endef

$(eval $(call BuildPackage,secubox-cve-triage))
