Skip to content

Commit 64031ec

Browse files
keshav-spacetdruez
andauthored
Include virus report in the resource extra_data field (#1250)
* Include virus report in the resource extra_data field - Provide the virus report in the extra_data field for downstream consumption via scan results Signed-off-by: Keshav Priyadarshi <git@keshav.space> * Refine the docstring and changelog #1250 Signed-off-by: tdruez <tdruez@nexb.com> * Do not publish the clamav service ports #1250 The service is only accessed by other compose services and does not need to be exposed to the host machine. Signed-off-by: tdruez <tdruez@nexb.com> --------- Signed-off-by: Keshav Priyadarshi <git@keshav.space> Signed-off-by: tdruez <tdruez@nexb.com> Co-authored-by: tdruez <tdruez@nexb.com>
1 parent 1fb34ad commit 64031ec

File tree

4 files changed

+29
-8
lines changed

4 files changed

+29
-8
lines changed

CHANGELOG.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@ v34.6.0 (unreleased)
55
--------------------
66

77
- Add a new ``scan_for_virus`` add-on pipeline based on ClamAV scan.
8+
Found viruses are stored as "error" Project messages and on their related codebase
9+
resource instance using the ``extra_data`` field.
810
https://github.com/nexB/scancode.io/issues/1182
911

1012
- Add ability to filter by tag on the resource list view.

docker-compose.yml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -71,8 +71,6 @@ services:
7171
volumes:
7272
- clamav_data:/var/lib/clamav
7373
- workspace:/var/scancodeio/workspace/
74-
ports:
75-
- "3310:3310"
7674
restart: always
7775

7876
volumes:

scanpipe/pipes/clamav.py

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,8 @@
3030
def scan_for_virus(project):
3131
"""
3232
Run a ClamAV scan to detect virus infection.
33-
Create one Project error message per found virus.
33+
Create one Project error message per found virus and store the detection data
34+
on the related codebase resource ``extra_data`` field.
3435
"""
3536
if settings.CLAMD_USE_TCP:
3637
clamd_socket = clamd.ClamdNetworkSocket(settings.CLAMD_TCP_ADDR)
@@ -45,13 +46,22 @@ def scan_for_virus(project):
4546
for resource_location, results in scan_response.items():
4647
status, reason = results
4748
resource_path = Path(resource_location).relative_to(project.codebase_path)
48-
details = {
49-
"status": status,
50-
"reason": reason,
51-
"resource_path": str(resource_path),
49+
50+
resource = project.codebaseresources.get(path=resource_path)
51+
virus_report = {
52+
"calmav": {
53+
"status": status,
54+
"reason": reason,
55+
}
5256
}
57+
resource.update_extra_data({"virus_report": virus_report})
58+
5359
project.add_error(
5460
description="Virus detected",
5561
model="ScanForVirus",
56-
details=details,
62+
details={
63+
"status": status,
64+
"reason": reason,
65+
"resource_path": str(resource_path),
66+
},
5767
)

scanpipe/tests/pipes/test_clamav.py

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,3 +56,14 @@ def test_scanpipe_pipes_clamav_scan_for_virus(self, mock_multiscan):
5656
"resource_path": "eicar.zip",
5757
}
5858
self.assertEqual(expected_details, error_message.details)
59+
60+
resource1 = project.codebaseresources.first()
61+
expected_virus_report_extra_data = {
62+
"virus_report": {
63+
"calmav": {
64+
"status": "FOUND",
65+
"reason": "Win.Test.EICAR_HDB-1",
66+
}
67+
}
68+
}
69+
self.assertEqual(expected_virus_report_extra_data, resource1.extra_data)

0 commit comments

Comments
 (0)