clamav-rest/Dockerfile.test at master · ajilach/clamav-rest · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
ARG GO_VERSION=1.26.0
FROM golang:${GO_VERSION}-alpine AS build

# Update libraries
RUN apk update && apk upgrade

# Set workdir
WORKDIR /go/src

# Build go package
ADD . /go/src/clamav-rest/
RUN cd /go/src/clamav-rest && go mod tidy && go build -v

FROM docker.io/python:3-alpine3.21

# Copy compiled clamav-rest binary from build container to production container
COPY --from=build /go/src/clamav-rest/clamav-rest /usr/bin/

# Update & Install tzdata
RUN apk update && apk upgrade && apk add --no-cache tzdata

# Enable Bash & logrotate
RUN apk add bash logrotate

COPY clamavlogrotate /etc/logrotate.d/clamav

# Set timezone to Europe/Zurich
ENV TZ=Europe/Zurich

# Create SSL directory for runtime-generated or mounted certificates
RUN mkdir -p /etc/ssl/clamav-rest

# Install ClamAV
RUN apk --no-cache add clamav clamav-libunrar \
    && mkdir /run/clamav \
    && chown clamav:clamav /run/clamav
# cURL and openssl added for tests
RUN apk --no-cache add curl openssl

# Configure clamAV to run in foreground with port 3310
RUN sed -i 's/^#Foreground .*$/Foreground yes/g' /etc/clamav/clamd.conf \
    && sed -i 's/^#TCPSocket .*$/TCPSocket 3310/g' /etc/clamav/clamd.conf \
    && sed -i 's/^#Foreground .*$/Foreground yes/g' /etc/clamav/freshclam.conf

RUN freshclam --quiet --no-dns

COPY entrypoint.sh /usr/bin/

RUN mkdir -p /clamav/etc \
    && mkdir -p /clamav/data \
    && mkdir -p /clamav/tmp

RUN chown -R clamav:clamav /clamav \
    && chown -R clamav:clamav /var/log/clamav \
    && chown -R clamav:clamav /run/clamav \
    && chown -R clamav:clamav /etc/ssl/clamav-rest

# Add test data to test the /scanPath endpoint
RUN mkdir -p /clamav/tmp/ok /clamav/tmp/virus && \
echo 'hello world' > /clamav/tmp/ok/test.txt

COPY eicar.test /clamav/tmp/virus/

ENV PORT=9000
ENV SSL_PORT=9443
ENV MAX_SCAN_SIZE=100M
ENV MAX_FILE_SIZE=25M
ENV MAX_RECURSION=16
ENV MAX_FILES=10000
ENV MAX_EMBEDDEDPE=10M
ENV MAX_HTMLNORMALIZE=10M
ENV MAX_HTMLNOTAGS=2M
ENV MAX_SCRIPTNORMALIZE=5M
ENV MAX_ZIPTYPERCG=1M
ENV MAX_PARTITIONS=50
ENV MAX_ICONSPE=100
ENV MAX_RECONNECT_TIME=30
ENV PCRE_MATCHLIMIT=100000
ENV PCRE_RECMATCHLIMIT=2000
ENV SIGNATURE_CHECKS=2
ENV ALLOW_ORIGINS=*

USER clamav


#FROM docker.io/python:3-alpine

WORKDIR /opt/clamav-rest
COPY . .
ADD --chmod=0755 ./run-tests .

ENTRYPOINT [ "/opt/clamav-rest/entrypoint_tests.sh" ]
CMD [ "test" ]