djdefi / gitavscan Goto Github PK

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

hey, it would be cool to if it also scanning specific files/dirs in jobs would be possible.

For example, my workflow builds something, fetched dependencies from wherever, and there is a final binary there.
I'm not really interested in scanning the git history, more on what gets into from external.
As post-build step I would like to add a scan "dist/" folder with clamav step then.

• How to run locally
• limitations and usage tips

Is your feature request related to a problem? Please describe.
It is nice if archive files (zip, tar.gz, 7z) are also scanned with extracted its contents.

Describe the solution you'd like
Extend script

• run find to look up archive files
• extract it to temporary directory.
• target also temporary directory.

Describe alternatives you've considered
Users can do it by themselves in github action script.

Is your feature request related to a problem? Please describe.

We likely use a good chuck of bandwidth pulling the virus database when the Docker build occurs. We should try to reduce this or at least make better use of a cache.

Describe the solution you'd like

We could periodically build a base image that includes an update to the database, then use that image to run the scan Action. This may speed up overall runtime if we are doing less of a Docker build on each run.

We see no indication from the scan results if this is true or not. Thank you.

• Are we actually scanning as much of the history as possible in a full scan?
• The scan ordering does not appear to be chronological, ideally we would be able to do "scan last X number of commits in order"

Is your feature request related to a problem? Please describe.
There are clamav-unofficial-sigs that can be used for scan.
It will be nice to check these sigs too.

Describe the solution you'd like

• apt-get install clamav-unofficial-sigs
• run clamav-unofficial-sigs before running clamscan

Describe alternatives you've considered

• It can be an optional

Can shave off a little bit of container size.

https://opentip.kaspersky.com/
If possible, I would like to be able to upload the compiled results to Kaspersky Scan and have an exclamation point message pop up in Actions containing a link to the scan results
and the feature is only available with this issue #20

Describe the bug

I want to scan one sub-directory of my workspace and therefore use the new option to pass options to clamav.

To Reproduce

I'm using this syntax in my GitHub Action yml file:

    - name: Scan
      uses: djdefi/gitavscan@15
      with:
        options: "--include-dir=releasefiles"

The releasefiles directory contains binaries to be scanned.

Expected behavior

I expect this configuration to not raise errors or warnings.

Note that I am not sure if the directory is scanned or not. But the log message suggests that the "options" parameter is not recognized.

Screenshots

This is the log output:

Warning: Unexpected input(s) 'options', valid inputs are ['entryPoint', 'args', 'full']
Run djdefi/gitavscan@15
/usr/bin/docker run --name ghcriodjdefigitavscannightly_ad5bbf --label 2a6c8c --workdir /github/workspace --rm -e "LATEST_TAG" -e "INPUT_OPTIONS" -e "INPUT_FULL" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/fabrikam-code/fabrikam-code":"/github/workspace" ghcr.io/djdefi/gitavscan:nightly  "/gitscan.sh" "" "--include-dir=releasefiles"
ClamAV update process started at Sun Jul  9 19:40:53 2023
daily database available for update (local version: 26963, remote version: 26964)
WARNING:  ******* RESULT 200, SIZE: 1157 ******* 
Testing database: '/var/lib/clamav/tmp.21bbb59de9/clamav-a5d93afe572a0dd8f2dc5bb9942220a9.tmp-daily.cld' ...
Database test passed.
daily.cld updated (version: 26964, sigs: 2038810, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf
Beginning scan...
Scanning working and .git directories...
Scan finished Sun Jul  9 19:44:22 UTC 2023

My main concern is the first line: Warning: Unexpected input(s) 'options', valid inputs are ['entryPoint', 'args', 'full']

Another question (but unrelated to the --options issue): does this matter? -> ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf

Additional context

Just trying to scan binaries in a directory, along the lines of #20.

(I also tried with djdefi/gitavscan@main, but no change.)