From a8b6868030d07c7c160a3d9ba775f472e43c283f Mon Sep 17 00:00:00 2001
From: Rory McNicholl <rory.mcnicholl@london.ac.uk>
Date: Mon, 29 Jan 2024 20:46:37 +0000
Subject: [PATCH] return av, but not the gem yet (#513)

---
 Dockerfile                    | 8 ++++++++
 bin/worker                    | 2 +-
 docker-compose.production.yml | 2 +-
 docker-compose.yml            | 2 +-
 4 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b9b3a828a..8b4cef213 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,6 +6,8 @@ USER root
 RUN apk --no-cache upgrade && \
   apk --no-cache add \
     bash \
+    clamav \
+    clamav-daemon \
     cmake \
     exiftool \
     ffmpeg \
@@ -35,6 +37,11 @@ RUN apk --no-cache upgrade && \
   # cargo install rbspy && \
   echo "******** Packages Installed *********"
 
+RUN sed -i 's/User clamav/User app/g' /etc/clamav/clamd.conf
+RUN mkdir -p /var/run/clamav && chown -R app:app /var/run/clamav
+RUN mkdir -p /var/log/clamav && chown -R app:app /var/log/clamav
+RUN chown -R app:app /var/lib/clamav
+
 RUN wget https://github.com/ImageMagick/ImageMagick/archive/refs/tags/7.1.0-57.tar.gz \
     && tar xf 7.1.0-57.tar.gz \
     && apk --no-cache add \
@@ -98,5 +105,6 @@ RUN RAILS_ENV=production SECRET_KEY_BASE=`bin/rake secret` DB_ADAPTER=nulldb DAT
 CMD ./bin/web
 
 FROM hyku-web as hyku-worker
+RUN freshclam
 ENV MALLOC_ARENA_MAX=2
 CMD ./bin/worker
diff --git a/bin/worker b/bin/worker
index b7605486b..2d33ecb79 100755
--- a/bin/worker
+++ b/bin/worker
@@ -9,4 +9,4 @@ else
   puts 'DATABASE_URL not set, no pool change needed'
 end
 
-exec "echo $DATABASE_URL && bundle exec sidekiq"
+exec "echo $DATABASE_URL && clamd && bundle exec sidekiq"
diff --git a/docker-compose.production.yml b/docker-compose.production.yml
index 49ea47332..3ec7ab3b8 100644
--- a/docker-compose.production.yml
+++ b/docker-compose.production.yml
@@ -126,7 +126,7 @@ services:
       target: hyku-worker
       args:
         - HYKU_BULKRAX_ENABLED=true
-    command: bundle exec sidekiq
+    command: clamd && bundle exec sidekiq
     depends_on:
       - check_volumes
       - db
diff --git a/docker-compose.yml b/docker-compose.yml
index 9221cb824..046eafafa 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -182,7 +182,7 @@ services:
     ##
     ## With the following line, uncommented during active development, we'll
     ## run bundle then run sidekiq.
-    # command: sh -l -c "bundle && bundle exec sidekiq"
+    command: sh -l -c "clamd && bundle && bundle exec sidekiq"
     ##
     ## Similar to the above, except we will bundle and then tell the container
     ## to wait.  You'll then need to bash into the worker container and start