From 7de53eac0484531bf193d139c6a2a49970ed1c42 Mon Sep 17 00:00:00 2001
From: Kasem Alem <kalem@kalem-thinkpadp16vgen1.raanaii.csb>
Date: Tue, 19 Nov 2024 14:51:43 +0200
Subject: [PATCH] feat(STONEINTG-1072): refactoring clamav-db to avoild
 uploading file

Signed-off-by: Kasem Alem <kalem@kalem-thinkpadp16vgen1.raanaii.csb>
---
 .github/workflows/clam-db.yaml |  6 +++++-
 clamav/Dockerfile              | 32 +++++++++++++++++++++++++++++---
 2 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/clam-db.yaml b/.github/workflows/clam-db.yaml
index 95f5d9c..b82b497 100644
--- a/.github/workflows/clam-db.yaml
+++ b/.github/workflows/clam-db.yaml
@@ -54,10 +54,14 @@ jobs:
           image: ${{ env.IMAGE_NAME }}
           tags: ${{ env.NEW_TAG}} ${{ env.VERSION_MAJOR }} ${{ env.LATEST_TAG }}
           archs: amd64,ppc64le
-          context: clamav/
+          context: .
           containerfiles: |
             ./clamav/Dockerfile
 
+      # Debugging Kasem
+      - name: List Available Images
+        run: podman images
+      
       - name: Get ClamAV version
         run: |
           podman run --rm -t ${{ steps.build-image.outputs.image-with-tag }} clamscan --version
diff --git a/clamav/Dockerfile b/clamav/Dockerfile
index 2412c01..cdaea2d 100644
--- a/clamav/Dockerfile
+++ b/clamav/Dockerfile
@@ -1,9 +1,35 @@
 FROM registry.access.redhat.com/ubi9/ubi-minimal:9.4-1227.1726694542
+FROM quay.io/enterprise-contract/ec-cli:snapshot@sha256:dc7d404596385e7d3c624ec0492524a1d57efe2b0c10cf0ec2158d49c0290a83 AS ec-cli
+
+ENV POLICY_PATH="/project"
+# Install required packages
 RUN rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \
     microdnf -y --setopt=tsflags=nodocs install \
     clamav \
     clamd \
-    clamav-update && \
-    microdnf clean all
-COPY whitelist.ign2 /var/lib/clamav/whitelist.ign2
+    clamav-update \
+    jq \
+    tar \
+    skopeo \
+    && microdnf clean all
+
+COPY ./test/utils.sh /utils.sh
+
+
+# Update ClamAV virus definitions
 RUN freshclam
+
+COPY clamav/whitelist.ign2 /var/lib/clamav/whitelist.ign2
+
+COPY policies $POLICY_PATH
+COPY test/conftest.sh $POLICY_PATH
+
+# Download and install oc
+RUN ARCH="$(uname -m)" && \
+    curl -fsSL https://mirror.openshift.com/pub/openshift-v4/"$ARCH"/clients/ocp/stable/openshift-client-linux.tar.gz --output oc.tar.gz && \
+    cp oc.tar.gz /usr/bin/oc && \
+    tar -xzvf oc.tar.gz -C /usr/bin && \
+    rm oc.tar.gz
+
+ENTRYPOINT ["/usr/bin/clamscan"]
+CMD ["ls","-ltr" ,"/usr/bin/clamscan"]