Summary
Teams are required by SDElements (Cyber) to scan files uploaded into their app by their end-users. A multitenant remote instance of clamd is deployed in unclassified staging and production environments (IL2, IL4, & IL5). Product Teams are allowed to connect to this service to scan their files.
How to Use
No help desk ticket is needed to add this to your application. All necessary information to connect is in this doc.
Similar to databases, you will need to find a package/library to connect up to clamd for your tech stack.
Here are some libraries that have been identified so far:
If the package/library depends on clamdscan, you can modify your Dockerfile to pull that in from Iron Bank.
How to install clamdscan (This will be needed for Ruby and possibly needed if using the clamscan JavaScript Library).
NOTE: This will not work for any -slim or alpline images
FROM registry1.dso.mil/ironbank/opensource/clamav/clamav:1.2.1 AS clamav
FROM registry1.dso.mil/ironbank/opensource/ruby/ruby27:2.7.3 # your base image.
COPY --from=clamav /usr/local/bin/clamdscan /usr/local/bin/clamdscan
COPY --from=clamav /usr/local/lib64/libclam* /usr/local/lib64/Connecting to clamd
To connect to clamd, use the following host and port in your application:
TCPAddr: clamd.clamav</code>
<br><code>TCPSocket: 3310</code>