Skip to content

Commit

Permalink
fixing k8s (#16679)
Browse files Browse the repository at this point in the history
* Update Docs for ClamAV in Container  (#16058)

* use clamav container for local development and review instances

* rubocop formatting & CODEOWNERS

* fix Dockerfile

* update CODEOWNERS and docker-compose version for review instances

* change docker-compose verions for review

* fix review ports

* update github workflows to match k8s

* update github workflows

* update code_checks for docker compose for tests

* add bundle exec to setup db step in audit service tags

* reset db in docker compose review & update audit service tag docker services

* remove clamd and freshclam from procfile

* add sidekiq enterprise license to test env var

* set sidekiq license to docker build args

* update makefile to work with new docker services

* update hybrid docs

* add clamav host & port to settings

* add restart services to docker-compose review

* update hybrid and native docs for clamav

* remove clamav setup for ubuntu

* add clamav configration info for docker setup

* Added virus scan to uploads spec (#16393)

* Added virus scan to uploads spec

* Fixing Virus scan spec

* resolve merge conflict

* change directory from /app to /srv/vets-api/src

* use previous master version for RI + clam containers

* add USER_ID to RI docker-compose

* set working directory back to app

* minor clean up with new line EOF & remove k8s deploy related code

* update makefile up command with foreman

* fix docker-compose clamav new line

* more cleanup and rubocop formatting

* remove redis ports from docker-compose test

* update redis port

* revert docker-compose test to original master

* update api service name to web

* rubocop formatting

* add Procfile to CODEOWNERS

* update CODEOWNERS

* add secret and pki volumes back to RI

* add some settings in review docker-compose

* fix merge conflict mistake in Dockerfile

* fix merge conflict

* add rvm install ruby version troubleshooting tip

* update dockerfile ruby version

* resolve merge conflict

* rephrase heading

* update clamav daemon socket docs and comment socket env var

* correct phrasing

* update from GH comments

---------

Co-authored-by: Rachal Cassity <[email protected]>

* fixing k8s

---------

Co-authored-by: stevenjcumming <[email protected]>
  • Loading branch information
RachalCassity and stevenjcumming authored May 8, 2024
1 parent f88f5f9 commit 6af1011
Showing 1 changed file with 0 additions and 44 deletions.
44 changes: 0 additions & 44 deletions docs/setup/native.md
Original file line number Diff line number Diff line change
Expand Up @@ -96,50 +96,6 @@ This file has the necessary configuration settings for local development as well
### Configuring ClamAV antivirus
### EKS
Prior to EKS, ClamAV (the virus scanner) was deployed in the same process as Vets API. With EKS, ClamAV has been extracted out into it’s own service. Locally you can see the docker-compose.yml config for clamav.
### Options
#### Option 1: Run ONLY clamav via Docker
You can either run:
`docker-compose -f docker-compose-clamav.yml up` - this will run ONLY clamav via docker
After that, follow the native instructions and run `foreman start -m all=1`
#### Option 2: [See hybrid setup](https://github.com/department-of-veterans-affairs/vets-api/blob/k8s/docs/setup/hybrid.md)
Please set the [clamav intitalizer](https://github.com/department-of-veterans-affairs/vets-api/blob/k8s/config/initializers/clamav.rb) initializers/clamav.rb file to the following:
```
#### Important: If running hybrid
if Rails.env.development?
ENV["CLAMD_TCP_HOST"] = "0.0.0.0"
ENV["CLAMD_TCP_PORT"] = "33100"
end
```
#### Option 3: Run Clamav Natively (OSX):
If you wish to run ClamAV natively, you'll need to check the platform specific notes. This section will detail the steps of how to run clamav on OSX.
1. `brew install clamav`
2. `brew info clamav`
3. NOTE: See the "Caveats" section: "To finish installation & run clamav you will need to edit the example conf files at `your_directory_here` e.g. `/usr/local/etc/clamav/` - Make note of this directory for following steps.
4. cd into `your_directory_here` from step above (e.g. `/usr/local/etc/clamav/`)
5. In clamd.conf add `LocalSocket your_directory_here/clamd.sock` (e.g. `/usr/local/etc/clamav/clamd.sock`)
6. In freshclam.conf add `DatabaseMirror database.clamav.net`
7. Update the local ClamAV database via `freshclam -v`
8. Run with `/usr/local/sbin/clamd -c your_directory_here/clamd.conf`
9. Comment out EVERYTHING in the [clamav.rb initializer](https://github.com/department-of-veterans-affairs/vets-api/blob/k8s/config/initializers/clamav.rb#L3-L13)
10. Add `ENV['CLAMD_UNIX_SOCKET'] = 'your_directory_here/clamd.sock'` to [config/intializers/clamav.rb](https://github.com/department-of-veterans-affairs/vets-api/blob/k8s/config/initializers/clamav.rb) - (e.g. `/usr/local/etc/clamav/clamd.sock`)
11. Test if working via `rails c` and [ping command](https://github.com/franckverrot/clamav-client#ping--boolean)
**NOTE:** In many cases, there in no need to run ClamAV for local development, even if you are working with uploaded files since the scanning functionality is already built into our CarrierWave and Shrine file upload base classes.
Prior to EKS, ClamAV (the virus scanner) was deployed in the same process as Vets API. With EKS, ClamAV has been extracted out into it’s own service. Locally you can see the docker-compose.yml config for clamav.
Expand Down

0 comments on commit 6af1011

Please sign in to comment.