Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Allow connection to clamd through a TLS proxy #106

Merged
merged 24 commits into from
Dec 8, 2022

Conversation

carboneater
Copy link
Contributor

Quite a small code change, which required quite a lot of CI patches to get back in working order.

@carboneater carboneater marked this pull request as ready for review December 5, 2022 17:09
@kylefarris
Copy link
Owner

Thanks for your contribution @carboneater! Looks like the CI suite tests all got cancelled after about 1 minute. Are you able to see the results or not? If not, I'll see what I can do to get you access to seeing them.

@carboneater
Copy link
Contributor Author

carboneater commented Dec 5, 2022

Thanks for your contribution @carboneater! Looks like the CI suite tests all got cancelled after about 1 minute. Are you able to see the results or not? If not, I'll see what I can do to get you access to seeing them.

Yes, I can see tests failed with

Reason: invalid scanner: expected promise not to be rejected with 'Error' but it was rejected with 'Error: connect ENOENT /var/run/clamav…' Error: connect ENOENT /var/run/clamav/clamd.ctl
Unhandled Rejection reason: [AssertionError: invalid scanner: expected promise not to be rejected with 'Error' but it was rejected with 'Error: connect ENOENT /var/run/clamav…']
...

However, that's the first time I hit this case in github actions...
It's as if the same workflow ran on two very different machines...
Double-checking the workflows, when I ran the tests using ubuntu-latest I had 22.04 machines.
The machine running the test for Node 17 was a 20.04 machine.

According to the github post, 20.04 should be almost completely phased out of ubuntu-latest
So we can re-run the workflow and see how it goes.
Or we can pin ubuntu-22.04 instead.

(Side note, even on my branch, the pipeline is flaky on the following test, but that feels like a race condition to me.)
https://github.com/carboneater/clamscan/actions/runs/3622245476/jobs/6110552743#step:18:173

@kylefarris
Copy link
Owner

kylefarris commented Dec 8, 2022

Looks like when I re-ran the tests, everything worked. GitHub Actions don't seem super reliable. But maybe pinning Jaunty was the key.

Copy link
Owner

@kylefarris kylefarris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really appreciate you taking this issue on @carboneater. Looks like dependencies needed some major updates too, so, thanks for taking care of that. I added you as a contributor in the package file :)

There's just a couple really minor things I'd like you to address and I'll get this rebased and merged in.

.github/workflows/test.yml Show resolved Hide resolved
@@ -7,10 +7,10 @@ on:
- master
jobs:
test:
runs-on: ubuntu-18.04
runs-on: ubuntu-22.04
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This might have been the key to getting things to work. 🤞🏼

README.md Outdated Show resolved Hide resolved
index.js Outdated
@@ -104,6 +106,7 @@ class NodeClam {
* @param {boolean} [options.clamdscan.reloadDb=false] - If true, will re-load the DB on ever call (slow)
* @param {boolean} [options.clamdscan.active=true] - If true, this module will consider using the `clamdscan` binary
* @param {boolean} [options.clamdscan.bypassTest=false] - If true, check to see if socket is avaliable
* @param {boolean} [options.clamdscan.tls=false] - If true, connect to a TLS-Termination proxy in from of ClamAV
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have a typo in this JSDoc comment. Did you mean "...in form of ClamAV"?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yikes!
I was going for in front of

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes a lot more sense, haha.

package.json Outdated Show resolved Hide resolved
@kylefarris
Copy link
Owner

I still need to re-run the tests multiple times to get them to complete. Not sure what's up with that. But, the tests have passed so I'll get this merged in.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants