Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for additional flags #53

Merged
merged 37 commits into from
Nov 3, 2022
Merged

Add support for additional flags #53

merged 37 commits into from
Nov 3, 2022

Conversation

mjourdan
Copy link
Contributor

@mjourdan mjourdan commented May 13, 2022
edited by jsf9k
Loading

🗣 Description

💭 Motivation and context

Wanted to automatically move the infected files to a quarantine folder. Also, allow some tuning.

This PR resolves #51 and #50.

🧪 Testing

I ran the role against a Debian 11 target host.

- hosts: all
  become: yes
  become_method: sudo
  vars:
    clamav_scan_move: true
  roles:
    - clamav

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All relevant repo and/or project documentation has been updated to reflect the changes in this PR.
  • Tests have been added and/or modified to cover the changes in this PR.
  • All new and existing tests pass.

dav3r
dav3r requested changes May 18, 2022
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mjourdan Thanks very much for contributing to this repo! Please take a look at my suggestions and let me know if you have any questions or concerns.

README.md Outdated Show resolved Hide resolved
defaults/main.yml Outdated Show resolved Hide resolved
defaults/main.yml Outdated Show resolved Hide resolved
tasks/main.yml Outdated Show resolved Hide resolved
templates/virus_scan.sh Outdated Show resolved Hide resolved
templates/virus_scan.sh Outdated Show resolved Hide resolved
dav3r
dav3r approved these changes May 27, 2022
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great to me now - thank you @mjourdan for contributing!

@jsf9k, @mcdonnnj, or @felddy - can you please give this PR a once-over?

@mcdonnnj mcdonnnj added the improvement This issue or pull request will add or improve functionality, maintainability, or ease of use label May 27, 2022
mcdonnnj
mcdonnnj requested changes May 28, 2022
View reviewed changes
Copy link
Member

@mcdonnnj mcdonnnj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! This all looks solid. I have some minor changes I'd like to see below.

README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
defaults/main.yml Outdated Show resolved Hide resolved
tasks/main.yml Outdated Show resolved Hide resolved
templates/virus_scan.tpl.sh Outdated Show resolved Hide resolved
templates/virus_scan.tpl.sh Outdated Show resolved Hide resolved
jsf9k
jsf9k requested changes May 31, 2022
View reviewed changes
Copy link
Member

@jsf9k jsf9k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to see some additional tests that cover the new options you have added. It may make sense to create some new molecule scenarios for this, as is done, e.g., in cisagov/ansible-role-python#46.

README.md Outdated Show resolved Hide resolved
defaults/main.yml Outdated Show resolved Hide resolved
defaults/main.yml Outdated Show resolved Hide resolved
@ClementJ35
Copy link
Contributor

ClementJ35 commented Oct 14, 2022
edited
Loading

Hi @jsf9k,
I did the tests as you did for modify_config. It works nice (see https://github.com/mjourdan/ansible-role-clamav/actions/runs/3250333690 )
Here, it can't run because of merge conflict.
What is your policy ?
Do we merge / rebase / do nothing ?

Mathieu Jourdan and others added 19 commits October 17, 2022 10:35
@jsf9k
Turn cron job from simple file to template
ab0f4ba
@jsf9k
Add support for quarantine and extra flags
fc99731 
Fixes cisagov#51
@jsf9k
replace exclude dir strings with regular expressions
c261fc6 
fixes cisagov#50
@jsf9k
add quarantine dir to the list of exclusions
27cca4c
@mjourdan @dav3r @jsf9k
Update README.md
967e67c 
Alphabetize, clean up wording, and fix typos/formatting

Co-authored-by: dav3r <daver@geekpad.com>
@mjourdan @dav3r @jsf9k
Update defaults/main.yml
b5f0f27 
Alphabetize

Co-authored-by: dav3r <daver@geekpad.com>
@jsf9k
Rename template to match cisagov standard
8e56031
@mjourdan @dav3r @jsf9k
Update tasks/main.yml
f0155c1 
Co-authored-by: dav3r <daver@geekpad.com>
@jsf9k
alphabetize clamscan flags
9fc64dd
@mjourdan @mcdonnnj @jsf9k
Apply suggestions from code review
724a795 
avoid abbreviation

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@mjourdan @jsf9k
Update README.md
3678c9a 
replace dict with list

Co-authored-by: Shane Frasier <maverick@maverickdolphin.com>
@mjourdan @jsf9k
Update defaults/main.yml
8d5d28a 
remove unnecessary quotes on file mode

Co-authored-by: Shane Frasier <maverick@maverickdolphin.com>
@jsf9k
remove unnecessary quotes on quarantine directory
9d09781
@mjourdan @mcdonnnj @jsf9k
Apply suggestions from code review
7f8704a 
Add backticks to default values in readme

Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@ClementJ35 @jsf9k
[tests] First commit of tree folder
9d643a8
@ClementJ35 @jsf9k
[tests] Second commit of the new folder tree
fcaffab
@ClementJ35 @jsf9k
[tests] Write first test
e2c16d8
@ClementJ35 @jsf9k
[test] add comment and fix syntax
0feb478
@ClementJ35 @jsf9k
[tests] Fix lint & add the scenarios to the matrix
bb91af9
@jsf9k
Copy link
Member

jsf9k commented Oct 17, 2022

Hi @jsf9k, I did the tests as you did for modify_config. It works nice (see https://github.com/mjourdan/ansible-role-clamav/actions/runs/3250333690 ) Here, it can't run because of merge conflict. What is your policy ? Do we merge / rebase / do nothing ?

Thanks @ClementJ35 and @mjourdan! I rebased the PR; once the tests pass I'll re-review.

@jsf9k
Copy link
Member

jsf9k commented Oct 17, 2022
edited
Loading

The build is failing because of an issue in molecule. Hopefully that issue is resolved upstream soon.

@ClementJ35
Copy link
Contributor

Hi @jsf9k, thanks for rebasing.
It seems your PR as been merged : ansible/molecule#3687
I'll keep an eye here to see if it's passing all tests.

@jsf9k
Copy link
Member

jsf9k commented Oct 19, 2022

Hi @jsf9k, thanks for rebasing. It seems your PR as been merged : ansible-community/molecule#3687 I'll keep an eye here to see if it's passing all tests.

Yep, once they release a new version of Molecule I can re-run the tests and they should pass.

jsf9k
jsf9k approved these changes Oct 26, 2022
View reviewed changes
Copy link
Member

@jsf9k jsf9k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work @mjourdan! Thank you for the contribution!

@jsf9k jsf9k unassigned dav3r Oct 26, 2022
@jsf9k
Copy link
Member

jsf9k commented Oct 26, 2022

@dav3r and @mcdonnnj, please re-review this pull request.

dav3r
dav3r approved these changes Oct 27, 2022
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great - strong work! 🚀

mcdonnnj
mcdonnnj approved these changes Nov 2, 2022
View reviewed changes
Copy link
Member

@mcdonnnj mcdonnnj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the continued work in getting this implemented. I'm suggesting that the additional_flags scenario's files more closely mirror the form of the modify_config scenario so that we are consistent. Other than that all I saw was a typo.

README.md Outdated Show resolved Hide resolved
molecule/additional_flags/INSTALL.rst Outdated Show resolved Hide resolved
molecule/additional_flags/prepare.yml Outdated Show resolved Hide resolved
molecule/additional_flags/python.yml Outdated Show resolved Hide resolved
molecule/additional_flags/requirements.yml Outdated Show resolved Hide resolved
molecule/additional_flags/upgrade.yml Outdated Show resolved Hide resolved
molecule/additional_flags/molecule.yml Outdated Show resolved Hide resolved
molecule/additional_flags/molecule-no-systemd.yml Outdated Show resolved Hide resolved
molecule/additional_flags/molecule-with-systemd.yml Outdated Show resolved Hide resolved
jsf9k and others added 2 commits November 2, 2022 12:26
@jsf9k @mcdonnnj
Fix typo
391c1b2 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k @mcdonnnj
Organize additional_flags scenario similarly to modify_config
9713cb1 
This entailed making several files in molecule/additional_flags
symlinks instead of hard copies.  I also broke the tests that were in
default/tests/test_default.py into two files so I could reuse most of
them in molecule/additional_flags but still create a slightly
different version of others specific to the scenario.

Co-authored-by: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k jsf9k requested review from dav3r and mcdonnnj November 2, 2022 18:07
dav3r
dav3r approved these changes Nov 2, 2022
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still good, aside from one missed docstring update. 🚀

molecule/additional_flags/tests/test_files_and_dirs_additional_flags.py Outdated Show resolved Hide resolved
@jsf9k @dav3r
Update docstring to indicate the correct scenario
d4c39eb 
Co-authored-by: dav3r <daver@geekpad.com>
mcdonnnj
mcdonnnj approved these changes Nov 2, 2022
View reviewed changes
Copy link
Member

@mcdonnnj mcdonnnj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a small docstring fix from me.

molecule/additional_flags/tests/test_additional_flags.py Outdated Show resolved Hide resolved
@jsf9k @mcdonnnj
Add an underscore in a scenario name in a docstring
2635b49 
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
@jsf9k jsf9k merged commit f0756e3 into cisagov:develop Nov 3, 2022
@jsf9k
Copy link
Member

jsf9k commented Nov 3, 2022

@mjourdan and @ClementJ35, thanks for the contribution and for sticking with us. This one is finally merged!

@mjourdan
Copy link
Contributor Author

mjourdan commented Nov 7, 2022

Thank you @jsf9k @dav3r @mcdonnnj @ClementJ35 \o/

@jsf9k jsf9k mentioned this pull request Nov 17, 2023
Open
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsf9k jsf9k jsf9k approved these changes

@mcdonnnj mcdonnnj mcdonnnj approved these changes

@dav3r dav3r dav3r approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

Assignees

@jsf9k jsf9k

Labels
improvement This issue or pull request will add or improve functionality, maintainability, or ease of use
Projects
CyHy System
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow adding additional flags to the clamscan cron
5 participants
@mjourdan @ClementJ35 @jsf9k @dav3r @mcdonnnj