browsersec
diff --git a/‎.example.env‎
Lines changed: 9 additions & 0 deletions b/‎.example.env‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎.github/workflows/docker-publish.yml‎
Lines changed: 74 additions & 0 deletions b/‎.github/workflows/docker-publish.yml‎
Lines changed: 74 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 54 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 208 additions & 0 deletions b/‎README.md‎
Lines changed: 208 additions & 0 deletions
@@ -0,0 +1,9 @@
+NODE_ENV=production
+APP_PORT=3000
+APP_FORM_KEY=FILES
+APP_MAX_FILE_SIZE=26214400
+APP_MAX_FILES_NUMBER=4
+CLAMD_IP=127.0.0.1
+CLAMD_PORT=3310
+CLAMD_TIMEOUT=60000
+APP_MORGAN_LOG_FORMAT=combined
@@ -0,0 +1,74 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches: [ "main" ]
+    tags: [ 'v*' ]
+  pull_request:
+    branches: [ "main" ]
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    name: Build and Push
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install cosign
+        if: github.event_name != 'pull_request'
+        uses: sigstore/cosign-installer@v3.1.1
+        with:
+          cosign-release: 'v2.2.0'
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Sign the published Docker image
+        if: ${{ github.event_name != 'pull_request' }}
+        env:
+          TAGS: ${{ steps.meta.outputs.tags }}
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}
+        run: |
+          echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
@@ -0,0 +1,54 @@
+# Build stage
+FROM golang:1.24-bookworm AS builder
+
+LABEL maintainer="Sai Sanjay"
+
+WORKDIR /app
+
+# Copy go mod files
+COPY go.mod go.sum ./
+
+# Download dependencies
+RUN go mod download
+
+# Copy source code
+COPY . .
+
+# Build the application
+RUN CGO_ENABLED=0 GOOS=linux go build -a  -installsuffix cgo -o main ./cmd/clamav
+
+# Final stage
+FROM alpine:3.19
+
+# Add retry logic and better error handling for package installation
+RUN set -eux; \
+    # Update package index
+    apk update; \
+    # Install packages with retry logic
+    for i in 1 2 3; do \
+        apk --no-cache add ca-certificates tzdata wget && break || \
+        (echo "Attempt $i failed, retrying..." && sleep $((i * 2))); \
+    done; \
+    # Verify installation
+    which wget || (echo "wget installation failed" && exit 1)
+
+WORKDIR /root/
+
+# Copy the binary from builder stage
+COPY --from=builder /app/main .
+
+# Copy .env file if it exists
+COPY --from=builder /app/.env* ./
+
+# Create non-root user
+RUN addgroup -g 1001 -S appuser && \
+    adduser -S -D -H -u 1001 -h /root -s /sbin/nologin -G appuser appuser
+
+# Change ownership
+RUN chown -R appuser:appuser /root
+
+USER appuser
+
+EXPOSE 3000
+
+CMD ["./main"]
@@ -0,0 +1,208 @@
+# ClamAV REST API - Go Implementation
+
+This is a Go/Gin-based implementation of the original Node.js ClamAV REST API. It provides the same functionality with improved performance and lower memory usage.
+
+## Features
+
+- **File Scanning**: Upload files for virus scanning via REST API
+- **Version Information**: Get ClamAV version information
+- **Database Signatures**: Check local and remote virus database versions
+- **Multiple File Support**: Scan multiple files in a single request
+- **Docker Support**: Ready-to-use Docker containers
+- **CORS Enabled**: Cross-origin resource sharing support
+
+## API Endpoints
+
+- `POST /api/v1/scan` - Scan uploaded files
+- `GET /api/v1/version` - Get ClamAV version
+- `GET /api/v1/dbsignatures` - Get database signature information
+
+## Quick Start
+
+### Prerequisites
+
+- Go 1.21 or higher
+- Running ClamAV daemon (clamd)
+
+### Running with Docker Compose (Recommended)
+
+```bash
+# Clone and build
+git clone <your-repo>
+cd clamav-rest-api-go
+docker-compose up -d
+```
+
+### Running Locally
+
+```bash
+# Install dependencies
+go mod tidy
+
+# Copy environment file
+cp .env.example .env
+
+# Edit .env file with your settings
+# Start the server
+go run main.go
+```
+
+### Building
+
+```bash
+# Build binary
+go build -o clamav-rest-api
+
+# Run binary
+./clamav-rest-api
+```
+
+## Configuration
+
+Configure via environment variables or `.env` file:
+
+- `APP_PORT` - Server port (default: 3000)
+- `APP_FORM_KEY` - Form field name for file uploads (default: FILES)
+- `APP_MAX_FILE_SIZE` - Maximum file size in bytes (default: 26214400)
+- `APP_MAX_FILES_NUMBER` - Maximum number of files per request (default: 4)
+- `CLAMD_IP` - ClamAV daemon IP address (default: 127.0.0.1)
+- `CLAMD_PORT` - ClamAV daemon port (default: 3310)
+- `CLAMD_TIMEOUT` - Connection timeout in milliseconds (default: 60000)
+- `NODE_ENV` - Environment mode (default: development)
+
+## Usage Examples
+
+### cURL Example
+
+```bash
+curl -X POST http://localhost:3000/api/v1/scan \
+  -F "FILES=@test1.txt" \
+  -F "FILES=@test2.txt"
+```
+
+### Response Format
+
+```json
+{
+  "success": true,
+  "data": {
+    "result": [
+      {
+        "name": "test1.txt",
+        "is_infected": false,
+        "viruses": []
+      },
+      {
+        "name": "test2.txt",
+        "is_infected": true,
+        "viruses": ["Win.Test.EICAR_HDB-1"]
+      }
+    ]
+  }
+}
+```
+
+### Version Check
+
+```bash
+curl http://localhost:3000/api/v1/version
+```
+
+### Database Signatures
+
+```bash
+curl http://localhost:3000/api/v1/dbsignatures
+```
+
+## Differences from Node.js Version
+
+1. **Performance**: Significantly faster startup and lower memory usage
+2. **Concurrency**: Better handling of concurrent requests
+3. **Dependencies**: Fewer external dependencies
+4. **Binary**: Compiles to a single binary for easy deployment
+5. **Error Handling**: More robust error handling and logging
+
+## Docker Images
+
+### Building Your Own Image
+
+```bash
+docker build -t clamav-rest-api-go .
+```
+
+### Running with Docker
+
+```bash
+docker run -d -p 8080:3000 \
+  -e APP_PORT=3000 \
+  -e CLAMD_IP=your-clamav-host \
+  -e APP_FORM_KEY=FILES \
+  clamav-rest-api-go
+```
+
+## Testing
+
+### Test File Creation
+
+```bash
+# Create a test file
+echo "Hello World" > test.txt
+
+# Create EICAR test virus file (harmless test file)
+echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > eicar.txt
+```
+
+### Manual Testing
+
+```bash
+# Test clean file
+curl -X POST http://localhost:3000/api/v1/scan -F "FILES=@test.txt"
+
+# Test virus file (should be detected)
+curl -X POST http://localhost:3000/api/v1/scan -F "FILES=@eicar.txt"
+```
+
+## Health Checks
+
+The application includes health check endpoints for monitoring:
+
+```bash
+# Check if service is running
+curl http://localhost:3000/api/v1/version
+```
+
+## Logging
+
+The application uses Gin's built-in logging. In production mode, logs are minimized for better performance.
+
+## Security Considerations
+
+- File size limits are enforced
+- Maximum number of files per request is limited
+- Input validation on all endpoints
+- No file persistence (files are scanned in memory)
+- Non-root user in Docker container
+
+## Performance Notes
+
+- Uses connection pooling for ClamAV connections
+- Efficient memory usage with streaming
+- Concurrent file processing
+- Optimized Docker image with multi-stage builds
+
+## Troubleshooting
+
+### Common Issues
+
+1. **Cannot connect to ClamAV**: Ensure ClamAV daemon is running and accessible
+2. **File size errors**: Check `APP_MAX_FILE_SIZE` setting
+3. **Too many files**: Check `APP_MAX_FILES_NUMBER` setting
+4. **Port conflicts**: Change `APP_PORT` if port 3000 is in use
+
+### Debug Mode
+
+Set `NODE_ENV=development` for verbose logging.
+
+## License
+
+MIT License