This plugin allows you to check the artifacts with ClamAV, which is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats.
The artifacts are sent to ClamAV Host and are scaned. So you have to configure your ClamAV to enable TCP port in clamd.conf as follows.
: # TCP port address. # Default: no TCPSocket 3310 # TCP address. # By default we bind to INADDR_ANY, probably not wise. # Enable the following to provide some degree of protection # from the outside world. # Default: no #TCPAddr 127.0.0.1 # Close the connection when the data size limit is exceeded. # The value should match your MTA's limit for a maximum attachment size. # Default: 25M StreamMaxLength 100M :
If you get "Broken Pipe", check "StreammaxLength" parameter.
When "Scan arhived artifacts" checkbox is selected, the artifacts of job will be scaned if "Archive the artifacts" option is configured in job configuration page.
To scan a workspace, you may specify "Files to check" option such as
"*/". But it will take a long time.
you may specify "Excludes" such as ".git/*/".
- add BuildStep to check files.
- validate "includes" option, which should be mandatory if "Scan archived artifacts" option is not checked.
- honor "Scan archived artifacts" option.
- show full path in the virus check list.
- failed to check artifacts due to ArrayIndexexception (JENKINS-10103).
- timeout should be longer.
- added the help file of timeout.
- First release.