Merge df37785 into 8afa15a

.gitignore

@@ -23,3 +23,5 @@ Vagrantfile
 # sublime text
 *.sublime-project
 *.sublime-workspace
+
+test/cookbooks/clamav_test/files/*.cvd

.kitchen.travis.yml

@@ -1,13 +1,13 @@
 ---
 driver:
-  name: digitalocean
-  # Clamd will fail to start on some distros with only 512MB
-  size: 1gb
+  name: docker
+  privileged: true
+
 platforms:
-  # - name: ubuntu-14-10-x64
-  - name: ubuntu-14-04-x64
-  - name: ubuntu-12-04-x64
-  - name: centos-7-0-x64
-  - name: centos-6-5-x64
-  # TODO: DO's 5.10 image has the slug name of 5.8 for some reason
-  - name: centos-5-8-x64
+  - name: ubuntu-14.04
+  - name: ubuntu-12.04
+  - name: centos-7
+    driver:
+      image: roboticcheese/centos-7-systemd
+  - name: centos-6
+  - name: centos-5

.kitchen.yml

@@ -3,18 +3,16 @@ driver:
   name: vagrant
 
 platforms:
-  - name: centos-7.0
-  - name: centos-6.6
+  - name: centos-7.2
+  - name: centos-6.7
   - name: centos-5.11
-  # - name: ubuntu-14.10
   - name: ubuntu-14.04
   - name: ubuntu-12.04
 
 suites:
   - name: default
     run_list:
       - recipe[clamav_test]
-    attributes:
   - name: all_options_enabled
     run_list:
       - recipe[clamav_test]

.travis.yml

@@ -1,20 +1,31 @@
 language: ruby
 
+branches:
+  only:
+    - master
+
+sudo: required
+
+services:
+  - docker
+
+cache:
+  directories:
+    - test/cookbooks/clamav_test/files
+
+env:
+  - CVD_PATH=test/cookbooks/clamav_test/files
+
 install:
-  - curl -L https://www.opscode.com/chef/install.sh | sudo bash -s -- -P chefdk
+  - curl -L https://www.chef.io/chef/install.sh | sudo bash -s -- -P chefdk
   - chef exec bundle install --without=development integration
 
 before_script:
-  # Pending ENV support in Kitchen's Rake tasks and not just the CLI
+  - mkdir -p $CVD_PATH
+  - "[ -e $CVD_PATH/main.cvd ] || wget -P $CVD_PATH http://database.clamav.net/main.cvd"
+  - "[ -e $CVD_PATH/daily.cvd ] || wget -P $CVD_PATH http://database.clamav.net/daily.cvd"
+  - "[ -e $CVD_PATH/bytecode.cvd ] || wget -P $CVD_PATH http://database.clamav.net/bytecode.cvd"
   - cp .kitchen.travis.yml .kitchen.local.yml
-  - echo -e $DIGITALOCEAN_SSH_KEY_BODY > ~/.ssh/id_rsa
 
 script:
-  - chef exec rake && chef exec bundle exec kitchen test -c 4
-
-after_script:
-  - chef exec bundle exec kitchen destroy
-
-env:
-  global:
-    # - KITCHEN_LOCAL_YAML=.kitchen.travis.yml
+  - chef exec rake && chef exec kitchen test

CHANGELOG.md

@@ -3,6 +3,9 @@ ClamAV Cookbook CHANGELOG
 
 v?.?.? (????-??-??)
 -------------------
+* Remove the additional Ubuntu repo; it was shut down 2016/01/30
+* Run Freshclam any time the virus DB does not exist
+* Add an attribute that can be overridden to skip the initial Freshclam run
 
 v1.2.0 (2015-05-07)
 -------------------

Gemfile

@@ -2,37 +2,23 @@
 
 source 'https://rubygems.org'
 
-group :development do
-  gem 'yard-chef'
-  gem 'guard'
-  gem 'guard-rspec'
-  gem 'guard-kitchen'
-end
-
 group :test do
   gem 'rake'
-  gem 'cane'
-  gem 'countloc'
   gem 'rubocop'
-  gem 'foodcritic'
-  gem 'guard-foodcritic'
-  gem 'rspec', '>= 3'
-  gem 'chefspec', '>= 4'
+  gem 'foodcritic', '~> 6.0'
+  gem 'rspec'
+  gem 'chefspec'
   gem 'simplecov'
   gem 'simplecov-console'
   gem 'coveralls'
   gem 'fauxhai'
   gem 'test-kitchen'
-  gem 'kitchen-digitalocean', '>= 0.8.0'
-  gem 'fog'
   gem 'kitchen-vagrant'
-  # TODO: This can go away when ChefDK comes with 1.6.4+
-  # (See https://github.com/chef/chef-dk/issues/278)
-  gem 'nokogiri', '< 1.6.4'
+  gem 'kitchen-docker'
 end
 
 group :integration do
-  gem 'serverspec', '>= 2'
+  gem 'serverspec'
   gem 'cucumber'
 end
 
@@ -42,5 +28,5 @@ end
 
 group :production do
   gem 'chef', '>= 11'
-  gem 'berkshelf', '>= 3'
+  gem 'berkshelf'
 end

Rakefile

@@ -1,25 +1,15 @@
 # Encoding: UTF-8
 
 require 'rubygems'
-require 'English'
 require 'bundler/setup'
 require 'rubocop/rake_task'
-require 'cane/rake_task'
 require 'rspec/core/rake_task'
 require 'foodcritic'
 require 'kitchen/rake_tasks'
 require 'stove/rake_task'
 
-Cane::RakeTask.new
-
 RuboCop::RakeTask.new
 
-desc 'Display LOC stats'
-task :loc do
-  puts "\n## LOC Stats"
-  Kernel.system 'countloc -r .'
-end
-
 FoodCritic::Rake::LintTask.new do |f|
   f.options = { fail_tags: %w(any) }
 end
@@ -30,4 +20,4 @@ Kitchen::RakeTasks.new
 
 Stove::RakeTask.new
 
-task default: %w(cane rubocop loc foodcritic spec)
+task default: %w(rubocop foodcritic spec)

attributes/freshclam.rb

@@ -66,4 +66,7 @@
 default['clamav']['freshclam']['detection_stats_host_id'] = nil
 default['clamav']['freshclam']['safe_browsing'] = nil
 default['clamav']['freshclam']['extra_databases'] = []
+
+# Other
 default['clamav']['freshclam']['rhel_cron_disable'] = true
+default['clamav']['freshclam']['skip_initial_run'] = false

recipes/clamav_scan.rb

@@ -26,14 +26,17 @@
   only_if { node['clamav']['scan']['script']['enable'] }
 end
 
+script_path = node['clamav']['scan']['script']['path']
+min_dirs = node['clamav']['scan']['minimal']['dirs']
+full_dirs = node['clamav']['scan']['full']['dirs']
+
 cron_d 'clamav_minimal_scan' do
   minute node['clamav']['scan']['minimal']['minute']
   hour node['clamav']['scan']['minimal']['hour']
   weekday node['clamav']['scan']['minimal']['weekday']
   user node['clamav']['scan']['user']
   mailto node['clamav']['scan']['mailto']
-  command "#{node['clamav']['scan']['script']['path']} " +
-    node['clamav']['scan']['minimal']['dirs']
+  command "#{script_path} #{min_dirs}"
   only_if { node['clamav']['scan']['minimal']['enable'] }
 end
 
@@ -43,7 +46,6 @@
   weekday node['clamav']['scan']['full']['weekday']
   user node['clamav']['scan']['user']
   mailto node['clamav']['scan']['mailto']
-  command "#{node['clamav']['scan']['script']['path']} " +
-    node['clamav']['scan']['full']['dirs']
+  command "#{script_path} #{full_dirs}"
   only_if { node['clamav']['scan']['full']['enable'] }
 end

recipes/default.rb

@@ -24,8 +24,8 @@
 when 'debian'
   include_recipe "#{cookbook_name}::install_deb"
 else
-  fail(Chef::Exceptions::UnsupportedAction,
-       "Cookbook does not support #{node['platform']} platform")
+  raise(Chef::Exceptions::UnsupportedAction,
+        "Cookbook does not support #{node['platform']} platform")
 end
 
 include_recipe "#{cookbook_name}::users"

recipes/freshclam.rb

@@ -20,7 +20,6 @@
 
 include_recipe "#{cookbook_name}::services"
 
-platform_family = node['platform_family']
 supp_groups = node['clamav']['allow_supplementary_groups']
 
 directory node['clamav']['database_directory'] do
@@ -29,11 +28,9 @@
   recursive true
 end
 
-if node['clamav']['clamd']['enabled']
-  notify = File.expand_path("#{node['clamav']['conf_dir']}/clamd.conf")
-else
-  notify = nil
-end
+notify = if node['clamav']['clamd']['enabled']
+           File.expand_path("#{node['clamav']['conf_dir']}/clamd.conf")
+         end
 
 template "#{node['clamav']['conf_dir']}/freshclam.conf" do
   owner node['clamav']['user']
@@ -53,12 +50,10 @@
     notifies :restart, "service[#{node['clamav']['freshclam']['service']}]",
              :delayed
   end
-  if !node['clamav']['freshclam']['enabled'] || platform_family == 'debian'
-    notifies :run, 'execute[freshclam]', :delayed
-  end
 end
 
 execute 'freshclam' do
   command 'freshclam'
-  action :nothing
+  creates ::File.join(node['clamav']['database_directory'], 'daily.cvd')
+  not_if { node['clamav']['freshclam']['skip_initial_run'] }
 end

recipes/install_deb.rb

@@ -21,15 +21,6 @@
 include_recipe 'apt'
 include_recipe "#{cookbook_name}::services"
 
-apt_repository 'clamav-repo' do
-  uri 'http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu'
-  distribution node['lsb']['codename']
-  components ['main']
-  keyserver 'keyserver.ubuntu.com'
-  key '5ADC2037'
-  only_if { node['platform'] == 'ubuntu' }
-end
-
 package 'clamav' do
   action :install
   version node['clamav']['version'] if node['clamav']['version']

spec/recipes/freshclam_spec.rb

@@ -84,17 +84,15 @@
 
   shared_examples_for 'a node that needs to run freshclam' do
     it 'runs freshclam manually' do
-      expect(chef_run).to_not run_execute('freshclam')
-      expect(chef_run.template(conf)).to notify('execute[freshclam]')
-        .to(:run)
+      expect(chef_run).to run_execute('freshclam').with(
+        creates: '/var/lib/clamav/daily.cvd'
+      )
     end
   end
 
   shared_examples_for 'a node that does not need to run freshclam' do
     it 'does not run freshclam manually' do
       expect(chef_run).to_not run_execute('freshclam')
-      expect(chef_run.template(conf)).to_not notify('execute[freshclam]')
-        .to(:run)
     end
   end
 
@@ -156,11 +154,7 @@
 
         it_behaves_like 'any node'
         it_behaves_like 'a node with all default attributes'
-        if k == :Ubuntu
-          it_behaves_like 'a node that needs to run freshclam'
-        else
-          it_behaves_like 'a node that does not need to run freshclam'
-        end
+        it_behaves_like 'a node that needs to run freshclam'
         it_behaves_like 'a node with the freshclam service enabled'
         it_behaves_like 'a node with the clamd service disabled'
       end
@@ -174,6 +168,18 @@
         it_behaves_like 'a node with the freshclam service disabled'
         it_behaves_like 'a node with the clamd service enabled'
       end
+
+      context 'a node with the initial freshclam run disabled' do
+        let(:attributes) do
+          { clamav: { freshclam: { skip_initial_run: true } } }
+        end
+
+        it_behaves_like 'any node'
+        it_behaves_like 'a node with all default attributes'
+        it_behaves_like 'a node that does not need to run freshclam'
+        it_behaves_like 'a node with the freshclam service disabled'
+        it_behaves_like 'a node with the clamd service disabled'
+      end
     end
   end
 end

spec/recipes/install_deb_spec.rb

@@ -16,21 +16,6 @@
   let(:chef_run) { runner.converge(described_recipe) }
 
   shared_examples_for 'any node' do
-    it 'sets up the ClamAV APT repo' do
-      expect(chef_run).to create_apt_repository('clamav-repo').with(
-        uri: 'http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu',
-        distribution: 'precise',
-        components: %w(main),
-        keyserver: 'keyserver.ubuntu.com',
-        key: '5ADC2037'
-      )
-    end
-
-    it 'sends a notification to "apt-get update"' do
-      e = 'execute[apt-get update]'
-      expect(chef_run.apt_repository('clamav-repo')).to notify(e).to(:run)
-    end
-
     it 'installs the pertinent packages' do
       packages.each do |p|
         expect(chef_run).to install_package(p)