2

I am currently working on creating a sort of virus scanning function.

What I am trying to do: When a file is uploaded to a specified blob storage container, an Azure Function is triggered. That function will scan the file for viruses, and if clean, will move the file to another blob storage container.

I have created an Azure Function that is triggered when a blob is created (i.e. when a file is uploaded), but I cannot figure out how to integrate virus scanning into the mix.

I tried using ClamAV.js, but I couldn't get it working. I am not sure how to install ClamAV (the daemon) so it is usable by an Azure Function, so that likely contributed to why it didn't work. Also, I am not sure how to install npm packages (in an Azure Function), so I had to upload the actual js file from the package to the function and then import it. Not sure if that's even valid...

I have tried using AttachmentScanner, but I couldn't get that working within an Azure Function (more specifically, I couldn't get the function to send a POST request).

One major problem I am facing that I don't think I can get around: how do I use npm packages in an Azure Function? Can I npm install them somewhere? Can I just download the package and manually upload the js file to the Azure Function and import it that way?

Here is my attempt at using AttachmentScanner:

module.exports = async function (context, myBlob) {
    var req = new XMLHttpRequest();
    req.open( "POST", "https://beta.attachmentscanner.com/requests", false );

    req.headers({
        "authorization": "bearer [OMITTED]",
        "content-type": "application/json"
    });

    req.type("json");
    req.send({
        "url": context.bindingData.uri //"http://www.attachmentscanner.com/eicar.com"
    });

    req.end(function (res) {
        if (res.error) throw new Error(res.error);

        context.log(req.responseText);
    });

    context.log("JavaScript blob trigger function processed blob \n Name:", context.bindingData.name, "\n Blob Size:", myBlob.length, "Bytes");
    context.log("context");
    context.log(context);
    context.log("myBlob");
    context.log(myBlob);
};

That produces an error: Exception: ReferenceError: XMLHttpRequest is not defined

With the following function, I can detect the blob and print information about it:

module.exports = async function (context, myBlob) {    
    context.log("JavaScript blob trigger function processed blob \n Name:", context.bindingData.name, "\n Blob Size:", myBlob.length, "Bytes");
    context.log("context");
    context.log(context);
    context.log();
    context.log("myBlob");
    context.log(myBlob);
};

Any help is appreciated!

Shea
  • 308
  • 5
  • 15

1 Answers1

1

First of all, I'm sure you can not install ClamAV into Azure Functions, so you need to create a Linux VM to install it.

Next, you can follow the offical quickstart tutorials like for Visual Studio Code, Azure CLI, Python or Linux to install Azure Functions Core Tool on your local environment for Windows or Linux to create a func project for Node.js and publish it to Azure.

Finally, here is my own thoughts for your needs. You can tried to use Azure Function with Blob Trigger to generate the url with sas token for a blob which need to be scanned. There is a code sample Node.js Azure Function for generating SAS tokens which you refer to know how to do. And then, to pass the blob url with sas token to the ClamAV in VM via a Node.js server with ClamAV.js to scan it with HTTP stream.

Of couse, you can integrate ClamAV.js with Azure Functions, but I think to scan a big file for a long time is not a good idea for a server-less architecture like Azure Functions. Hope it helps.

Peter Pan
  • 23,476
  • 4
  • 25
  • 43