public Task SendScanRequest(MalwareDeterminationRequest request)
{
// "Fire and forget" (for demo only)
return(Process(request));
;
}
private async Task StartAsync(GitHubClient client, long repoId, Guid requestId)
{
// download a ZIP
byte[] buffer = null;
try
{
buffer = await ScanHelper.DownloadRepoZip(client, repoId).ConfigureAwait(false);
}
catch (Exception ex)
{
throw ex;
}
// upload buffer to storage
string blobUri = await ScanHelper.UploadBufferToStorage(buffer, requestId.ToString());
// create worker notification message (include the requestId)
MalwareDeterminationRequest scanRequest = new MalwareDeterminationRequest
{
ClientId = "GitHubScanX",
FileName = $"{requestId.ToString()}.zip",
FileSizeInBytes = 1000, //dummy
RequestId = requestId,
Uri = new Uri(blobUri)
};
// notify worker (aka put the notification message to a queue
ScanXMock mock = new ScanXMock();
// Fire and forget (for POC)
mock.SendScanRequest(scanRequest);
}
private async Task StartExecution()
{
IReadOnlyList <Installation> installations = await this.gitHubAppClient.GitHubApps.GetAllInstallationsForCurrent().ConfigureAwait(false);
try
{
if (!this.IsGitHubInstallationClientValid())
{
throw new InvalidOperationException("Error: gitHubInstallationClient is invalid.");
}
if (IsPullRequest)
{
ICheckSuitesClient checkSuiteClient = gitHubInstallationClient.Check.Suite;
CheckSuitesResponse x = await checkSuiteClient.GetAllForReference(CurrentRepository.Id, CommitSha).ConfigureAwait(false);
if (x.TotalCount > 0)
{
long checkSuiteId = x.CheckSuites.FirstOrDefault().Id;
bool res = await checkSuiteClient.Rerequest(CurrentRepository.Id, checkSuiteId);
}
else
{
var newCheckSuite = new NewCheckSuite(CommitSha);
try
{
CheckSuite suite =
await checkSuiteClient.Create(
CurrentRepository.Owner.Login,
CurrentRepository.Name, newCheckSuite)
.ConfigureAwait(false);
}
catch (Exception ex)
{
}
}
return;
}
ICheckRunsClient checkRunClient = gitHubInstallationClient.Check.Run;
// Create a new heckRun in GitHub
var newCheckRun = new NewCheckRun("ScanX", CommitSha)
{
Status = CheckStatus.Queued,
};
CheckRun checkRun =
await checkRunClient.Create(
CurrentRepository.Owner.Login,
CurrentRepository.Name,
newCheckRun)
.ConfigureAwait(false);
// --- Downoad a ZIP ---
byte[] buffer = await ScanHelper.DownloadRepoZip(gitHubInstallationClient, CurrentRepository.Id, CommitSha).ConfigureAwait(false);
int size = buffer.Length;
// Upload ZIP to a storage blob
string blobName = $"{RequestId.ToString()}";
string blobUri = await ScanHelper.UploadBufferToStorage(buffer, blobName);
// Update check's status to "in progress"
CheckRunUpdate checkRunUpdate = new CheckRunUpdate
{
Status = CheckStatus.InProgress,
Name = checkRun.Name
};
checkRun = await checkRunClient.Update(CurrentRepository.Id, checkRun.Id, checkRunUpdate).ConfigureAwait(false);
// --- Start a scan ---
// Simulate sending of a message to a SB queue
// Create worker notification message
MalwareDeterminationRequest scanRequest = new MalwareDeterminationRequest();
scanRequest.ClientId = "GitHubScanX";
scanRequest.FileName = $"{RequestId.ToString()}.zip";
scanRequest.FileSizeInBytes = 1000; //dummy
scanRequest.RequestId = RequestId;
scanRequest.Uri = new Uri(blobUri);
// Notify worker (aka put the notification message to a queue)
ScanXMock mock = new ScanXMock();
await mock.SendScanRequest(scanRequest).ConfigureAwait(false);
// --- Poll for a scan completion ---
MalwareDeterminationResult scanResult;
do
{
await Task.Delay(500).ConfigureAwait(false);
if (await mock.TryGetResult(RequestId))
{
scanResult = await mock.GetResult(RequestId).ConfigureAwait(false);
break;
}
}while (true); //!!!! for POC only
checkRunUpdate.Status = CheckStatus.Completed;
checkRunUpdate.CompletedAt = DateTime.UtcNow;
checkRunUpdate.Conclusion = scanResult.WorkStatus == WorkStatus.Clean ? CheckConclusion.Success : CheckConclusion.Failure;
if (checkRunUpdate.Conclusion == CheckConclusion.Failure)
{
checkRunUpdate.Output = new NewCheckRunOutput(
"Scan Report",
$"GitScan detected {scanResult.ConfirmedMalwares.Count()} infected files. See details below.");
checkRunUpdate.Output.Text = "| File Path| Malware Type| AV Engines|\n";
checkRunUpdate.Output.Text += "|:---|:---|:---|\n";
foreach (var entry in scanResult.ConfirmedMalwares)
{
checkRunUpdate.Output.Text += $"|{entry.FileName}|{entry.MalwareInfo}|{string.Join(",", entry.AvEngines.ToArray())}";
}
}
checkRun = await checkRunClient.Update(CurrentRepository.Id, checkRun.Id, checkRunUpdate).ConfigureAwait(false);
}
catch (Exception ex)
{
Console.WriteLine($"Exception: {ex.Message}");
}
}
private async Task Process(MalwareDeterminationRequest request)
{
// Download ZIP
WebClient webClient = new WebClient();
byte[] response = await webClient.DownloadDataTaskAsync(request.Uri).ConfigureAwait(false);
webClient.Dispose();
// Unzip and try to find "malware" files
List <ConfirmedMalwareInfo> detectedFiles = new List <ConfirmedMalwareInfo>();
int unzippedFilesCount = 0;
Stream unzippedEntryStream; // Unzipped data from a file in the archive
using (Stream data = new MemoryStream(response))
using (ZipArchive archive = new ZipArchive(data))
{
unzippedFilesCount = archive.Entries.Count;
foreach (ZipArchiveEntry entry in archive.Entries)
{
if (entry.FullName.Contains("malware"))
{
using (unzippedEntryStream = entry.Open())
{
// convert stream to string
using (StreamReader reader = new StreamReader(unzippedEntryStream))
{
string text = await reader.ReadToEndAsync().ConfigureAwait(false);
// Expected value: <malwarename>:<avengine#1>,...,<avengine#n>
string[] arr = text.Split(new char[] { ':' });
ConfirmedMalwareInfo info = new ConfirmedMalwareInfo();
info.FileName = entry.FullName.Substring(entry.FullName.IndexOf('/'));
info.MalwareInfo = arr[0];
if (arr.Count() > 1)
{
info.AvEngines = arr[1].Split(new char[] { ',' }).ToList();
}
detectedFiles.Add(info);
}
}
}
}
// Compose a scan result
MalwareDeterminationResult detectionResult = new MalwareDeterminationResult();
if (detectedFiles.Count() > 0)
{
detectionResult.ClientId = request.ClientId;
detectionResult.RequestId = request.RequestId;
detectionResult.ConfirmedMalwares = detectedFiles;
detectionResult.WorkStatus = WorkStatus.ConfirmedMalware;
}
else
{
detectionResult.WorkStatus = WorkStatus.Clean;
}
ScanResults.Value.TryAdd(request.RequestId, detectionResult);
}
}
