Malware & Virus Scanner (MVS)¶
This page gives an overview of the Malware & Virus Scanner (MVS), describing its current status, where and how it's developed and deployed, and who is responsible for maintaining it.
Service Description¶
The service provides an API for uploading & scanning files to detect whether they are safe or malicious.
Once a file has been uploaded via the API, it is queued for scanning by the service.
A client application can then poll the API to await or retrieve the scan results.
A file is considered "malicious" if it may contain a virus or malware.
The service is integrated with API Gateway.
Service Status¶
The service is currently in early user testing, and not yet productionised.
Contact¶
Issues with the service functionality or new feature requests can be opened as a Gitlab Issue in the application project.
Issues discovered with the deployment process or GCP infrastructure can be opened as a Gitlab Issue in the deployment project.
Other technical queries and support requests can be directed to Jackson Team via either of:
NOTE: This latter process will change to a HEAT ticket in the near future (Jun/Jul 2024).
Environments¶
The service is currently deployed to the following environments, each with API Gateway integration:
| Name | URL | Usage |
|---|---|---|
| Development | https://api.apps.cam.ac.uk/malware-virus-scanner-dev | Used only by the service developers. |
| Staging | https://api.apps.cam.ac.uk/malware-virus-scanner-test | Used for testing new features and releases. |
| Production | https://api.apps.cam.ac.uk/malware-virus-scanner | Live productionised service. |
Source Code¶
The source code for this service consists of:
| Repository | Description |
|---|---|
| Application | The application itself i.e. micro-services & API. |
| Infrastructure | Terraform & CI configuration for deployment to GCP. |
These repositories are configured in the GitLab Project Factory.
Technologies Used¶
| Technology | Used For |
|---|---|
| Python | Programming language |
| Pydantic | Data model definitions |
| SQLAlchemy | Database models & toolkit |
| Alembic | Database migration toolkit |
| Postgres | Database implementation |
| Fast API | REST API (compliant with OpenAPI v3) |
| Docker & Docker Compose | Containerisation & Orchestration |
| Terraform + GCP | Cloud Provisioning & Platform |
Operational Documentation¶
The following gives an overview of how the service is deployed & maintained.
User Guide¶
All current documentation consists of:
- This Guidebook page.
- The application project and deployment project documents.
- The OpenAPI specification.
To suggest improvements or request additions, please open an issue in the application project.
Access Control¶
Details on how to register a Client Application can be found in the application project under Using the API.
Deployment¶
Deployment to the GCP environment is via our standard terraform deployment CI pipeline.
Monitoring¶
Monitoring is configured as per our standard Google Cloud Run application module.
Service Management¶
The Service Owner is TBA.
The Service Manager is TBA.
The Tech Lead is Mark Hill (in lieu of Dave Hart).
The following engineers have operational experience with the service, and are able to respond to support requests or incidents: