updating virustotal to v3 endpoints
All checks were successful
Build and Release to Staging / Build Vision Start (push) Successful in 7s
Build and Release / build (push) Successful in 38s
Build and Release to Staging / Build Vision Start Image (push) Successful in 1m15s
Build and Release to Staging / Deploy Vision Start (staging) (push) Successful in 3s
Build and Release / virus-total-check (push) Successful in 49s
Build and Release / release (push) Successful in 5s
Build and Release / Build Vision Start Image (push) Successful in 1m1s
Build and Release / Deploy Vision Start (production) (push) Successful in 3s
All checks were successful
Build and Release to Staging / Build Vision Start (push) Successful in 7s
Build and Release / build (push) Successful in 38s
Build and Release to Staging / Build Vision Start Image (push) Successful in 1m15s
Build and Release to Staging / Deploy Vision Start (staging) (push) Successful in 3s
Build and Release / virus-total-check (push) Successful in 49s
Build and Release / release (push) Successful in 5s
Build and Release / Build Vision Start Image (push) Successful in 1m1s
Build and Release / Deploy Vision Start (production) (push) Successful in 3s
This commit is contained in:
@@ -9,7 +9,7 @@ set -e
|
|||||||
# Configuration
|
# Configuration
|
||||||
FILE_PATH="${VIRUS_TOTAL_FILE:-vision-start.zip}"
|
FILE_PATH="${VIRUS_TOTAL_FILE:-vision-start.zip}"
|
||||||
API_KEY="${virustotal_apikey}"
|
API_KEY="${virustotal_apikey}"
|
||||||
BASE_URL="https://www.virustotal.com/vtapi/v2"
|
BASE_URL="https://www.virustotal.com/api/v3"
|
||||||
|
|
||||||
# Check if API key is set
|
# Check if API key is set
|
||||||
if [ -z "$API_KEY" ]; then
|
if [ -z "$API_KEY" ]; then
|
||||||
@@ -38,12 +38,12 @@ echo "Uploading $FILE_PATH to VirusTotal for analysis..."
|
|||||||
|
|
||||||
# Upload file to VirusTotal
|
# Upload file to VirusTotal
|
||||||
UPLOAD_RESPONSE=$(curl -s -X POST \
|
UPLOAD_RESPONSE=$(curl -s -X POST \
|
||||||
-F "apikey=$API_KEY" \
|
-H "x-apikey: $API_KEY" \
|
||||||
-F "file=@$FILE_PATH" \
|
-F "file=@$FILE_PATH" \
|
||||||
"$BASE_URL/file/scan")
|
"$BASE_URL/files")
|
||||||
|
|
||||||
# Extract scan_id from response
|
# Extract scan_id from response
|
||||||
SCAN_ID=$(echo "$UPLOAD_RESPONSE" | jq -r '.scan_id')
|
SCAN_ID=$(echo "$UPLOAD_RESPONSE" | jq -r '.data.id')
|
||||||
|
|
||||||
if [ "$SCAN_ID" == "null" ] || [ -z "$SCAN_ID" ]; then
|
if [ "$SCAN_ID" == "null" ] || [ -z "$SCAN_ID" ]; then
|
||||||
echo "Error: Failed to upload file or get scan ID"
|
echo "Error: Failed to upload file or get scan ID"
|
||||||
@@ -63,40 +63,40 @@ while [ $ATTEMPT -lt $MAX_ATTEMPTS ]; do
|
|||||||
echo "Checking analysis status (attempt $((ATTEMPT + 1))/$MAX_ATTEMPTS)..."
|
echo "Checking analysis status (attempt $((ATTEMPT + 1))/$MAX_ATTEMPTS)..."
|
||||||
|
|
||||||
# Get scan report
|
# Get scan report
|
||||||
REPORT_RESPONSE=$(curl -s -X POST \
|
REPORT_RESPONSE=$(curl -s -X GET \
|
||||||
-d "apikey=$API_KEY" \
|
-H "x-apikey: $API_KEY" \
|
||||||
-d "resource=$SCAN_ID" \
|
"$BASE_URL/analyses/$SCAN_ID")
|
||||||
"$BASE_URL/file/report")
|
|
||||||
|
|
||||||
# Check if analysis is complete
|
# Check if analysis is complete
|
||||||
RESPONSE_CODE=$(echo "$REPORT_RESPONSE" | jq -r '.response_code')
|
RESPONSE_CODE=$(echo "$REPORT_RESPONSE" | jq -r '.data.attributes.status')
|
||||||
|
|
||||||
if [ "$RESPONSE_CODE" == "1" ]; then
|
if [ "$RESPONSE_CODE" == "completed" ]; then
|
||||||
# Analysis complete
|
# Analysis complete
|
||||||
echo "Analysis completed!"
|
echo "Analysis completed!"
|
||||||
|
|
||||||
# Extract results
|
# Extract results
|
||||||
POSITIVES=$(echo "$REPORT_RESPONSE" | jq -r '.positives')
|
POSITIVES=$(echo "$REPORT_RESPONSE" | jq -r '.data.attributes.stats.malicious')
|
||||||
TOTAL=$(echo "$REPORT_RESPONSE" | jq -r '.total')
|
SUSPICIOUS=$(echo "$REPORT_RESPONSE" | jq -r '.data.attributes.stats.suspicious')
|
||||||
PERMALINK=$(echo "$REPORT_RESPONSE" | jq -r '.permalink')
|
# The v3 analyses object has no 'total' field — compute it by summing all stat categories
|
||||||
|
TOTAL=$(echo "$REPORT_RESPONSE" | jq '[.data.attributes.stats | to_entries[].value] | add')
|
||||||
|
ANALYSIS_ID=$(echo "$REPORT_RESPONSE" | jq -r '.data.id')
|
||||||
|
PERMALINK="https://www.virustotal.com/gui/file-analysis/${ANALYSIS_ID}"
|
||||||
|
|
||||||
echo "Analysis URL: $PERMALINK"
|
echo "Analysis URL: $PERMALINK"
|
||||||
echo "Detection ratio: $POSITIVES/$TOTAL"
|
echo "Detection ratio: $POSITIVES/$TOTAL"
|
||||||
|
|
||||||
# Check if file is safe
|
# Check if file is safe
|
||||||
if [ "$POSITIVES" -eq 0 ]; then
|
if [ "$POSITIVES" -eq 0 ] && [ "$SUSPICIOUS" -eq 0 ]; then
|
||||||
echo "✅ File is clean (no threats detected)"
|
echo "✅ File is clean (no threats detected)"
|
||||||
exit 0
|
exit 0
|
||||||
else
|
else
|
||||||
echo "❌ File contains threats ($POSITIVES detections out of $TOTAL scanners)"
|
echo "❌ File flagged: $POSITIVES malicious, $SUSPICIOUS suspicious (out of $TOTAL scanners)"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
elif [ "$RESPONSE_CODE" == "0" ]; then
|
elif [ "$RESPONSE_CODE" == "queued" ]; then
|
||||||
# File not found or analysis not complete yet
|
|
||||||
echo "Analysis still in progress..."
|
|
||||||
elif [ "$RESPONSE_CODE" == "-2" ]; then
|
|
||||||
# Still queued for analysis
|
|
||||||
echo "File still queued for analysis..."
|
echo "File still queued for analysis..."
|
||||||
|
elif [ "$RESPONSE_CODE" == "in-progress" ]; then
|
||||||
|
echo "Analysis still in progress..."
|
||||||
else
|
else
|
||||||
echo "Unexpected response code: $RESPONSE_CODE"
|
echo "Unexpected response code: $RESPONSE_CODE"
|
||||||
echo "Response: $REPORT_RESPONSE"
|
echo "Response: $REPORT_RESPONSE"
|
||||||
|
|||||||
Reference in New Issue
Block a user