From 7da4abf934fd44ed99787c398f179203f39561bc Mon Sep 17 00:00:00 2001 From: Abraham Chavez Date: Thu, 11 Jul 2024 11:17:25 -0700 Subject: [PATCH] fixup! Fix: Rebooting GitLab may trigger ClamAV alarm (#6114) --- terraform/shared/shared.tf.json.template.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/shared/shared.tf.json.template.py b/terraform/shared/shared.tf.json.template.py index 0820a46070..9fdf6f1e78 100644 --- a/terraform/shared/shared.tf.json.template.py +++ b/terraform/shared/shared.tf.json.template.py @@ -509,13 +509,13 @@ def conformance_pack(name: str) -> str: } for name, pattern in [ # Using '?' to create an "a OR b" filter pattern. - # If the GitLab instance is rebooted when a long-running + # If the GitLab instance is powered off when a long-running # (14h+) scan is nearing completion, we may go more than 24 # hours without matching a successful scan. To prevent this # from triggering false positive alarms, we include a - # sub-pattern to also match successful reboots. - ('clamscan', '?"clamscan succeeded" ?"systemd: Starting Reboot"'), - ('freshclam', '?"freshclam succeeded" ?"systemd: Starting Reboot"'), + # sub-pattern to also match successful power-offs. + ('clamscan', '?"clamscan succeeded" ?"systemd: Starting Power-Off"'), + ('freshclam', '?"freshclam succeeded" ?"systemd: Starting Power-Off"'), ('clam_fail', '?"clamscan failed" ?"freshclam failed"'), ] }