Add ClamAV mirror overrides for definition downloads by docwho2 · Pull Request #304 · docwho2/java-cdk-serverless-clamscan

docwho2 · 2026-02-08T14:46:51Z

GitHub-hosted builds occasionally see throttling or connectivity issues when freshclam downloads virus definitions, which causes Docker image builds to fail.
Provide a way to point freshclam at alternative mirrors and add retry/timeouts so definition fetches are more resilient during CI builds.

Add Docker build arguments CLAMAV_MIRROR and CLAMAV_MIRROR_FALLBACK and use them to generate a temporary freshclam config with MaxAttempts, ConnectTimeout, and ReceiveTimeout before running freshclam in the builder stage (cdk/Dockerfile).
Pass optional build args from the CDK construct by adding buildArgs(getDockerBuildArgs()) to the DockerImageAsset and sourcing values from environment variables in ClamavLambdaStack (cdk/src/main/java/.../ClamavLambdaStack.java).
Document how to override mirrors via CLAMAV_MIRROR and CLAMAV_MIRROR_FALLBACK in README.md so CI (e.g., GitHub Actions) can be directed to private or alternate mirrors.
Files changed: cdk/Dockerfile, cdk/src/main/java/cloud/cleo/clamav/cdk/ClamavLambdaStack.java, and README.md.

No automated tests were executed as part of this change (mvn/cdk synth/Docker build were not run in CI for this PR).

Add ClamAV mirror overrides for builds

b23d93e

docwho2 added the codex label Feb 8, 2026 — with ChatGPT Codex Connector

Provide feedback