docker_clamav/test_smoke.sh

#!/bin/bash
# Smoke test for the clamav scanner image: image present, version reports
# engine + sig DB, EICAR is detected via clamdscan --multiscan.
#
# Usage: TAG=ls-clamav:test ./test_smoke.sh
#        (defaults to tabledevil/clamav)

set -u
TAG="${TAG:-tabledevil/clamav}"
TMP="$(mktemp -d)"
trap 'rm -rf "$TMP"' EXIT

pass=0; fail=0
ok()  { echo "PASS  $1"; pass=$((pass+1)); }
bad() { echo "FAIL  $1"; fail=$((fail+1)); }

if docker image inspect "$TAG" >/dev/null 2>&1; then
  ok "image $TAG present"
else
  bad "image $TAG not present"; exit 1
fi

out="$(docker run --rm "$TAG" version 2>&1 || true)"
if echo "$out" | grep -qE "ClamAV [0-9]+\.[0-9]+"; then
  ok "version reports ClamAV engine"
else
  bad "version did not report ClamAV engine"
  echo "$out" | tail -10
fi
if echo "$out" | grep -qE "[0-9]+ Signatures loaded"; then
  ok "sig DB loaded ($(echo "$out" | grep -oE '[0-9]+ Signatures loaded' | head -1))"
else
  bad "sig count not reported"
fi

mkdir -p "$TMP/data"
printf '%s%s' \
  'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-' \
  'STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > "$TMP/data/eicar.com"

out="$(docker run --rm -v "$TMP/data:/data:ro" "$TAG" scan 2>&1 || true)"
if echo "$out" | grep -qiE "EICAR.*FOUND|Infected files: [1-9]"; then
  ok "scan detects EICAR"
else
  bad "scan did not detect EICAR"
  echo "$out" | tail -20
fi

echo
echo "Summary: $pass pass, $fail fail"
[ "$fail" -eq 0 ]