[ ] Titan should behave like Saturn, i.e. receive a notice via HTTP from siarnaq on ANY file upload that the file object (sent in the request) should be scanned for malware (applies to code submissions and resumes)
[ ] In the interim, siarnaq should mark the file as unverified
[ ] Titan should have the ClamAV db?? downloaded, and should spin up on demand
[ ] Once the file has been verified/believed to be malicious, titan should send an HTTP request back to siarnaq instructing to mark the file as such (doesn't need to send the file back to siarnaq in the request)
[ ] Upon receiving the HTTP request, siarnaq should mark the file with the given status
Benefits of Proposed Structure:
It will be easier to debug and log issues with titan, as previous debugging efforts in #786 were extremely difficult and required manual tweaking of service accounts and event triggers 🚫
Mimics design methodology of siarnaq/saturn interaction via HTTP requests and asynchronous message-based status passing
We don't really understand ClamAV that well, and this rebuild will effectively section it off into the Titan module where we can better reason about its behavior (and hopefully makes it easier to have ClamAV downloaded).
Proposed Titan Rebuild:
Benefits of Proposed Structure: