feat: file processing pipeline

config/config.go

@@ -9,6 +9,7 @@ import (
 	"gopkg.in/yaml.v3"
 
 	"nos3/internal/infrastructure/broker"
+	"nos3/internal/infrastructure/clamav"
 	"nos3/internal/infrastructure/database"
 	"nos3/internal/infrastructure/grpcclient"
 	"nos3/internal/infrastructure/minio"
@@ -28,6 +29,7 @@ type Config struct {
 	GRPCClient      grpcclient.ClientConfig `yaml:"manager"`
 	GRPCServer      grpcclient.ServerConfig `yaml:"grpc_server"`
 	Logger          logger.Config           `yaml:"logger"`
+	ClamAVConfig    clamav.ScannerConfig    `yaml:"clamav_scanner"`
 }
 
 func Load(path string) (*Config, error) {
@@ -61,6 +63,7 @@ func Load(path string) (*Config, error) {
 	config.MinIOClient.SecretKey = os.Getenv("MINIO_ROOT_PASSWORD")
 	config.DBConfig.URI = os.Getenv("DATABASE_URI")
 	config.BrokerConfig.URI = os.Getenv("BROKER_URI")
+	config.ClamAVConfig.Address = os.Getenv("CLAMAV_ADDRESS")
 
 	if err = config.basicCheck(); err != nil {
 		return nil, Error{

config/config.yml

@@ -105,4 +105,9 @@ logger:
 
   # targets is targets for logs to be written to.
   targets: [file, console]
-
+
+clamav_scanner:
+
+  address: ""
+
+  timeout:

go.mod

@@ -3,6 +3,7 @@ module nos3
 go 1.24.1
 
 require (
+	github.com/barasher/go-exiftool v1.10.0
 	github.com/gabriel-vasile/mimetype v1.4.9
 	github.com/google/uuid v1.6.0
 	github.com/joho/godotenv v1.5.1
@@ -12,6 +13,7 @@ require (
 	github.com/redis/go-redis/v9 v9.8.0
 	github.com/rs/zerolog v1.33.0
 	github.com/stretchr/testify v1.10.0
+	github.com/swimmingrieux/go-clamd v0.0.0-20251116164441-e8eb8db2ea4c
 	github.com/testcontainers/testcontainers-go v0.37.0
 	go.mongodb.org/mongo-driver v1.17.3
 	google.golang.org/grpc v1.70.0
@@ -109,12 +111,12 @@ require (
 	go.opentelemetry.io/otel/trace v1.35.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.5.0 // indirect
 	golang.org/x/arch v0.15.0 // indirect
-	golang.org/x/crypto v0.37.0 // indirect
-	golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
-	golang.org/x/net v0.39.0 // indirect
-	golang.org/x/sync v0.13.0 // indirect
-	golang.org/x/sys v0.32.0 // indirect
-	golang.org/x/text v0.24.0 // indirect
+	golang.org/x/crypto v0.45.0 // indirect
+	golang.org/x/exp v0.0.0-20251113190631-e25ba8c21ef6 // indirect
+	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
 	golang.org/x/time v0.8.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e // indirect
 )

go.sum

@@ -8,6 +8,8 @@ github.com/ImVexed/fasturl v0.0.0-20230304231329-4e41488060f3 h1:ClzzXMDDuUbWfNN
 github.com/ImVexed/fasturl v0.0.0-20230304231329-4e41488060f3/go.mod h1:we0YA5CsBbH5+/NUzC/AlMmxaDtWlXeNsqrwXjTzmzA=
 github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
+github.com/barasher/go-exiftool v1.10.0 h1:f5JY5jc42M7tzR6tbL9508S2IXdIcG9QyieEXNMpIhs=
+github.com/barasher/go-exiftool v1.10.0/go.mod h1:F9s/a3uHSM8YniVfwF+sbQUtP8Gmh9nyzigNF+8vsWo=
 github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
 github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
 github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
@@ -194,6 +196,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/swimmingrieux/go-clamd v0.0.0-20251116164441-e8eb8db2ea4c h1:6h4UQvFHiMm4Z9/vH/5yMO80+F3p+jrXpCsJG9pW6dM=
+github.com/swimmingrieux/go-clamd v0.0.0-20251116164441-e8eb8db2ea4c/go.mod h1:1XQNbsdPSew/aqEAk2Uz3qcAbX15zGgh2aQMaBlizyk=
 github.com/testcontainers/testcontainers-go v0.37.0 h1:L2Qc0vkTw2EHWQ08djon0D2uw7Z/PtHS/QzZZ5Ra/hg=
 github.com/testcontainers/testcontainers-go v0.37.0/go.mod h1:QPzbxZhQ6Bclip9igjLFj6z0hs01bU8lrl2dHQmgFGM=
 github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
@@ -254,10 +258,10 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
-golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
-golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 h1:nDVHiLt8aIbd/VzvPWN6kSOPE7+F/fNFDSXLVYkE/Iw=
-golang.org/x/exp v0.0.0-20250305212735-054e65f0b394/go.mod h1:sIifuuw/Yco/y6yb6+bDNfyeQ/MdPUy/hKEMYQV17cM=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+golang.org/x/exp v0.0.0-20251113190631-e25ba8c21ef6 h1:zfMcR1Cs4KNuomFFgGefv5N0czO2XZpUbxGUy8i8ug0=
+golang.org/x/exp v0.0.0-20251113190631-e25ba8c21ef6/go.mod h1:46edojNIoXTNOhySWIWdix628clX9ODXwPsQuG6hsK0=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
@@ -267,14 +271,14 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
-golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610=
-golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
+golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -291,18 +295,18 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
-golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o=
-golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw=
+golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
+golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
-golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
-golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
+golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
 golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
 golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

internal/domain/entity/malware_scan_result.go

@@ -0,0 +1,47 @@
+package entity
+
+type MalwareScanStatus int
+
+const (
+	MalwareScanStatusUnknown MalwareScanStatus = iota
+	MalwareScanStatusClean
+	MalwareScanStatusInfected
+	MalwareScanStatusError
+)
+
+func (s MalwareScanStatus) String() string {
+	switch s {
+	case MalwareScanStatusClean:
+		return "clean"
+	case MalwareScanStatusInfected:
+		return "infected"
+	case MalwareScanStatusError:
+		return "error"
+	case MalwareScanStatusUnknown:
+		return "unknown"
+	}
+
+	return "invalid"
+}
+
+type MalwareScanResult struct {
+	Status  MalwareScanStatus `json:"status"`
+	Error   string            `json:"error,omitempty"`
+	Threats []string          `json:"threats,omitempty"`
+}
+
+func (r MalwareScanResult) IsClean() bool {
+	return r.Status == MalwareScanStatusClean
+}
+
+func (r MalwareScanResult) IsInfected() bool {
+	return r.Status == MalwareScanStatusInfected
+}
+
+func (r MalwareScanResult) HasError() bool {
+	return r.Status == MalwareScanStatusError
+}
+
+func (r MalwareScanResult) ThreatCount() int {
+	return len(r.Threats)
+}

internal/domain/repository/clamav/client.go

@@ -0,0 +1,12 @@
+package clamav
+
+import (
+	"io"
+
+	"github.com/swimmingrieux/go-clamd"
+)
+
+type ClamdClient interface {
+	Ping() error
+	ScanStream(reader io.Reader, abort chan bool) (chan *clamd.ScanResult, error)
+}

internal/domain/repository/clamav/scanner.go

@@ -0,0 +1,13 @@
+package clamav
+
+import (
+	"context"
+	"io"
+
+	"nos3/internal/domain/entity"
+)
+
+// Scanner defines the interface for scanning files for malware.
+type Scanner interface {
+	ScanStream(ctx context.Context, reader io.Reader) (entity.MalwareScanResult, error)
+}

internal/domain/repository/cliexecuter/command_executor.go

@@ -0,0 +1,5 @@
+package cliexecuter
+
+type CommandExecutor interface {
+	Execute(cmd string, args ...string) ([]byte, error)
+}

internal/domain/repository/exif/exif_processor.go

@@ -0,0 +1,9 @@
+package exif
+
+import "context"
+
+// ExifProcessor handles EXIF removal operations.
+type Processor interface {
+	RemoveExifData(ctx context.Context, filePath string) error
+	Close() error
+}

internal/domain/repository/exif/extension_provider.go

@@ -0,0 +1,6 @@
+package exif
+
+// ExtensionProvider provides supported file extensions.
+type ExtensionProvider interface {
+	GetSupportedExtensions() (map[string]bool, error)
+}

internal/domain/repository/exif/file_validator.go

@@ -0,0 +1,6 @@
+package exif
+
+// FileValidator validates file types.
+type FileValidator interface {
+	ValidateFileType(filePath string) error
+}

internal/infrastructure/clamav/config.go

@@ -0,0 +1,6 @@
+package clamav
+
+type ScannerConfig struct {
+	Address string `yaml:"address"`
+	Timeout int    `yaml:"timeout"`
+}

internal/infrastructure/clamav/error.go

@@ -0,0 +1,40 @@
+package clamav
+
+import "fmt"
+
+type ErrorCode int
+
+const (
+	ErrorCodeUnknown ErrorCode = iota
+	ErrorCodeConnectionFailed
+	ErrorCodeScanFailed
+	ErrorCodeTimeout
+	ErrorCodeMalwareDetected
+	ErrorCodeInvalidInput
+)
+
+type MalwareError struct {
+	Code    ErrorCode
+	Message string
+	Details string
+}
+
+func (e *MalwareError) Error() string {
+	if e.Details != "" {
+		return fmt.Sprintf("%s: %s", e.Message, e.Details)
+	}
+
+	return e.Message
+}
+
+func (e *MalwareError) IsTimeout() bool {
+	return e.Code == ErrorCodeTimeout
+}
+
+func (e *MalwareError) IsMalwareDetected() bool {
+	return e.Code == ErrorCodeMalwareDetected
+}
+
+func (e *MalwareError) IsConnectionError() bool {
+	return e.Code == ErrorCodeConnectionFailed
+}