fix(virus scan): prevent virus scan on archives and signatures uploads

app/models/bill_signature.rb

@@ -30,6 +30,7 @@ class BillSignature < ApplicationRecord
       io: StringIO.new(operations_bill_json),
       filename: "demarches-simplifiees-operations-#{day.to_date.iso8601}.json",
       content_type: 'application/json',
+      # we don't want to run virus scanner on this file
       metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
     )
 
@@ -52,7 +53,9 @@ class BillSignature < ApplicationRecord
     self.signature.attach(
       io: StringIO.new(signature),
       filename: "demarches-simplifiees-signature-#{day.to_date.iso8601}.der",
-      content_type: 'application/x-x509-ca-cert'
+      content_type: 'application/x-x509-ca-cert',
+      # we don't want to run virus scanner on this file
+      metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
     )
   end
 

app/models/etablissement.rb

@@ -176,6 +176,7 @@ class Etablissement < ApplicationRecord
       attestation.attach(
         io: StringIO.new(response.body),
         filename: filename,
+        # we don't want to run virus scanner on this file
         metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
       )
     end

app/services/procedure_archive_service.rb

@@ -40,7 +40,12 @@ class ProcedureArchiveService
       end
     end
 
-    archive.file.attach(io: File.open(tmp_file), filename: archive.filename(@procedure))
+    archive.file.attach(
+      io: File.open(tmp_file),
+      filename: archive.filename(@procedure),
+      # we don't want to run virus scanner on this file
+      metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
+    )
     tmp_file.delete
     archive.make_available!
     InstructeurMailer.send_archive(instructeur, @procedure, archive).deliver_later