Enable ClamAV scanning on GCP

[pbastia]

Description:

Enable ClamAV scanning infrastructure: https://cloud.google.com/architecture/automate-malware-scanning-for-documents-uploaded-to-cloud-storage/deployment

Note: This will move the file from one bucket to another, django will need to be adapted in #2664

Acceptance Criteria:

Given I am a developer
When I save a file on GCP
Then It is automatically scanned by ClamAV
And the scan happens on GCP

Development Checklist:

• Checklist item
• Checklist item
• Checklist item
• Meets the DOD

Definition of Ready (Note: If any of these points are not applicable, mark N/A)

• User story is included
• User role and type are identified
• Acceptance criteria are included
• Wireframes are included (if required)
• Design / Solution is accepted by Product Owner
• Dependencies are identified (technical, business, regulatory/policy)
• Story has been estimated (under 13 pts)

Definition of Done (Note: If any of these points are not applicable, mark N/A)

• Acceptance criteria are tested by the CI pipeline
• UI meets accessibility requirements
• Configuration changes are documented, documentation and designs are updated
• Passes code peer-review
• Passes QA of Acceptance Criteria with verification in Dev and Test
• Ticket is ready to be merged to main branch
• Can be demoed in Sprint Review
• Bugs or future work cards are identified and created
• Reviewed and approved by Product Owner

Blocked By/Blocking

Notes:

[pbastia]

Something to consider from @Sepehr-Sobhani :

Hey Developers! I was doing some research last night and came across a package that might help us integrate ClamAV into our Django app: https://pypi.org/project/django-clamd/
Additionally, I found an API that allows us to send files for scanning and proceed with uploading them to the bucket if they are safe. However, I’m not entirely sure how secure it would be to send our files to an external service.

[pbastia]

cc @patriciarussellCAS we could spike that for a few days