package com.rapid7.sdlc.plugin.jenkins;

import com.cloudbees.plugins.credentials.CredentialsMatcher;
import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.rapid7.container.analyzer.docker.model.image.Image;
import com.rapid7.container.analyzer.docker.model.image.ImageId;
import com.rapid7.container.analyzer.docker.model.image.json.ImageModelObjectMapper;
import com.rapid7.container.analyzer.docker.service.DockerImageAnalyzerService;
import com.rapid7.sdlc.plugin.AssessmentService;
import com.rapid7.sdlc.plugin.ReportService;
import com.rapid7.sdlc.plugin.Status;
import com.rapid7.sdlc.plugin.api.BuildApi;
import com.rapid7.sdlc.plugin.api.client.ApiClient;
import com.rapid7.sdlc.plugin.api.model.NewImageBuild;
import com.rapid7.sdlc.plugin.api.model.Policy;
import com.rapid7.sdlc.plugin.api.model.Rule;
import com.rapid7.sdlc.plugin.jenkins.InsightVmApiConfiguration;
import com.rapid7.sdlc.plugin.jenkins.report.AssessmentReportBaseAction;
import com.rapid7.sdlc.plugin.jenkins.report.AssessmentReportProjectAction;
import com.rapid7.sdlc.plugin.jenkins.report.AssessmentReportRunAction;
import com.rapid7.sdlc.plugin.ruleset.Rule;
import com.rapid7.sdlc.plugin.ruleset.RuleResult;
import com.rapid7.sdlc.plugin.ruleset.action.FailAction;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import freemarker.template.TemplateException;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Functions;
import hudson.Launcher;
import hudson.ProxyConfiguration;
import hudson.Util;
import hudson.model.AbstractProject;
import hudson.model.Action;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.model.Node;
import hudson.model.Result;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.ArgumentListBuilder;
import hudson.util.FormValidation;
import hudson.util.Secret;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintStream;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.StringTokenizer;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.annotation.Nonnull;
import jenkins.model.Jenkins;
import jenkins.security.MasterToSlaveCallable;
import jenkins.tasks.SimpleBuildStep;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.Symbol;
import org.jenkinsci.plugins.docker.commons.tools.DockerTool;
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:com/rapid7/sdlc/plugin/jenkins/ContainerAssessmentBuilder.class */
public class ContainerAssessmentBuilder extends Builder implements SimpleBuildStep {
    public static final String PLUGIN_NAME = "rapid7-insightvm-container-assessment";
    private ArrayList<Rule> rawRules = new ArrayList<>();
    private List<ThresholdRuleDescribable> thresholdRules = Collections.emptyList();
    private List<NameRuleDescribable> nameRules = Collections.emptyList();
    private Map<String, ThresholdRuleDescribable> uniqueThresholdRules = new HashMap();
    private boolean failOnPluginError;
    private boolean treatWarningsAsErrors;
    private String imageId;
    private String workspaceDir;
    private ApiClient apiClient;

    /* loaded from: input_file:com/rapid7/sdlc/plugin/jenkins/ContainerAssessmentBuilder$AnalyzeCallable.class */
    private static final class AnalyzeCallable extends MasterToSlaveCallable<Void, Exception> {
        private static final long serialVersionUID = 1;
        private final String rpmImageId;
        private final FilePath workDir;
        private final TaskListener taskListener;

        AnalyzeCallable(FilePath filePath, String str, TaskListener taskListener) {
            this.rpmImageId = str;
            this.workDir = filePath;
            this.taskListener = taskListener;
        }

        @SuppressFBWarnings({"RV_RETURN_VALUE_IGNORED_BAD_PRACTICE"})
        /* renamed from: call, reason: merged with bridge method [inline-methods] */
        public Void m31call() throws IOException {
            PrintStream logger = this.taskListener.getLogger();
            File file = new File(this.workDir.getRemote(), "image.tar");
            logger.println("Extracting image data...");
            File file2 = new File(this.workDir.getRemote(), "/extract");
            if (!file2.exists()) {
                file2.mkdir();
            }
            logger.println("Analyzing image data...");
            DockerImageAnalyzerService dockerImageAnalyzerService = new DockerImageAnalyzerService(this.rpmImageId);
            dockerImageAnalyzerService.writeJson(dockerImageAnalyzerService.analyze(file, this.workDir.getRemote() + "/extract"), new File(this.workDir.getRemote(), "image.json"));
            logger.println("Finished analyzing image data.");
            return null;
        }
    }

    @Extension
    @Symbol({"assessContainerImage"})
    /* loaded from: input_file:com/rapid7/sdlc/plugin/jenkins/ContainerAssessmentBuilder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        public DescriptorImpl() {
            load();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        @Nonnull
        public String getDisplayName() {
            return Messages.ContainerAssessmentBuilder_BuildStepName();
        }

        public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            staplerRequest.bindJSON(this, jSONObject);
            save();
            return super.configure(staplerRequest, jSONObject);
        }

        public FormValidation doCheckImageId(@QueryParameter String str, @AncestorInPath Item item) {
            if (item == null) {
                return FormValidation.ok();
            }
            item.checkPermission(Item.CONFIGURE);
            if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
                return FormValidation.ok();
            }
            String credentialsId = InsightVmApiConfiguration.get().getCredentialsId();
            StringCredentials stringCredentials = null;
            if (credentialsId != null) {
                stringCredentials = CredentialsMatchers.firstOrNull(CredentialsMatchers.filter(CredentialsProvider.lookupCredentials(StringCredentials.class, Jenkins.getInstance(), ACL.SYSTEM, Collections.emptyList()), CredentialsMatchers.withId(StringUtils.trimToEmpty(credentialsId))), CredentialsMatchers.allOf(new CredentialsMatcher[]{CredentialsMatchers.withId(credentialsId)}));
            }
            return stringCredentials == null ? FormValidation.error(Messages.ContainerAssessmentBuilder_ApiTokenMissing()) : FormValidation.ok();
        }
    }

    @DataBoundConstructor
    public ContainerAssessmentBuilder() {
    }

    public String getImageId() {
        return this.imageId;
    }

    @DataBoundSetter
    public void setImageId(String str) {
        this.imageId = str;
    }

    public String getWorkspaceDir() {
        return this.workspaceDir;
    }

    @DataBoundSetter
    public void setWorkspaceDir(String str) {
        this.workspaceDir = str;
    }

    public boolean getFailOnPluginError() {
        return this.failOnPluginError;
    }

    @DataBoundSetter
    public void setFailOnPluginError(boolean z) {
        this.failOnPluginError = z;
    }

    public boolean getTreatWarningsAsErrors() {
        return this.treatWarningsAsErrors;
    }

    @DataBoundSetter
    public void setTreatWarningsAsErrors(boolean z) {
        this.treatWarningsAsErrors = z;
    }

    public List<ThresholdRuleDescribable> getThresholdRules() {
        return this.thresholdRules;
    }

    @DataBoundSetter
    public void setThresholdRules(List<ThresholdRuleDescribable> list) {
        this.thresholdRules = list;
        list.forEach(thresholdRuleDescribable -> {
            this.uniqueThresholdRules.putIfAbsent(thresholdRuleDescribable.getClass().getName(), thresholdRuleDescribable);
        });
        this.uniqueThresholdRules.values().forEach(thresholdRuleDescribable2 -> {
            this.rawRules.add(new Rule(thresholdRuleDescribable2.getActionObject(), thresholdRuleDescribable2.getPropertyEvaluator()));
        });
    }

    public List<NameRuleDescribable> getNameRules() {
        return this.nameRules;
    }

    @DataBoundSetter
    public void setNameRules(List<NameRuleDescribable> list) {
        this.nameRules = list;
        list.forEach(nameRuleDescribable -> {
            this.rawRules.add(new Rule(nameRuleDescribable.getActionObject(), nameRuleDescribable.getPropertyEvaluator()));
        });
    }

    /* JADX WARN: Failed to calculate best type for var: r30v1 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r30v1 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r31v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r31v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 30, insn: 0x027d: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r30 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:117:0x027d */
    /* JADX WARN: Not initialized variable reg: 31, insn: 0x0282: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r31 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:119:0x0282 */
    /* JADX WARN: Type inference failed for: r30v1, types: [java.io.BufferedReader] */
    /* JADX WARN: Type inference failed for: r31v0, types: [java.lang.Throwable] */
    public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull Launcher launcher, @Nonnull TaskListener taskListener) {
        ?? r30;
        ?? r31;
        PrintStream logger = taskListener.getLogger();
        logger.println("Starting Rapid7 InsightVM Container Assessment");
        FilePath filePath2 = null;
        try {
            try {
            } catch (Throwable th) {
                logger.println("Cleaning up temporary files in workspace...");
                if (0 != 0) {
                    try {
                        filePath2.deleteRecursive();
                    } catch (Exception e) {
                        logger.println("Cleaning up temporary files in workspace failed.");
                        e.printStackTrace(logger);
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e2) {
            logger.println("Encountered an exception.");
            e2.printStackTrace(logger);
            if (this.failOnPluginError) {
                run.setResult(Result.FAILURE);
            } else {
                logger.println("Continuing anyway because 'fail on plugin failure' is disabled...");
            }
            logger.println("Cleaning up temporary files in workspace...");
            if (0 != 0) {
                try {
                    filePath2.deleteRecursive();
                } catch (Exception e3) {
                    logger.println("Cleaning up temporary files in workspace failed.");
                    e3.printStackTrace(logger);
                }
            }
        }
        if (!this.rawRules.isEmpty() && this.rawRules.stream().filter(rule -> {
            return rule.getPropertyEvaluator().isValid();
        }).count() < 1) {
            throw new AbortException("All of the defined rules are invalid.");
        }
        StringCredentials stringCredentials = null;
        String credentialsId = InsightVmApiConfiguration.get().getCredentialsId();
        if (credentialsId != null) {
            stringCredentials = (StringCredentials) CredentialsMatchers.firstOrNull(CredentialsMatchers.filter(CredentialsProvider.lookupCredentials(StringCredentials.class, Jenkins.getInstance(), ACL.SYSTEM, Collections.emptyList()), CredentialsMatchers.withId(StringUtils.trimToEmpty(credentialsId))), CredentialsMatchers.allOf(new CredentialsMatcher[]{CredentialsMatchers.withId(credentialsId)}));
        }
        if (stringCredentials == null) {
            throw new AbortException("InsightVM API key is missing. Please configure it before using the container assessment plugin.");
        }
        String str = System.getenv("NODE_NAME");
        Node node = null;
        if (str != null && !str.isEmpty()) {
            node = Jenkins.getInstance().getNode(str);
        }
        EnvVars environment = run.getEnvironment(taskListener);
        String expand = environment.expand(this.imageId);
        String executable = DockerTool.getExecutable("docker", node, launcher.getListener(), environment);
        boolean parseBoolean = Boolean.parseBoolean(environment.get("USE_SUDO_DOCKER", "false"));
        FilePath createTempDir = filePath.createTempDir("r7sdlc", (String) null);
        logger.println("Retrieving image ID from Docker...");
        ArgumentListBuilder add = new ArgumentListBuilder().add(executable).add("image").add("ls").add("--no-trunc").add(expand);
        if (parseBoolean) {
            add.prepend(new String[]{"sudo"});
        }
        Launcher.ProcStarter launch = launcher.launch();
        launch.pwd(createTempDir);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        launch.cmds(add).envs(environment).stdout(byteArrayOutputStream).stderr(byteArrayOutputStream2);
        int joinWithTimeout = launch.start().joinWithTimeout(10L, TimeUnit.SECONDS, launcher.getListener());
        if (joinWithTimeout != 0) {
            throw new AbortException("Docker command exited with status " + joinWithTimeout + ": " + byteArrayOutputStream2.toString(StandardCharsets.UTF_8.name()));
        }
        String str2 = null;
        StringReader stringReader = new StringReader(byteArrayOutputStream.toString(StandardCharsets.UTF_8.name()));
        Throwable th2 = null;
        try {
            try {
                BufferedReader bufferedReader = new BufferedReader(stringReader);
                Throwable th3 = null;
                bufferedReader.readLine();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    StringTokenizer stringTokenizer = new StringTokenizer(readLine, " ");
                    if (stringTokenizer.countTokens() < 5) {
                        throw new AbortException("Unexpected `docker image ls` output : " + readLine);
                    }
                    if (expand.equalsIgnoreCase(String.join(":", stringTokenizer.nextToken(), stringTokenizer.nextToken()))) {
                        str2 = stringTokenizer.nextToken();
                        break;
                    }
                }
                if (bufferedReader != null) {
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                if (stringReader != null) {
                    if (0 != 0) {
                        try {
                            stringReader.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        stringReader.close();
                    }
                }
                byteArrayOutputStream.reset();
                byteArrayOutputStream2.reset();
                add.clear();
                if (str2 == null || str2.isEmpty()) {
                    throw new AbortException("No images matching '" + expand + "' found, aborting.");
                }
                logger.println("Creating image bundle...");
                add.add(new String[]{executable, "save", str2, "-o", "image.tar"});
                if (parseBoolean) {
                    add.prepend(new String[]{"sudo"});
                }
                int join = launch.cmds(add).envs(environment).stdout(byteArrayOutputStream).stderr(byteArrayOutputStream2).start().join();
                if (join != 0) {
                    throw new AbortException("Docker command exited with status " + join + ": " + byteArrayOutputStream2.toString(StandardCharsets.UTF_8.name()));
                }
                AnalyzeCallable analyzeCallable = new AnalyzeCallable(createTempDir, InsightVmApiConfiguration.get().getRpmDockerImage(), launcher.getListener());
                logger.println("Analyzing image " + expand + "...");
                launcher.getChannel().call(analyzeCallable);
                FilePath child = createTempDir.child("image.json");
                if (!child.exists()) {
                    throw new AbortException("Image analysis failed: image.json not found in workspace.");
                }
                Image image = (Image) new ImageModelObjectMapper().readValue(child.readToString(), Image.class);
                logger.println("Image ID: " + image.getId());
                logger.println("Packages: " + image.getPackages().size());
                InsightVmApiConfiguration.Region insightRegion = InsightVmApiConfiguration.get().getInsightRegion();
                logger.println("Using InsightVM in region " + insightRegion.getLabel() + " (" + insightRegion.getEndpoint() + ")");
                this.apiClient = new ApiClient("api-key", Secret.toString(stringCredentials.getSecret()));
                this.apiClient.setBasePath(InsightVmApiConfiguration.get().getInsightRegion().getEndpoint());
                ProxyConfiguration proxyConfiguration = Jenkins.getInstance().proxy;
                if (proxyConfiguration != null) {
                    this.apiClient.setProxy(proxyConfiguration);
                }
                AssessmentService assessmentService = new AssessmentService(this.apiClient);
                logger.println("Submitting image for assessment...");
                assessmentService.uploadImageAnalysis(image);
                logger.println("Retrieving assessment results...");
                com.rapid7.sdlc.plugin.api.model.Image image2 = assessmentService.getImage(image.getId());
                logger.println("Evaluating build policy...");
                Map<Rule, RuleResult> evaluateRules = evaluateRules(image2, logger);
                logger.println("Generating report...");
                generateReport(run, image.getId(), expand, image2, evaluateRules);
                logger.println("Executing rule actions...");
                submitMetrics(run, evaluateRules, image.getId(), takeRuleActions(run, taskListener, evaluateRules), InsightVmApiConfiguration.get().getSystemId());
                logger.println("Cleaning up temporary files in workspace...");
                if (createTempDir != null) {
                    try {
                        createTempDir.deleteRecursive();
                    } catch (Exception e4) {
                        logger.println("Cleaning up temporary files in workspace failed.");
                        e4.printStackTrace(logger);
                    }
                }
                logger.println("Image assessment completed.");
            } catch (Throwable th6) {
                if (stringReader != null) {
                    if (0 != 0) {
                        try {
                            stringReader.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        stringReader.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (r30 != 0) {
                if (r31 != 0) {
                    try {
                        r30.close();
                    } catch (Throwable th9) {
                        r31.addSuppressed(th9);
                    }
                } else {
                    r30.close();
                }
            }
            throw th8;
        }
    }

    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    private void submitMetrics(Run<?, ?> run, Map<Rule, RuleResult> map, ImageId imageId, Status status, String str) {
        ((BuildApi) this.apiClient.buildClient(BuildApi.class)).newImageBuild(new NewImageBuild().artifactId(imageId.getString()).number(String.valueOf(run.getNumber())).platform("JENKINS").policy((map == null || map.isEmpty()) ? new Policy() : new Policy().rules((List) map.entrySet().stream().map(this::convert).collect(Collectors.toList()))).projectId(run.getParent().getDisplayName()).start(run.getTime().toInstant().toString()).status(status.name()).systemId(str).version(Util.fixNull(Jenkins.getVersion().toString())));
    }

    private com.rapid7.sdlc.plugin.api.model.Rule convert(Map.Entry<Rule, RuleResult> entry) {
        Rule key = entry.getKey();
        RuleResult value = entry.getValue();
        return new com.rapid7.sdlc.plugin.api.model.Rule().action(Rule.ActionEnum.fromValue(key.getAction().getType().name())).criterion(Rule.CriterionEnum.fromValue(key.getPropertyEvaluator().getCriterionName())).configuredValue(key.getPropertyEvaluator().getConfiguredValue()).status(value.failed() ? Rule.StatusEnum.FAILED : Rule.StatusEnum.PASSED).actualValue(value.getActualValue());
    }

    private Map<com.rapid7.sdlc.plugin.ruleset.Rule, RuleResult> evaluateRules(com.rapid7.sdlc.plugin.api.model.Image image, PrintStream printStream) {
        this.rawRules.stream().filter(rule -> {
            return !rule.isValid();
        }).forEach(rule2 -> {
            printStream.println("WARN: Skipping invalid rule: " + rule2.getPropertyEvaluator().getDisplayName() + " " + rule2.getPropertyEvaluator().getConfiguredValue());
        });
        if (this.rawRules.stream().filter((v0) -> {
            return v0.isValid();
        }).count() >= 1) {
            return (Map) this.rawRules.stream().filter((v0) -> {
                return v0.isValid();
            }).collect(Collectors.toMap(rule3 -> {
                return rule3;
            }, rule4 -> {
                return rule4.check(image);
            }));
        }
        printStream.println("WARN: No valid rules defined.");
        return Collections.emptyMap();
    }

    private Status takeRuleActions(Run<?, ?> run, TaskListener taskListener, Map<com.rapid7.sdlc.plugin.ruleset.Rule, RuleResult> map) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (Map.Entry<com.rapid7.sdlc.plugin.ruleset.Rule, RuleResult> entry : map.entrySet()) {
            com.rapid7.sdlc.plugin.ruleset.Rule key = entry.getKey();
            if (entry.getValue().failed()) {
                if (key.getAction() instanceof FailAction) {
                    arrayList.add(key.getMessage());
                    taskListener.getLogger().println("ERROR: " + key.getMessage());
                } else {
                    arrayList2.add(key.getMessage());
                    taskListener.getLogger().println("WARN: " + key.getMessage());
                }
            }
        }
        if (!arrayList.isEmpty() || (this.treatWarningsAsErrors && !arrayList2.isEmpty())) {
            run.setResult(Result.FAILURE);
            return Status.FAILURE;
        }
        if (arrayList2.isEmpty()) {
            run.setResult(Result.SUCCESS);
            return Status.SUCCESS;
        }
        run.setResult(Result.UNSTABLE);
        return Status.UNSTABLE;
    }

    private void generateReport(Run<?, ?> run, ImageId imageId, String str, com.rapid7.sdlc.plugin.api.model.Image image, Map<com.rapid7.sdlc.plugin.ruleset.Rule, RuleResult> map) throws IOException, TemplateException {
        File file = new File(run.getRootDir(), AssessmentReportBaseAction.BASE_DIR);
        if (!file.exists() && !file.mkdir()) {
            throw new IOException("Report directory does not exist, and could not be created.");
        }
        File file2 = new File(file, AssessmentReportBaseAction.REPORT_PAGE);
        ReportService reportService = new ReportService(file);
        Optional findFirst = run.getCauses().stream().map((v0) -> {
            return v0.getShortDescription();
        }).findFirst();
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new FileOutputStream(file2), StandardCharsets.UTF_8);
        Throwable th = null;
        try {
            outputStreamWriter.write(reportService.generateAssessmentReport(run.getParent().getDisplayName(), run.getNumber(), (String) findFirst.orElse("Unknown Cause"), imageId, str, image, map, Functions.getResourcePath() + "/plugin/" + PLUGIN_NAME + "/"));
            if (outputStreamWriter != null) {
                if (0 != 0) {
                    try {
                        outputStreamWriter.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    outputStreamWriter.close();
                }
            }
            run.replaceAction(new AssessmentReportRunAction(file, new String[0]));
        } catch (Throwable th3) {
            if (outputStreamWriter != null) {
                if (0 != 0) {
                    try {
                        outputStreamWriter.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    outputStreamWriter.close();
                }
            }
            throw th3;
        }
    }

    public Action getProjectAction(AbstractProject<?, ?> abstractProject) {
        return new AssessmentReportProjectAction(abstractProject);
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m30getDescriptor() {
        return super.getDescriptor();
    }
}
