package io.jenkins.plugins.finitestatethirdpartyupload;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractBuild;
import hudson.model.AbstractProject;
import hudson.model.BuildListener;
import hudson.model.Item;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Publisher;
import hudson.tasks.Recorder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import io.jenkins.cli.shaded.org.apache.commons.lang.StringEscapeUtils;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import jline.internal.InputStreamReader;
import org.jenkinsci.Symbol;
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.interceptor.RequirePOST;

/* loaded from: input_file:io/jenkins/plugins/finitestatethirdpartyupload/ThirdPartyUploadRecorder.class */
public class ThirdPartyUploadRecorder extends Recorder {
    private String finiteStateClientId;
    private String finiteStateSecret;
    private String finiteStateOrganizationContext;
    private String assetId;
    private String version;
    private Boolean externalizableId;
    private String filePath;
    private String testType;
    private String businessUnitId;
    private String createdByUserId;
    private String productId;
    private String artifactDescription;
    private String parsedVersion;

    @Extension
    @Symbol({"fs-third-party-upload"})
    /* loaded from: input_file:io/jenkins/plugins/finitestatethirdpartyupload/ThirdPartyUploadRecorder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Publisher> {
        @RequirePOST
        public ListBoxModel doFillFiniteStateClientIdItems(@AncestorInPath Item item, @QueryParameter String str) {
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            if (item == null) {
                if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
                    return standardListBoxModel.includeCurrentValue(str);
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return standardListBoxModel.includeCurrentValue(str);
            }
            Iterator it = CredentialsProvider.lookupCredentials(StandardCredentials.class, (Item) null, ACL.SYSTEM, Collections.emptyList()).iterator();
            while (it.hasNext()) {
                standardListBoxModel.add(((StandardCredentials) it.next()).getId());
            }
            return standardListBoxModel;
        }

        @RequirePOST
        public ListBoxModel doFillFiniteStateSecretItems(@AncestorInPath Item item, @QueryParameter String str) {
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            if (item == null) {
                if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
                    return standardListBoxModel.includeCurrentValue(str);
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return standardListBoxModel.includeCurrentValue(str);
            }
            Iterator it = CredentialsProvider.lookupCredentials(StandardCredentials.class, (Item) null, ACL.SYSTEM, Collections.emptyList()).iterator();
            while (it.hasNext()) {
                standardListBoxModel.add(((StandardCredentials) it.next()).getId());
            }
            return standardListBoxModel;
        }

        @RequirePOST
        public ListBoxModel doFillFiniteStateOrganizationContextItems(@AncestorInPath Item item, @QueryParameter String str) {
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            if (item == null) {
                if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
                    return standardListBoxModel.includeCurrentValue(str);
                }
            } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                return standardListBoxModel.includeCurrentValue(str);
            }
            Iterator it = CredentialsProvider.lookupCredentials(StandardCredentials.class, (Item) null, ACL.SYSTEM, Collections.emptyList()).iterator();
            while (it.hasNext()) {
                standardListBoxModel.add(((StandardCredentials) it.next()).getId());
            }
            return standardListBoxModel;
        }

        private FormValidation checkRequiredValue(Item item, String str) {
            return (item == null || !(item.hasPermission(Item.EXTENDED_READ) || item.hasPermission(CredentialsProvider.USE_ITEM))) ? FormValidation.error("You do not have permission to perform this action.") : (str == null || str.trim().isEmpty()) ? FormValidation.error("This value is required") : FormValidation.ok();
        }

        @RequirePOST
        public FormValidation doCheckFiniteStateClientId(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return checkRequiredValue(item, str);
        }

        @RequirePOST
        public FormValidation doCheckFiniteStateSecret(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return checkRequiredValue(item, str);
        }

        @RequirePOST
        public FormValidation doCheckFiniteStateOrganizationContext(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return checkRequiredValue(item, str);
        }

        @RequirePOST
        public FormValidation doCheckAssetId(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return checkRequiredValue(item, str);
        }

        @RequirePOST
        public FormValidation doCheckVersion(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return checkRequiredValue(item, str);
        }

        @RequirePOST
        public FormValidation doCheckFilePath(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return checkRequiredValue(item, str);
        }

        @RequirePOST
        public FormValidation doCheckTestType(@AncestorInPath Item item, @QueryParameter String str) throws IOException, ServletException {
            return (item == null || !(item.hasPermission(Item.EXTENDED_READ) || item.hasPermission(CredentialsProvider.USE_ITEM))) ? FormValidation.error("You do not have permission to perform this action.") : (str == null || str.trim().isEmpty() || "-- Select --".equals(str)) ? FormValidation.error("This value is required. Please, select a valid option") : FormValidation.ok();
        }

        @RequirePOST
        public ListBoxModel doFillTestTypeItems() {
            ListBoxModel listBoxModel = new ListBoxModel();
            for (String str : new String[]{"-- Select --", "acunetix360_scan", "acunetix_scan", "anchore_engine_scan", "anchore_enterprise_policy_check", "anchore_grype", "anchorectl_policies_report", "anchorectl_vuln_report", "appspider_scan", "aqua_scan", "arachni_scan", "auditjs_scan", "aws_prowler_scan", "aws_prowler_v3", "aws_scout2_scan", "aws_security_finding_format_asff_scan", "aws_security_hub_scan", "azure_security_center_recommendations_scan", "bandit_scan", "blackduck_api", "blackduck_component_risk", "blackduck_hub_scan", "brakeman_scan", "bugcrowd_api_import", "bugcrowd_scan", "bundler_audit_scan", "burp_enterprise_scan", "burp_graphql_api", "burp_rest_api", "burp_scan", "cargoaudit_scan", "checkmarx_osa", "checkmarx_scan", "checkmarx_scan_detailed", "checkov_scan", "clair_klar_scan", "clair_scan", "cloudsploit_scan", "cobalt_io_api_import", "cobalt_io_scan", "codechecker_report_native", "contrast_scan", "coverity_api", "crashtest_security_json_file", "crashtest_security_xml_file", "credscan_scan", "cyclonedx", "dawnscanner_scan", "dependency_check_scan", "dependency_track_finding_packaging_format_fpf_export", "detect_secrets_scan", "docker_bench_security_scan", "dockle_scan", "drheader_json_importer", "dsop_scan", "edgescan_scan", "eslint_scan", "fortify_scan", "generic_findings_import", "ggshield_scan", "github_vulnerability_scan", "gitlab_api_fuzzing_report_scan", "gitlab_container_scan", "gitlab_dast_report", "gitlab_dependency_scanning_report", "gitlab_sast_report", "gitlab_secret_detection_report", "gitleaks_scan", "gosec_scanner", "govulncheck_scanner", "hackerone_cases", "hadolint_dockerfile_check", "harbor_vulnerability_scan", "horusec_scan", "huskyci_report", "hydra_scan", "ibm_appscan_dast", "immuniweb_scan", "intsights_report", "jfrog_xray_api_summary_artifact_scan", "jfrog_xray_scan", "jfrog_xray_unified_scan", "kics_scan", "kiuwan_scan", "kube_bench_scan", "logic_bomb_scan", "meterian_scan", "microfocus_webinspect_scan", "mobsf_scan", "mobsfscan_scan", "mozilla_observatory_scan", "netsparker_scan", "neuvector_compliance", "neuvector_rest", "nexpose_scan", "nikto_scan", "nmap_scan", "node_security_platform_scan", "npm_audit_scan", "nuclei_scan", "openscap_vulnerability_scan", "openvas_csv", "ort_evaluated_model_importer", "ossindex_devaudit_sca_scan_importer", "outpost24_scan", "php_security_audit_v2", "php_symfony_security_check", "pip_audit_scan", "pmd_scan", "popeye_scan", "pwn_sast", "qualys_infrastructure_scan_webgui_xml", "qualys_scan", "qualys_webapp_scan", "retire_js_scan", "rubocop_scan", "rusty_hog_scan", "sarif", "scantist_scan", "scout_suite_scan", "semgrep_json_report", "skf_scan", "snyk_scan", "solar_appscreener_scan", "sonarqube_scan", "sonarqube_scan_detailed", "sonatype_application_scan", "spdx", "spotbugs_scan", "ssl_labs_scan", "sslscan", "sslyze_scan", "sslyze_scan_json", "stackhawk_hawkscan", "talisman_scan", "tenable_scan", "terrascan_scan", "testssl_scan", "tfsec_scan", "trivy_operator_scan", "trivy_scan", "trufflehog3_scan", "trufflehog_scan", "trustwave_fusion_api_scan", "trustwave_scan_csv", "twistlock_image_scan", "vcg_scan", "veracode_scan", "veracode_sourceclear_scan", "vulners", "wapiti_scan", "wazuh", "wfuzz_json_report", "whispers_scan", "whitehat_sentinel", "whitesource_scan", "wpscan", "xanitizer_scan", "yarn_audit_scan", "zap_scan"}) {
                listBoxModel.add(str, str);
            }
            return listBoxModel;
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return "Finite State - Third Party Upload";
        }
    }

    @DataBoundConstructor
    public ThirdPartyUploadRecorder(String str, String str2, String str3, String str4, String str5, Boolean bool, String str6, String str7, String str8, String str9, String str10, String str11, Boolean bool2) {
        this.finiteStateClientId = str;
        this.finiteStateSecret = str2;
        this.finiteStateOrganizationContext = str3;
        this.assetId = str4;
        this.testType = str7;
        this.version = str5;
        this.externalizableId = bool;
        this.filePath = str6;
        this.businessUnitId = str8;
        this.createdByUserId = str9;
        this.productId = str10;
        this.artifactDescription = str11;
    }

    public String getFiniteStateClientId() {
        return this.finiteStateClientId;
    }

    public String getFiniteStateSecret() {
        return this.finiteStateSecret;
    }

    public String getFiniteStateOrganizationContext() {
        return this.finiteStateOrganizationContext;
    }

    public String getAssetId() {
        return this.assetId;
    }

    public String getVersion() {
        return this.version;
    }

    public boolean getExternalizableId() {
        return this.externalizableId.booleanValue();
    }

    public String getFilePath() {
        return this.filePath;
    }

    public String getBusinessUnitId() {
        return this.businessUnitId;
    }

    public String getCreatedByUserId() {
        return this.createdByUserId;
    }

    public String getProductId() {
        return this.productId;
    }

    public String getArtifactDescription() {
        return this.artifactDescription;
    }

    public String getTestType() {
        return this.testType;
    }

    @DataBoundSetter
    public void setFiniteStateClientId(String str) {
        this.finiteStateClientId = str;
    }

    @DataBoundSetter
    public void setFiniteStateSecret(String str) {
        this.finiteStateSecret = str;
    }

    @DataBoundSetter
    public void setFiniteStateOrganizationContext(String str) {
        this.finiteStateOrganizationContext = str;
    }

    @DataBoundSetter
    public void setAssetId(String str) {
        this.assetId = str;
    }

    @DataBoundSetter
    public void setVersion(String str) {
        this.version = str;
    }

    @DataBoundSetter
    public void setExternalizableId(boolean z) {
        this.externalizableId = Boolean.valueOf(z);
    }

    @DataBoundSetter
    public void setFilePath(String str) {
        this.filePath = str;
    }

    @DataBoundSetter
    public void setTestType(String str) {
        this.testType = str;
    }

    @DataBoundSetter
    public void setBusinessUnitId(String str) {
        this.businessUnitId = str;
    }

    @DataBoundSetter
    public void setCreatedByUserId(String str) {
        this.createdByUserId = str;
    }

    @DataBoundSetter
    public void setProductId(String str) {
        this.productId = str;
    }

    @DataBoundSetter
    public void setArtifactDescription(String str) {
        this.artifactDescription = str;
    }

    private File getFileFromWorkspace(AbstractBuild abstractBuild, String str, BuildListener buildListener) {
        FilePath workspace = abstractBuild.getWorkspace();
        if (workspace != null) {
            return new File(workspace.getRemote(), str);
        }
        return null;
    }

    public String getSecretTextValue(AbstractBuild abstractBuild, String str) {
        StringCredentials stringCredentials = (StandardCredentials) CredentialsProvider.findCredentialById(str, StringCredentials.class, abstractBuild);
        if (stringCredentials instanceof StringCredentials) {
            return stringCredentials.getSecret().getPlainText();
        }
        return null;
    }

    public static String escapeEnvVar(String str) {
        return StringEscapeUtils.escapeJava(str);
    }

    public static String validateEnvVar(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("Environment variable value cannot be null or empty");
        }
        if (str.matches("^[a-zA-Z0-9-_]+$")) {
            return str;
        }
        throw new IllegalArgumentException("Environment variable value contains invalid characters: " + str);
    }

    public static boolean isDockerInstalled() {
        try {
            return new ProcessBuilder("docker", "--version").start().waitFor() == 0;
        } catch (IOException | InterruptedException e) {
            e.printStackTrace();
            return false;
        }
    }

    private boolean buildDockerImage(File file, BuildListener buildListener) {
        ProcessBuilder processBuilder = new ProcessBuilder("docker", "build", "-t", "finite-state-upload", file.getAbsolutePath());
        processBuilder.redirectErrorStream(true);
        try {
            Process start = processBuilder.start();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(start.getInputStream()));
            while (true) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    buildListener.getLogger().println(readLine);
                } finally {
                }
            }
            bufferedReader.close();
            if (start.waitFor() == 0) {
                return true;
            }
            buildListener.getLogger().println("Docker build failed");
            return false;
        } catch (IOException | InterruptedException e) {
            e.printStackTrace();
            buildListener.getLogger().println("Docker build process encountered an error: " + e.getMessage());
            return false;
        }
    }

    public boolean perform(AbstractBuild abstractBuild, Launcher launcher, BuildListener buildListener) throws InterruptedException, IOException {
        if (!isDockerInstalled()) {
            buildListener.getLogger().println("Docker is not installed");
            return false;
        }
        buildListener.getLogger().println("Docker is installed");
        String externalizableId = getExternalizableId() ? abstractBuild.getExternalizableId() : this.version;
        String validateEnvVar = validateEnvVar(getSecretTextValue(abstractBuild, this.finiteStateClientId));
        String validateEnvVar2 = validateEnvVar(getSecretTextValue(abstractBuild, this.finiteStateSecret));
        String validateEnvVar3 = validateEnvVar(getSecretTextValue(abstractBuild, this.finiteStateOrganizationContext));
        ArrayList<String> arrayList = new ArrayList();
        arrayList.add("INPUT_FINITE-STATE-CLIENT-ID=" + escapeEnvVar(validateEnvVar));
        arrayList.add("INPUT_FINITE-STATE-SECRET=" + escapeEnvVar(validateEnvVar2));
        arrayList.add("INPUT_FINITE-STATE-ORGANIZATION-CONTEXT=" + escapeEnvVar(validateEnvVar3));
        arrayList.add("INPUT_ASSET-ID=" + escapeEnvVar(this.assetId));
        arrayList.add("INPUT_VERSION=" + escapeEnvVar(externalizableId));
        arrayList.add("INPUT_TEST-TYPE=" + escapeEnvVar(this.testType));
        arrayList.add("INPUT_BUSINESS-UNIT-ID=" + escapeEnvVar(this.businessUnitId));
        arrayList.add("INPUT_CREATED-BY-USER-ID=" + escapeEnvVar(this.createdByUserId));
        arrayList.add("INPUT_PRODUCT-ID=" + escapeEnvVar(this.productId));
        arrayList.add("INPUT_ARTIFACT-DESCRIPTION=" + escapeEnvVar(this.artifactDescription));
        URL resource = ThirdPartyUploadRecorder.class.getClassLoader().getResource("io/jenkins/plugins/finitestatethirdpartyupload/docker/Dockerfile");
        if (resource == null) {
            buildListener.getLogger().println("Dockerfile not found");
            return false;
        }
        File parentFile = new File(resource.getFile()).getParentFile();
        if (!buildDockerImage(parentFile, buildListener)) {
            return false;
        }
        buildDockerImage(parentFile, buildListener);
        File fileFromWorkspace = getFileFromWorkspace(abstractBuild, this.filePath, buildListener);
        if (fileFromWorkspace == null || !fileFromWorkspace.exists()) {
            buildListener.getLogger().println("File specified in file path not found: " + this.filePath);
            return false;
        }
        buildListener.getLogger().println("Found file: " + fileFromWorkspace.getAbsolutePath());
        arrayList.add("INPUT_FILE-PATH=/tmp/" + fileFromWorkspace.getName());
        String parent = fileFromWorkspace.getParent();
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("docker");
        arrayList2.add("run");
        arrayList2.add("--rm");
        for (String str : arrayList) {
            arrayList2.add("-e");
            arrayList2.add(str);
        }
        arrayList2.add("-v");
        arrayList2.add(parent + ":" + "/tmp/");
        arrayList2.add("finite-state-upload");
        ProcessBuilder processBuilder = new ProcessBuilder(arrayList2);
        processBuilder.redirectErrorStream(true);
        Process start = processBuilder.start();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(start.getInputStream()));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                buildListener.getLogger().println(readLine);
            } catch (Throwable th) {
                try {
                    bufferedReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
        bufferedReader.close();
        if (start.waitFor() != 0) {
            buildListener.getLogger().println("Docker run failed");
            return false;
        }
        abstractBuild.addAction(new ThirdPartyUploadAction(this.assetId));
        return true;
    }
}
