package io.jenkins.plugins.kubernetes.ephemeral.rules;

import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.Extension;
import hudson.model.Descriptor;
import io.jenkins.plugins.kubernetes.ephemeral.EphemeralContainerStep;
import io.jenkins.plugins.kubernetes.ephemeral.EphemeralContainerStepRule;
import io.jenkins.plugins.kubernetes.ephemeral.ImageReference;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundConstructor;

/* loaded from: input_file:WEB-INF/lib/kubernetes-ephemeral-container.jar:io/jenkins/plugins/kubernetes/ephemeral/rules/ContainerImageRule.class */
public class ContainerImageRule extends EphemeralContainerStepRule {
    private final String names;
    private final EphemeralContainerStepRule.Action action;
    private transient Pattern regex;

    @Extension
    @Symbol({"containerImageRule"})
    /* loaded from: input_file:WEB-INF/lib/kubernetes-ephemeral-container.jar:io/jenkins/plugins/kubernetes/ephemeral/rules/ContainerImageRule$DescriptorImpl.class */
    public static class DescriptorImpl extends Descriptor<EphemeralContainerStepRule> {
        @NonNull
        public String getDisplayName() {
            return "Container Image Rule";
        }
    }

    public ContainerImageRule() {
        this("*", EphemeralContainerStepRule.Action.ALLOW);
    }

    @DataBoundConstructor
    public ContainerImageRule(String str, EphemeralContainerStepRule.Action action) {
        this.names = StringUtils.trimToEmpty(str);
        this.action = action == null ? EphemeralContainerStepRule.Action.ALLOW : action;
    }

    @NonNull
    private Pattern getNamesRegex() {
        if (this.regex == null) {
            this.regex = Pattern.compile(wildcardPatternsToRegex(this.names));
        }
        return this.regex;
    }

    static String wildcardPatternsToRegex(@NonNull String str) {
        String str2 = (String) str.lines().map((v0) -> {
            return v0.trim();
        }).filter(Predicate.not((v0) -> {
            return v0.isEmpty();
        })).filter(str3 -> {
            return !str3.startsWith("#");
        }).map(ContainerImageRule::wildcardToRegex).collect(Collectors.joining("|"));
        return str2.isBlank() ? "" : "^(" + str2 + ")$";
    }

    private static String wildcardToRegex(String str) {
        String[] splitPreserveAllTokens = StringUtils.splitPreserveAllTokens(str, "*");
        for (int i = 0; i < splitPreserveAllTokens.length; i++) {
            if (!StringUtils.equals(splitPreserveAllTokens[i], "")) {
                splitPreserveAllTokens[i] = Pattern.quote(splitPreserveAllTokens[i]);
            }
        }
        return String.join(".*", splitPreserveAllTokens);
    }

    @Override // io.jenkins.plugins.kubernetes.ephemeral.EphemeralContainerStepRule
    @NonNull
    public Optional<EphemeralContainerStepRule.Result> test(@NonNull EphemeralContainerStep ephemeralContainerStep) {
        Optional<ImageReference> parse = ImageReference.parse(ephemeralContainerStep.getImage());
        return parse.isEmpty() ? Optional.of(EphemeralContainerStepRule.Result.reject("Invalid image reference")) : getNamesRegex().asMatchPredicate().test(parse.get().getName()) ? this.action == EphemeralContainerStepRule.Action.REJECT ? Optional.of(EphemeralContainerStepRule.Result.reject("Image '" + ephemeralContainerStep.getImage() + "' has been disallowed by Jenkins administrators.")) : Optional.of(new EphemeralContainerStepRule.Result(this.action)) : this.action == EphemeralContainerStepRule.Action.ALLOW ? Optional.of(EphemeralContainerStepRule.Result.reject("Image '" + ephemeralContainerStep.getImage() + "' not in allow list")) : Optional.empty();
    }

    @NonNull
    public String getNames() {
        return this.names;
    }

    @NonNull
    public EphemeralContainerStepRule.Action getAction() {
        return this.action;
    }

    public String toString() {
        return new ToStringBuilder(this, ToStringStyle.SIMPLE_STYLE).append("action", this.action).append("names", this.names).toString();
    }
}
