package io.jenkins.plugins.actions;

import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Job;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import io.jenkins.plugins.commons.JenkinsUtil;
import io.jenkins.plugins.commons.model.FailedStats;
import io.jenkins.plugins.commons.model.QualysBuildConfiguration;
import io.jenkins.plugins.commons.model.QualysConstants;
import io.jenkins.plugins.commons.model.ScanResult;
import io.jenkins.plugins.commons.model.Util;
import io.jenkins.plugins.commons.service.impl.QualysServiceImpl;
import io.jenkins.plugins.jenkins.dto.QualysApiConfiguration;
import io.jenkins.plugins.validation.UIJenkinsValidation;
import io.jenkins.plugins.validation.UIValidation;
import java.io.File;
import java.io.IOException;
import java.net.URISyntaxException;
import java.nio.charset.Charset;
import java.text.MessageFormat;
import java.time.Duration;
import java.time.Instant;
import java.util.Map;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.model.GlobalConfiguration;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildStep;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;

@Extension
/* loaded from: input_file:io/jenkins/plugins/actions/TemplateScanBuilder.class */
public class TemplateScanBuilder extends Builder implements SimpleBuildStep {
    private String IaCServiceEndpoint;
    private String scanName;
    private String scanDirectories;

    @DataBoundSetter
    private boolean isFailedResultsOnly;

    @DataBoundSetter
    private boolean buildFailureSettings;
    private String high;
    private String medium;
    private String low;

    @DataBoundSetter
    private boolean timeoutSettings;
    private String scanResultInterval;
    private String totalJobCompletionTime;
    private String jobName;
    private static final String FINAL_STATUS = "FINISHED";
    private static final String ERROR_STATUS = "ERROR";
    private final Util util = Util.getInstance();
    private final UIValidation uIValidation = new UIJenkinsValidation();

    @Extension
    /* loaded from: input_file:io/jenkins/plugins/actions/TemplateScanBuilder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        private final UIValidation uIValidation = new UIJenkinsValidation();

        public String getUUID() {
            return UUID.randomUUID().toString();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return "Qualys IaC Scan";
        }

        public QualysApiConfiguration[] getIaCServiceEndpoints() {
            Config config;
            return (GlobalConfiguration.all() == null || (config = (Config) GlobalConfiguration.all().get(Config.class)) == null) ? new QualysApiConfiguration[1] : config.getQualysApiConfigurations();
        }

        public FormValidation doCheckIaCServiceEndpoint(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateIaCServiceEndpoint(str, "-1"), str2);
        }

        public FormValidation doCheckScanName(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateScanName(str), str2);
        }

        public FormValidation doCheckScanDirectories(@AncestorInPath Job job, @QueryParameter String str, @QueryParameter String str2) {
            Jenkins.get().checkPermission(Jenkins.ADMINISTER);
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateFolderPaths(str2, Jenkins.get().getRootDir().getPath() + File.separator + "workspace" + File.separator + job.getDisplayName()), str);
        }

        public FormValidation doCheckHigh(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateNumber(str, 0, Integer.MAX_VALUE), str2);
        }

        public FormValidation doCheckMedium(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateNumber(str, 0, Integer.MAX_VALUE), str2);
        }

        public FormValidation doCheckLow(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateNumber(str, 0, Integer.MAX_VALUE), str2);
        }

        public FormValidation doCheckScanResultInterval(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateNumber(str, 10, Integer.MAX_VALUE), str2);
        }

        public FormValidation doCheckTotalJobCompletionTime(@QueryParameter String str, @QueryParameter String str2) {
            return JenkinsUtil.showErrorIfExists(this.uIValidation.validateNumber(str, 10, Integer.MAX_VALUE), str2);
        }
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.NONE;
    }

    @DataBoundConstructor
    public TemplateScanBuilder(String str, String str2, String str3, boolean z, boolean z2, String str4, String str5, String str6, boolean z3, String str7, String str8, String str9) {
        this.IaCServiceEndpoint = str;
        if (this.uIValidation.validateScanName(str2).isValid()) {
            this.scanName = str2;
        } else {
            this.scanName = "";
        }
        if (this.uIValidation.validateFolderPaths(str3, Jenkins.get().getRootDir().getPath() + File.separator + "workspace" + File.separator + str9).isValid()) {
            this.scanDirectories = str3.replaceAll("\\.{2,}", "").replaceAll("[\\/]+", UIValidation.FORWARD_SLASH_CHARACTER).replaceAll("[\\\\]+", "\\\\");
        } else {
            this.scanDirectories = "";
        }
        this.isFailedResultsOnly = z;
        this.buildFailureSettings = z2;
        if (this.uIValidation.validateNumber(str4, 0, Integer.MAX_VALUE).isValid()) {
            this.high = str4;
        } else {
            this.high = "0";
        }
        if (this.uIValidation.validateNumber(str5, 0, Integer.MAX_VALUE).isValid()) {
            this.medium = str5;
        } else {
            this.medium = "0";
        }
        if (this.uIValidation.validateNumber(str6, 0, Integer.MAX_VALUE).isValid()) {
            this.low = str6;
        } else {
            this.low = "0";
        }
        this.timeoutSettings = z3;
        if (this.uIValidation.validateNumber(str7, 10, Integer.MAX_VALUE).isValid()) {
            this.scanResultInterval = str7;
        } else {
            this.scanResultInterval = QualysConstants.DEFAULT_SCAN_RESULTS_INTERVAL;
        }
        if (this.uIValidation.validateNumber(str8, 10, Integer.MAX_VALUE).isValid()) {
            this.totalJobCompletionTime = str8;
        } else {
            this.totalJobCompletionTime = QualysConstants.DEFAULT_JOB_COMPLETION_TIME;
        }
    }

    public TemplateScanBuilder() {
    }

    public boolean getFailedResultsOnly() {
        return this.isFailedResultsOnly;
    }

    public String getFormattedScanName() {
        return StringUtils.isEmpty(this.scanName.trim()) ? "jenkins_" + getSelectedIaCServiceEndpoint().getQualysUserName() + "_" + Instant.now().getEpochSecond() : this.scanName;
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m3getDescriptor() {
        return super.getDescriptor();
    }

    public QualysApiConfiguration getSelectedIaCServiceEndpoint() {
        for (QualysApiConfiguration qualysApiConfiguration : m3getDescriptor().getIaCServiceEndpoints()) {
            if (getIaCServiceEndpoint() != null && getIaCServiceEndpoint().equals(qualysApiConfiguration.getName())) {
                return qualysApiConfiguration;
            }
        }
        if (m3getDescriptor().getIaCServiceEndpoints().length > 0) {
            return m3getDescriptor().getIaCServiceEndpoints()[0];
        }
        return null;
    }

    @SuppressFBWarnings({"DM_EXIT", "NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE", "RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE", "DLS_DEAD_LOCAL_STORE", "DM_STRING_VOID_CTOR"})
    public void perform(@NonNull Run<?, ?> run, @NonNull FilePath filePath, @NonNull EnvVars envVars, @NonNull Launcher launcher, @NonNull TaskListener taskListener) {
        taskListener.getLogger().println("Qualys IaC Scan Started");
        QualysApiConfiguration selectedIaCServiceEndpoint = getSelectedIaCServiceEndpoint();
        taskListener.getLogger().println("Configuration name : " + selectedIaCServiceEndpoint.getName());
        taskListener.getLogger().println("Qualys Platform URL : " + selectedIaCServiceEndpoint.getQualysPlatformURL());
        taskListener.getLogger().println("Qualys Username : " + selectedIaCServiceEndpoint.getQualysUserName());
        taskListener.getLogger().println("Scan Name : " + getFormattedScanName());
        taskListener.getLogger().println("Directory Path : " + getScanDirectories());
        taskListener.getLogger().println("Failed Results only : " + getFailedResultsOnly());
        taskListener.getLogger().println(MessageFormat.format("Build Failure Conditions High={0}, Medium={1}, Low={2}", getHigh(), getMedium(), getLow()));
        taskListener.getLogger().println(MessageFormat.format("Timeout settings scanResultInterval={0}, jobCompletionTotalTime={1}", getScanResultInterval(), getTotalJobCompletionTime()));
        QualysServiceImpl qualysServiceImpl = new QualysServiceImpl();
        QualysBuildConfiguration qualysBuildConfiguration = new QualysBuildConfiguration(selectedIaCServiceEndpoint.getQualysPlatformURL(), selectedIaCServiceEndpoint.getQualysUserName(), selectedIaCServiceEndpoint.getQualysPassword().getPlainText(), getFailedResultsOnly(), StringUtils.isEmpty(getScanName()) ? getFormattedScanName() : getScanName(), getScanDirectories());
        Util util = Util.getInstance();
        String concatPath = util.concatPath(util.concatPath(Jenkins.get().getRootDir().getPath() + File.separator + "workspace", filePath.getName()), "");
        taskListener.getLogger().println(MessageFormat.format("Workspace directory : {0}", concatPath));
        if (qualysBuildConfiguration.isCredentialsBlank()) {
            throw new AbortException("Unable to launch Qualys IaC Scan due to platform  url, username or password is blank.");
        }
        if (!qualysServiceImpl.isUserAuthenticated(qualysBuildConfiguration)) {
            throw new AbortException("Unable to launch Qualys IaC Scan due to invalid platform  url, username or password.");
        }
        if (StringUtils.isBlank(getScanDirectories())) {
            throw new AbortException("Unable to launch Qualys IaC Scan due to scan directories are blank.");
        }
        Map<String, Object> postZip = qualysServiceImpl.postZip(concatPath, qualysBuildConfiguration);
        if (postZip.get(QualysConstants.HTTP_POST_FAILED) == null || Boolean.parseBoolean(postZip.get(QualysConstants.HTTP_POST_FAILED).toString())) {
            taskListener.getLogger().println(postZip.get(QualysConstants.HTTP_POST_FAILED_REASON).toString());
            throw new AbortException("Unable to post files for IaC Scan.");
        }
        String obj = postZip.get(QualysConstants.KEY_SCAN_UUID).toString();
        taskListener.getLogger().println("Qualys IaC Scan ID : " + obj);
        if (!StringUtils.isEmpty(obj)) {
            boolean z = false;
            Instant now = Instant.now();
            do {
                try {
                    String scanStatus = qualysServiceImpl.getScanStatus(obj, qualysBuildConfiguration);
                    if (StringUtils.isNotEmpty(scanStatus)) {
                        taskListener.getLogger().println(MessageFormat.format("Qualys scan status : {0}", scanStatus));
                        if (scanStatus.equalsIgnoreCase(FINAL_STATUS)) {
                            try {
                                FailedStats failedStats = new FailedStats(getHigh(), getMedium(), getLow());
                                String scanResult = qualysServiceImpl.getScanResult(obj, qualysBuildConfiguration);
                                String str = concatPath + ("ScanResult" + File.separator + ((String) envVars.get("BUILD_NUMBER")).toString() + File.separator + "Qualys_IaC_Scan_Reponse_" + ((String) envVars.get("BUILD_NUMBER")).toString() + ".json");
                                FileUtils.writeStringToFile(new File(str), scanResult, Charset.forName("UTF-8"));
                                taskListener.getLogger().println("Qualys IaC Scan Json Response saved  at location : " + str);
                                ScanResult mapScanResult = qualysServiceImpl.mapScanResult(scanResult, failedStats);
                                if (mapScanResult.getSummary() != null) {
                                    mapScanResult.setScanId(obj);
                                    mapScanResult.setScanName(qualysBuildConfiguration.getScanName());
                                    mapScanResult.setFailedResultsOnly(getFailedResultsOnly());
                                    mapScanResult.setAppliedBuildSetting(isBuildFailureSettings());
                                    mapScanResult.setQualysJsonResponse(scanResult);
                                    mapScanResult.setScanStatus(scanStatus);
                                    run.addAction(new ScanResultAction(taskListener, mapScanResult));
                                    if (isBuildFailureSettings()) {
                                        FailedStats failedStats2 = mapScanResult.getSummary().getFailedStats();
                                        z = qualysServiceImpl.checkBuildFailed(failedStats2, failedStats);
                                        taskListener.getLogger().println(MessageFormat.format("Scan result failed stats High={0}, Medium={1}, Low={2}", Integer.valueOf(failedStats2.getHigh()), Integer.valueOf(failedStats2.getMedium()), Integer.valueOf(failedStats2.getLow())));
                                    }
                                    taskListener.getLogger().println("Qualys IaC scan result mapping ended and IaC scan report generated.");
                                } else {
                                    taskListener.getLogger().println("The scan is FINISHED, but the scan result is empty. Check the scan configuration files.");
                                }
                            } catch (IOException | URISyntaxException e) {
                                Logger.getLogger(TemplateScanBuilder.class.getName()).log(Level.SEVERE, (String) null, e);
                            }
                            if (z) {
                                throw new AbortException("After comparing build failure settings IaC scan result causing build failure.");
                            }
                        } else if (scanStatus.equalsIgnoreCase(ERROR_STATUS)) {
                            throw new AbortException("Getting error after IaC scan");
                        }
                    }
                    Thread.sleep(1000 * Integer.parseInt(getScanResultInterval()));
                } catch (InterruptedException e2) {
                    Logger.getLogger(TemplateScanBuilder.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e2);
                }
            } while (Duration.between(now, Instant.now()).toMinutes() <= Integer.parseInt(getTotalJobCompletionTime()));
            throw new AbortException("Qualys IaC scan taking more than " + getTotalJobCompletionTime() + " minutes, so ignoring IaC Scan report.");
        }
    }

    public void setIaCServiceEndpoint(String str) {
        this.IaCServiceEndpoint = str;
    }

    public String getIaCServiceEndpoint() {
        return this.IaCServiceEndpoint;
    }

    public void setScanName(String str) {
        this.scanName = str;
    }

    public String getScanName() {
        return this.scanName;
    }

    public void setScanDirectories(String str) {
        this.scanDirectories = str;
    }

    public String getScanDirectories() {
        return this.scanDirectories;
    }

    public void setFailedResultsOnly(boolean z) {
        this.isFailedResultsOnly = z;
    }

    public void setBuildFailureSettings(boolean z) {
        this.buildFailureSettings = z;
    }

    public boolean isBuildFailureSettings() {
        return this.buildFailureSettings;
    }

    public void setHigh(String str) {
        this.high = str;
    }

    public String getHigh() {
        return this.high;
    }

    public void setMedium(String str) {
        this.medium = str;
    }

    public String getMedium() {
        return this.medium;
    }

    public void setLow(String str) {
        this.low = str;
    }

    public String getLow() {
        return this.low;
    }

    public void setTimeoutSettings(boolean z) {
        this.timeoutSettings = z;
    }

    public boolean isTimeoutSettings() {
        return this.timeoutSettings;
    }

    public void setScanResultInterval(String str) {
        this.scanResultInterval = str;
    }

    public String getScanResultInterval() {
        return this.scanResultInterval;
    }

    public void setTotalJobCompletionTime(String str) {
        this.totalJobCompletionTime = str;
    }

    public String getTotalJobCompletionTime() {
        return this.totalJobCompletionTime;
    }

    public void setJobName(String str) {
        this.jobName = str;
    }

    public String getJobName() {
        return this.jobName;
    }
}
