package com.qualys.plugins.containerSecurity;

import com.qualys.plugins.common.QualysAuth.QualysAuth;
import com.qualys.plugins.common.QualysClient.QualysCSClient;
import com.qualys.plugins.common.QualysCriteria.QualysCriteria;
import com.qualys.plugins.containerSecurity.model.ProxyConfiguration;
import com.qualys.plugins.containerSecurity.report.ReportAction;
import com.qualys.plugins.containerSecurity.util.Helper;
import com.qualys.plugins.containerSecurity.webhook.Webhook;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.model.Run;
import hudson.model.TaskListener;
import java.io.PrintStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.Future;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import qshaded.com.google.gson.Gson;
import qshaded.com.google.gson.JsonArray;
import qshaded.com.google.gson.JsonElement;
import qshaded.com.google.gson.JsonObject;

/* loaded from: input_file:com/qualys/plugins/containerSecurity/GetImageVulns.class */
public class GetImageVulns {
    private Run<?, ?> run;
    private TaskListener listener;
    private PrintStream buildLogger;
    private QualysCSClient qualysClient;
    private int pollingIntervalForVulns;
    private int vulnsTimeout;
    private boolean isFailConditionsConfigured;
    private String webhookUrl;
    private ProxyConfiguration proxyConfiguration;
    private JsonObject criteria;
    private QualysAuth auth;
    private boolean buildSuccess = true;
    private static final Logger logger = Logger.getLogger(GetImageVulns.class.getName());

    public GetImageVulns(QualysCSClient qualysCSClient, QualysAuth qualysAuth, Run<?, ?> run, TaskListener taskListener, int i, int i2, String str, JsonObject jsonObject, boolean z, ProxyConfiguration proxyConfiguration) {
        this.run = run;
        this.listener = taskListener;
        this.buildLogger = taskListener.getLogger();
        this.pollingIntervalForVulns = i;
        this.vulnsTimeout = i2;
        this.qualysClient = qualysCSClient;
        this.auth = qualysAuth;
        this.criteria = jsonObject;
        this.isFailConditionsConfigured = z;
        this.webhookUrl = str;
        this.proxyConfiguration = proxyConfiguration;
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x016c, code lost:
    
        r0 = (java.util.concurrent.ThreadPoolExecutor) java.util.concurrent.Executors.newFixedThreadPool(r15.size());
        r0 = new java.util.HashMap();
        r0 = r15.keySet().iterator();
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x0193, code lost:
    
        if (r0.hasNext() == false) goto L51;
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x0196, code lost:
    
        r0 = r0.next();
        r0.put(r0, r0.submit(new com.qualys.plugins.containerSecurity.GetImageVulnsCallable(r16, r0, r14.qualysClient, r14.listener, r14.pollingIntervalForVulns, r14.vulnsTimeout, r14.run.getArtifactsDir().getAbsolutePath(), r14.isFailConditionsConfigured, r14.auth)));
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x01e4, code lost:
    
        r0.shutdown();
        processResult(r15, r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x01f0, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void getAndProcessDockerImagesScanResult(java.util.HashMap<java.lang.String, java.lang.String> r15, long r16) throws hudson.AbortException, com.qualys.plugins.containerSecurity.QualysEvaluationException {
        /*
            Method dump skipped, instructions count: 497
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.qualys.plugins.containerSecurity.GetImageVulns.getAndProcessDockerImagesScanResult(java.util.HashMap, long):void");
    }

    public void processResult(HashMap<String, String> hashMap, Map<String, Future<String>> map) throws AbortException, QualysEvaluationException {
        ArrayList arrayList = new ArrayList();
        JsonArray jsonArray = new JsonArray();
        JsonObject jsonObject = new JsonObject();
        JsonObject jsonObject2 = new JsonObject();
        boolean z = false;
        ArrayList arrayList2 = new ArrayList();
        Iterator<Map.Entry<String, String>> it = hashMap.entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            String str = null;
            try {
                str = map.get(key).get();
            } catch (Exception e) {
                if (this.isFailConditionsConfigured) {
                    arrayList2.add(e.getMessage());
                }
            }
            if (str != null && !str.isEmpty()) {
                try {
                    Gson gson = new Gson();
                    String json = gson.toJson(this.criteria);
                    this.buildLogger.println("Criteria object: " + json);
                    String str2 = str;
                    if (!str2.isEmpty()) {
                        z = true;
                        JsonObject jsonObject3 = (JsonObject) gson.fromJson(str2, JsonObject.class);
                        if (jsonObject3.has("sha")) {
                            jsonObject2.addProperty(key, jsonObject3.get("sha").getAsString());
                        }
                        QualysCriteria qualysCriteria = new QualysCriteria(json);
                        this.buildSuccess = qualysCriteria.evaluate((JsonObject) gson.fromJson(str, JsonObject.class)).booleanValue();
                        JsonObject result = qualysCriteria.getResult();
                        jsonObject.add(key, result);
                        jsonArray.add(getTrendingForImage(key, result));
                        if (!this.buildSuccess) {
                            arrayList.add(getBuildFailureMessages(key, result));
                        }
                        if (result.getAsJsonObject("qids") != null || result.getAsJsonObject("cveIds") != null) {
                            JsonObject asJsonObject = result.getAsJsonObject("qids");
                            if (asJsonObject.get("excluded") != null && !asJsonObject.get("excluded").isJsonNull() && !StringUtils.isEmpty(asJsonObject.get("excluded").getAsString())) {
                                this.buildLogger.println("Excluded QIDs while evaluating image <" + key + "> : " + asJsonObject.get("excluded").getAsString());
                            }
                            JsonObject asJsonObject2 = result.getAsJsonObject("cveIds");
                            if (asJsonObject2.get("excluded") != null && !asJsonObject2.get("excluded").isJsonNull() && !StringUtils.isEmpty(asJsonObject2.get("excluded").getAsString())) {
                                this.buildLogger.println("Excluded CVE IDs while evaluating image <" + key + "> : " + asJsonObject2.get("excluded").getAsString());
                            }
                        }
                    }
                } catch (Exception e2) {
                    e2.printStackTrace();
                    this.buildLogger.println("Error while processing/evaluating scan result. Error: " + e2.getMessage());
                }
            }
        }
        if (!z && !arrayList2.isEmpty()) {
            throw new AbortException((String) arrayList2.stream().collect(Collectors.joining("\n")));
        }
        JsonObject jsonObject4 = new JsonObject();
        jsonObject4.add("scanResult", jsonObject);
        jsonObject4.add("trendingData", jsonArray);
        Helper.createNewFile(this.run.getArtifactsDir().getAbsolutePath(), "qualys_images_summary", jsonObject4.toString(), this.buildLogger);
        try {
            Helper.createZip(this.run.getArtifactsDir().getAbsolutePath() + "/qualys_plugin_scanResult-" + ((String) this.run.getEnvironment(this.listener).get("BUILD_NUMBER")) + ".zip", this.run.getArtifactsDir().getAbsolutePath(), this.buildLogger);
        } catch (RuntimeException e3) {
            e3.printStackTrace();
            this.buildLogger.println("Failed to create zip file. Exception: " + e3.getMessage());
        } catch (Exception e4) {
            e4.printStackTrace();
            this.buildLogger.println("Failed to create zip file. Exception: " + e4.getMessage());
        }
        try {
            for (Map.Entry<String, String> entry : hashMap.entrySet()) {
                String key2 = entry.getKey();
                String value = entry.getValue();
                String asString = jsonObject2.has(key2) ? jsonObject2.get(key2).getAsString() : key2;
                if (jsonObject.has(key2)) {
                    this.run.addAction(new ReportAction(key2, this.run, this.buildLogger, value, this.auth.getPortalURL(), asString));
                }
            }
        } catch (Exception e5) {
            e5.printStackTrace();
            this.buildLogger.println("Failed to create Qualys Report links. Exception: " + e5.getMessage());
        }
        try {
            if (this.webhookUrl != null && !StringUtils.isEmpty(this.webhookUrl)) {
                postWebhookData(hashMap.keySet(), jsonObject);
            }
        } catch (Exception e6) {
            e6.printStackTrace();
            this.buildLogger.println("Failed to post data to webhook. Exception: " + e6.getMessage());
        }
        this.buildLogger.println("Qualys Container Scanning Connector - finished.");
        if (!arrayList2.isEmpty()) {
            arrayList.addAll(arrayList2);
        }
        if (!arrayList.isEmpty()) {
            throw new QualysEvaluationException((String) arrayList.stream().collect(Collectors.joining("\n")));
        }
    }

    public JsonObject getTrendingForImage(String str, JsonObject jsonObject) {
        JsonObject jsonObject2 = new JsonObject();
        jsonObject2.addProperty("imageId", str);
        JsonArray jsonArray = new JsonArray();
        JsonObject asJsonObject = jsonObject.get("confirmedVulnsBySev").getAsJsonObject();
        for (int i = 1; i <= 5; i++) {
            jsonArray.add(asJsonObject.get(String.valueOf(i)));
        }
        jsonObject2.add("confirmedVulns", jsonArray);
        JsonArray jsonArray2 = new JsonArray();
        JsonElement jsonElement = jsonObject.getAsJsonObject("imageSummary").get("repo");
        if (jsonElement != null && !jsonElement.isJsonNull()) {
            JsonArray asJsonArray = jsonElement.getAsJsonArray();
            for (int i2 = 0; i2 < asJsonArray.size(); i2++) {
                JsonElement jsonElement2 = asJsonArray.get(i2).getAsJsonObject().get("repository");
                if (jsonElement2 != null && !jsonElement2.isJsonNull()) {
                    jsonArray2.add(jsonElement2.getAsString());
                }
            }
        }
        jsonObject2.add("repos", jsonArray2);
        return jsonObject2;
    }

    public void postWebhookData(Set<String> set, JsonObject jsonObject) {
        String str = "";
        String str2 = "";
        String str3 = "";
        try {
            EnvVars environment = this.run.getEnvironment(this.listener);
            str = (String) environment.get("BUILD_NUMBER");
            str2 = (String) environment.get("JOB_NAME");
            str3 = (String) environment.get("JOB_URL");
        } catch (RuntimeException e) {
            this.buildLogger.println("Failed to fetch build number from environment variables");
        } catch (Exception e2) {
            this.buildLogger.println("Failed to fetch build number from environment variables");
        }
        JsonObject jsonObject2 = new JsonObject();
        jsonObject2.addProperty("buildNumber", str);
        jsonObject2.addProperty("jobName", str2);
        jsonObject2.addProperty("jobUrl", str3);
        jsonObject2.addProperty("buildStatus", this.buildSuccess ? "Success" : "Failed");
        Gson gson = new Gson();
        JsonArray jsonArray = new JsonArray();
        JsonArray jsonArray2 = new JsonArray();
        for (String str4 : set) {
            jsonArray2.add(makeFailReasonObject(str4, jsonObject));
            jsonArray.add(makeWebhookDataObject(str4, jsonObject));
        }
        if (!this.buildSuccess) {
            jsonObject2.add("failReason", gson.toJsonTree(jsonArray2));
        }
        jsonObject2.add("images", jsonArray);
        if (jsonObject2.isJsonNull() || this.webhookUrl == null || StringUtils.isEmpty(this.webhookUrl)) {
            return;
        }
        new Webhook(this.webhookUrl, gson.toJson(jsonObject2), this.buildLogger, this.proxyConfiguration).post();
    }

    public JsonObject makeFailReasonObject(String str, JsonObject jsonObject) {
        JsonObject jsonObject2 = new JsonObject();
        jsonObject2.addProperty("imageId", str);
        try {
            JsonObject asJsonObject = jsonObject.getAsJsonObject(str);
            JsonObject jsonObject3 = null;
            for (Map.Entry entry : asJsonObject.get("severities").getAsJsonObject().entrySet()) {
                JsonObject asJsonObject2 = ((JsonElement) entry.getValue()).getAsJsonObject();
                if (!asJsonObject2.get("result").getAsBoolean()) {
                    if (jsonObject3 == null) {
                        jsonObject3 = new JsonObject();
                    }
                    JsonObject jsonObject4 = new JsonObject();
                    jsonObject4.add("configured", asJsonObject2.get("configured"));
                    jsonObject4.add("found", asJsonObject2.get("found"));
                    jsonObject3.add((String) entry.getKey(), jsonObject4);
                }
            }
            if (jsonObject3 != null) {
                jsonObject2.add("severity", jsonObject3);
            }
            JsonObject asJsonObject3 = asJsonObject.get("qids").getAsJsonObject();
            JsonObject jsonObject5 = null;
            if (!asJsonObject3.get("result").getAsBoolean()) {
                jsonObject5 = new JsonObject();
                jsonObject5.add("configured", asJsonObject3.get("configured"));
                jsonObject5.add("found", asJsonObject3.get("found"));
            }
            if (jsonObject5 != null) {
                jsonObject2.add("qid", jsonObject5);
            }
            JsonObject asJsonObject4 = asJsonObject.get("cveIds").getAsJsonObject();
            JsonObject jsonObject6 = null;
            if (!asJsonObject4.get("result").getAsBoolean()) {
                jsonObject6 = new JsonObject();
                jsonObject6.add("configured", asJsonObject4.get("configured"));
                jsonObject6.add("found", asJsonObject4.get("found"));
            }
            if (jsonObject6 != null) {
                jsonObject2.add("cve", jsonObject6);
            }
            JsonObject asJsonObject5 = asJsonObject.get("cvss").getAsJsonObject();
            JsonObject jsonObject7 = null;
            if (!asJsonObject5.get("result").getAsBoolean()) {
                jsonObject7 = new JsonObject();
                jsonObject7.add("configured", asJsonObject5.get("configured"));
                jsonObject7.add("found", asJsonObject5.get("found"));
                if (asJsonObject5.has("version") && asJsonObject5.get("version").getAsString().equalsIgnoreCase("3")) {
                    jsonObject7.addProperty("version", 3);
                } else {
                    jsonObject7.addProperty("version", 2);
                }
            }
            if (jsonObject7 != null) {
                jsonObject2.add("cvss", jsonObject7);
            }
            JsonObject asJsonObject6 = asJsonObject.get("software").getAsJsonObject();
            JsonObject jsonObject8 = null;
            if (!asJsonObject6.get("result").getAsBoolean()) {
                jsonObject8 = new JsonObject();
                jsonObject8.add("configured", asJsonObject6.get("configured"));
                jsonObject8.add("found", asJsonObject6.get("found"));
            }
            if (jsonObject8 != null) {
                jsonObject2.add("software", jsonObject8);
            }
        } catch (RuntimeException e) {
            logger.info("Error while making webhook data : " + e.getMessage());
            e.printStackTrace();
        } catch (Exception e2) {
            logger.info("Error while making webhook data : " + e2.getMessage());
            e2.printStackTrace();
        }
        return jsonObject2;
    }

    public JsonObject makeWebhookDataObject(String str, JsonObject jsonObject) {
        JsonObject jsonObject2 = new JsonObject();
        try {
            JsonObject asJsonObject = jsonObject.getAsJsonObject(str);
            JsonObject asJsonObject2 = asJsonObject.getAsJsonObject("imageSummary");
            jsonObject2.addProperty("imageId", str);
            jsonObject2.add("uuid", asJsonObject2.get("uuid"));
            jsonObject2.add("sha", asJsonObject2.get("sha"));
            jsonObject2.add("size", asJsonObject2.get("size"));
            jsonObject2.add("repo", asJsonObject2.get("repo"));
            jsonObject2.add("operatingSystem", asJsonObject2.get("operatingSystem"));
            jsonObject2.add("layersCount", asJsonObject2.get("layersCount"));
            jsonObject2.add("dockerVersion", asJsonObject2.get("dockerVersion"));
            jsonObject2.add("architecture", asJsonObject2.get("architecture"));
            JsonObject jsonObject3 = new JsonObject();
            jsonObject3.add("totalVulnerabilities", asJsonObject.get("totalVulnerabilities"));
            jsonObject3.add("typeDetected", asJsonObject.get("typeDetected"));
            JsonObject jsonObject4 = new JsonObject();
            jsonObject4.add("Potential", asJsonObject.get("potentialVulnsBySev"));
            jsonObject4.add("Confirmed", asJsonObject.get("confirmedVulnsBySev"));
            jsonObject3.add("severity", jsonObject4);
            jsonObject3.add("patchable", asJsonObject.get("patchability"));
            jsonObject2.add("vulnerabilities", jsonObject3);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return jsonObject2;
    }

    private String getBuildFailureMessages(String str, JsonObject jsonObject) throws Exception {
        ArrayList arrayList = new ArrayList();
        if (jsonObject.has("qids") && jsonObject.get("qids") != null && !jsonObject.get("qids").isJsonNull()) {
            JsonObject asJsonObject = jsonObject.get("qids").getAsJsonObject();
            if (!asJsonObject.get("result").getAsBoolean()) {
                arrayList.add("QIDs configured in Failure Conditions were found in the scan result of image " + str + " : " + asJsonObject.get("found").getAsString());
            }
        }
        if (jsonObject.has("cveIds") && jsonObject.get("cveIds") != null && !jsonObject.get("cveIds").isJsonNull()) {
            JsonObject asJsonObject2 = jsonObject.get("cveIds").getAsJsonObject();
            if (!asJsonObject2.get("result").getAsBoolean()) {
                arrayList.add("CVE IDs configured in Failure Conditions were found in the scan result of image " + str + " : " + asJsonObject2.get("found").getAsString());
            }
        }
        if (jsonObject.has("software") && jsonObject.get("software") != null && !jsonObject.get("software").isJsonNull()) {
            JsonObject asJsonObject3 = jsonObject.get("software").getAsJsonObject();
            if (!asJsonObject3.get("result").getAsBoolean()) {
                arrayList.add("Softwares configured in Failure Conditions were found in the scan result of image " + str + " : " + asJsonObject3.get("found").getAsString());
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("\nConfigured : ");
        String str2 = "\nFound : ";
        boolean z = false;
        for (int i = 1; i <= 5; i++) {
            if (jsonObject.has("severities") && jsonObject.get("severities") != null && !jsonObject.get("severities").isJsonNull()) {
                JsonObject asJsonObject4 = jsonObject.get("severities").getAsJsonObject().get("" + i).getAsJsonObject();
                if (asJsonObject4.has("configured") && !asJsonObject4.get("configured").isJsonNull() && asJsonObject4.get("configured").getAsInt() != -1) {
                    str2 = str2 + "Severity " + i + ": " + (asJsonObject4.get("found").isJsonNull() ? 0 : asJsonObject4.get("found").getAsString()) + ";";
                    stringBuffer.append("Severity " + i + ">" + asJsonObject4.get("configured").getAsString() + ";");
                    if (!asJsonObject4.get("result").getAsBoolean()) {
                        z = true;
                    }
                }
            }
        }
        if (jsonObject.has("cvss") && jsonObject.get("cvss") != null && !jsonObject.get("cvss").isJsonNull()) {
            JsonObject asJsonObject5 = jsonObject.get("cvss").getAsJsonObject();
            if (!asJsonObject5.get("result").getAsBoolean()) {
                arrayList.add("CVSS Score configured in Failure Conditions were found in the scan result of image " + str + " : " + asJsonObject5.get("foundMap").getAsJsonObject().toString().replaceAll("[{}]", ""));
            }
        }
        if (z) {
            arrayList.add("The vulnerabilities count by severity for image id " + str + " exceeded one of the configured threshold value :" + stringBuffer.toString() + str2);
        }
        return StringUtils.join(arrayList, "\n");
    }
}
