package io.jenkins.plugins.oak9;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.domains.DomainRequirement;
import com.cloudbees.plugins.credentials.domains.URIRequirementBuilder;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Result;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import io.jenkins.plugins.oak9.model.ApiResponse;
import io.jenkins.plugins.oak9.model.DesignGap;
import io.jenkins.plugins.oak9.model.ValidationResult;
import io.jenkins.plugins.oak9.model.Violation;
import io.jenkins.plugins.oak9.utils.ArtifactGenerator;
import io.jenkins.plugins.oak9.utils.DesignGapCounter;
import io.jenkins.plugins.oak9.utils.IacExtensionFilter;
import io.jenkins.plugins.oak9.utils.Oak9ApiClient;
import io.jenkins.plugins.oak9.utils.Severity;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.servlet.ServletException;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildStep;
import okhttp3.OkHttpClient;
import org.apache.commons.lang.WordUtils;
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
import org.jetbrains.annotations.NotNull;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;

/* loaded from: input_file:io/jenkins/plugins/oak9/Oak9Builder.class */
public class Oak9Builder extends Builder implements SimpleBuildStep {
    private String orgId;
    private String projectId;
    private String credentialsId;
    private int maxSeverity;
    private String baseUrl;
    private int pollingTimeoutSeconds;
    private static final int defaultPollingTimeoutSeconds = 30;

    @Extension
    /* loaded from: input_file:io/jenkins/plugins/oak9/Oak9Builder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        public FormValidation doCheckOrgId(@QueryParameter String str) throws IOException, ServletException {
            return str.length() == 0 ? FormValidation.error(Messages.Oak9Builder_DescriptorImpl_errors_missingOrgId()) : FormValidation.ok();
        }

        public FormValidation doCheckBaseUrl(@QueryParameter String str) throws IOException, ServletException {
            return str.length() == 0 ? FormValidation.error(Messages.Oak9Builder_DescriptorImpl_errors_missingBaseUrl()) : FormValidation.ok();
        }

        public FormValidation doCheckProjectId(@QueryParameter String str) throws IOException, ServletException {
            return str.length() == 0 ? FormValidation.error(Messages.Oak9Builder_DescriptorImpl_errors_missingProjectId()) : FormValidation.ok();
        }

        public FormValidation doCheckCredentialsId(@QueryParameter String str) throws IOException, ServletException {
            return str.length() == 0 ? FormValidation.error(Messages.Oak9Builder_DescriptorImpl_errors_missingKey()) : FormValidation.ok();
        }

        @POST
        public ListBoxModel doFillMaxSeverityItems() {
            LinkedList<Map.Entry> linkedList = new LinkedList(Severity.getSeverities().entrySet());
            Collections.sort(linkedList, (entry, entry2) -> {
                return ((Integer) entry2.getValue()).compareTo((Integer) entry.getValue());
            });
            ListBoxModel listBoxModel = new ListBoxModel();
            for (Map.Entry entry3 : linkedList) {
                listBoxModel.add(WordUtils.capitalize((String) entry3.getKey()), ((Integer) entry3.getValue()).toString());
            }
            return listBoxModel;
        }

        @POST
        public ListBoxModel doFillCredentialsIdItems(@QueryParameter String str, @QueryParameter String str2) {
            Jenkins jenkins = Jenkins.get();
            return !jenkins.hasPermission(Jenkins.ADMINISTER) ? new StandardListBoxModel().includeCurrentValue(str2) : new StandardListBoxModel().includeEmptyValue().includeMatchingAs(ACL.SYSTEM, jenkins, StandardCredentials.class, URIRequirementBuilder.fromUri(str).build(), CredentialsMatchers.always());
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        @NotNull
        public String getDisplayName() {
            return Messages.Oak9Builder_DescriptorImpl_DisplayName();
        }

        public String defaultBaseUrl() {
            return "https://api.oak9.io/integrations";
        }
    }

    @DataBoundConstructor
    public Oak9Builder(String str, String str2, String str3, int i, String str4, int i2) {
        this.orgId = str;
        this.projectId = str2;
        this.credentialsId = str3;
        this.maxSeverity = i;
        this.baseUrl = str4;
        this.pollingTimeoutSeconds = i2;
    }

    @DataBoundSetter
    public void setOrgId(String str) {
        this.orgId = str;
    }

    @DataBoundSetter
    public void setProjectId(String str) {
        this.projectId = str;
    }

    @DataBoundSetter
    public void setCredentialsId(String str) {
        this.credentialsId = str;
    }

    @DataBoundSetter
    public void setMaxSeverity(int i) {
        this.maxSeverity = i;
    }

    @DataBoundSetter
    public void setBaseUrl(String str) {
        this.baseUrl = str;
    }

    @DataBoundSetter
    public void setPollingTimeoutSeconds(int i) {
        this.pollingTimeoutSeconds = i;
    }

    public String getBaseUrl() {
        return this.baseUrl == null ? "https://api.oak9.io/integrations" : this.baseUrl;
    }

    public String getOrgId() {
        return this.orgId;
    }

    public String getProjectId() {
        return this.projectId;
    }

    public String getCredentialsId() {
        return this.credentialsId;
    }

    public int getMaxSeverity() {
        return this.maxSeverity;
    }

    public int getPollingTimeoutSeconds() {
        return this.pollingTimeoutSeconds <= 0 ? defaultPollingTimeoutSeconds : this.pollingTimeoutSeconds;
    }

    public Oak9ApiClient generateHttpClient(Run<?, ?> run, TaskListener taskListener) {
        return new Oak9ApiClient(getBaseUrl(), getCredentials(run, getCredentialsId()).getSecret().getPlainText(), this.orgId, this.projectId, getPollingTimeoutSeconds(), taskListener, new OkHttpClient.Builder().connectTimeout(5L, TimeUnit.SECONDS).readTimeout(30L, TimeUnit.SECONDS).build());
    }

    public void perform(@NonNull Run<?, ?> run, @NonNull FilePath filePath, @NonNull EnvVars envVars, @NonNull Launcher launcher, @NonNull TaskListener taskListener) throws IOException, InterruptedException {
        String str = "oak9-" + (System.currentTimeMillis() / 1000) + ".zip";
        taskListener.getLogger().println("Packaging IaC files for oak9...\n");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        filePath.zip(byteArrayOutputStream, new IacExtensionFilter());
        if (byteArrayOutputStream.size() == 0) {
            taskListener.error("Unable to generate zip file: " + str + ". Aborting.\n");
            run.setResult(Result.FAILURE);
            throw new IOException("Unable to generate zip file: " + str);
        }
        taskListener.getLogger().println("Zip file generated with size: " + byteArrayOutputStream.size() + "\n");
        taskListener.getLogger().print("Sending IaC files to oak9...\n");
        Oak9ApiClient generateHttpClient = generateHttpClient(run, taskListener);
        try {
            ValidationResult postFileValidation = generateHttpClient.postFileValidation(str, byteArrayOutputStream);
            if (!postFileValidation.getStatus().toLowerCase().equals("queued") && !postFileValidation.getStatus().toLowerCase().equals("completed")) {
                String str2 = "Unexpected status: " + postFileValidation.getStatus() + " from oak9 API";
                taskListener.error(str2);
                run.setResult(Result.FAILURE);
                throw new IOException(str2);
            }
            taskListener.getLogger().print("Files in status: " + postFileValidation.getStatus() + " with requestId: " + postFileValidation.getRequestId() + "\n");
            taskListener.getLogger().print("Waiting for oak9 analysis for Request ID " + postFileValidation.getRequestId() + "...\n");
            try {
                ApiResponse pollStatus = generateHttpClient.pollStatus(postFileValidation);
                ValidationResult result = pollStatus.getResult();
                taskListener.getLogger().print("Analyzing oak9 scan results for Request ID " + result.getRequestId() + "...\n");
                if (this.maxSeverity == 0) {
                    taskListener.getLogger().println("Severity set to `" + Severity.getTextForSeverityLevel(this.maxSeverity) + "`, oak9 Runner will always succeed\n");
                } else {
                    taskListener.getLogger().println("Scanning Design Gaps for severity `" + Severity.getTextForSeverityLevel(this.maxSeverity) + "` or higher...\n");
                }
                DesignGapCounter designGapCounter = new DesignGapCounter();
                if (result.getDesignGaps().size() > 0) {
                    Iterator<DesignGap> it = result.getDesignGaps().iterator();
                    while (it.hasNext()) {
                        int i = 0;
                        for (Violation violation : it.next().getViolations()) {
                            try {
                                int integerForSeverityText = Severity.getIntegerForSeverityText(violation.getSeverity().toLowerCase());
                                if (integerForSeverityText > i) {
                                    i = integerForSeverityText;
                                }
                                if (Severity.exceedsSeverity(this.maxSeverity, violation.getSeverity())) {
                                    run.setResult(Result.FAILURE);
                                }
                            } catch (Exception e) {
                                taskListener.error(e.getMessage());
                                throw new IOException("Error getting violation severity for value " + violation.getSeverity(), e);
                            }
                        }
                        if (i > 0) {
                            designGapCounter.trackDesignGapCounts(i);
                        }
                    }
                    taskListener.getLogger().println("Writing Design Gaps to artifacts/design_gaps.xml\n");
                    try {
                        (filePath.isRemote() ? new FilePath(filePath.getChannel(), filePath.getRemote() + "/artifacts/design_gaps.xml") : new FilePath(new File(filePath.getRemote() + "/artifacts/design_gaps.xml"))).write(ArtifactGenerator.generateDesignGapXmlDocument(result.getDesignGaps()), "utf-8");
                    } catch (Exception e2) {
                        taskListener.error(e2.getMessage());
                        throw new IOException("Error generating design gap document", e2);
                    }
                }
                String str3 = "Design Gap(s) found: Critical " + designGapCounter.getCountForSeverity("critical") + "; High " + designGapCounter.getCountForSeverity("high") + "; Moderate " + designGapCounter.getCountForSeverity("moderate") + "; Low " + designGapCounter.getCountForSeverity("low");
                if (run.getResult() == Result.FAILURE) {
                    taskListener.error("Design Gap(s) found at severity `" + Severity.getTextForSeverityLevel(this.maxSeverity) + "` or higher.");
                    taskListener.error(str3);
                    taskListener.getLogger().println("For more details, browse to " + pollStatus.getResultsUrl() + "\n");
                    taskListener.getLogger().println("oak9 Runner Failed. Stopping Build Progress.\n");
                    return;
                }
                run.setResult(Result.SUCCESS);
                if (this.maxSeverity > 0) {
                    taskListener.getLogger().println("No Design Gap(s) found at severity `" + Severity.getTextForSeverityLevel(this.maxSeverity) + "` or higher.");
                }
                taskListener.getLogger().println(str3);
                taskListener.getLogger().println("For more details, browse to " + pollStatus.getResultsUrl() + "\n");
                taskListener.getLogger().println("oak9 Runner Passed\n");
            } catch (Exception e3) {
                taskListener.error(e3.getMessage());
                run.setResult(Result.FAILURE);
                throw new IOException("Error checking analysis status", e3);
            }
        } catch (Exception e4) {
            taskListener.error(e4.getMessage());
            run.setResult(Result.FAILURE);
            throw new IOException("Error sending files for analysis", e4);
        }
    }

    private static StringCredentials getCredentials(Run<?, ?> run, String str) {
        return CredentialsProvider.findCredentialById(str, StringCredentials.class, run, new DomainRequirement[0]);
    }
}
