package io.jenkins.plugins.portshift_vulnerability_scanner;

import hudson.FilePath;
import hudson.Launcher;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.util.ArgumentListBuilder;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.util.Arrays;
import java.util.UUID;
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:WEB-INF/lib/portshift-scanner.jar:io/jenkins/plugins/portshift_vulnerability_scanner/PortshiftVulnerabilityScanExecuter.class */
public class PortshiftVulnerabilityScanExecuter {
    public static final String EXEC_FILE_NAME = "securecn_deployment_cli";
    public static final String PRODUCTION_URL = "securecn.cisco.com";
    public static final String PASSWORD_MASK = "********";

    public static int execute(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, Boolean bool) {
        PrintStream logger = taskListener.getLogger();
        Object[] objArr = new Object[9];
        objArr[0] = str;
        objArr[1] = PASSWORD_MASK;
        objArr[2] = str3;
        objArr[3] = str4;
        objArr[4] = str5;
        objArr[5] = str8;
        objArr[6] = str6;
        objArr[7] = StringUtils.isEmpty(str7) ? null : PASSWORD_MASK;
        objArr[8] = bool;
        logger.println(String.format("Hello, parameters for SecureCN scanner:%nsecureCnAccessKey: %s%nsecretKey: %s%nimageName: %s%nurl: %s%nhighestSeverityAllowed: %s%nhighestSeverityAllowedDf: %s%ndockerRegistryUsername: %s%ndockerRegistryPassword: %s%npush local image: %s%n", objArr));
        try {
            int runScan = runScan(launcher, taskListener, str, str2, str3, str4, new ByteArrayOutputStream(), str5, str6, str7, str8, bool);
            if (runScan == 0) {
                taskListener.getLogger().println("Execution succeeded.");
            } else {
                taskListener.getLogger().println("Execution failed.");
            }
            return runScan;
        } catch (Exception e) {
            taskListener.getLogger().println("Execution failed: " + e.getMessage());
            taskListener.getLogger().println("Execution failed: " + Arrays.toString(e.getStackTrace()));
            return 4;
        }
    }

    private static int runScan(Launcher launcher, TaskListener taskListener, String str, String str2, String str3, String str4, ByteArrayOutputStream byteArrayOutputStream, String str5, String str6, String str7, String str8, Boolean bool) throws Exception {
        String downloadCliFile = downloadCliFile(taskListener, str4, launcher);
        try {
            int runPortshiftCli = runPortshiftCli(launcher, taskListener, str, str2, str3, str4, byteArrayOutputStream, str5, str6, str7, str8, bool, downloadCliFile);
            deleteCli(launcher, taskListener, downloadCliFile);
            return runPortshiftCli;
        } catch (Throwable th) {
            deleteCli(launcher, taskListener, downloadCliFile);
            throw th;
        }
    }

    private static int runPortshiftCli(Launcher launcher, TaskListener taskListener, String str, String str2, String str3, String str4, ByteArrayOutputStream byteArrayOutputStream, String str5, String str6, String str7, String str8, Boolean bool, String str9) throws IOException, InterruptedException {
        Launcher.ProcStarter launch = launcher.launch();
        ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
        argumentListBuilder.add(str9).add("run-vulnerability-scan").add("--access-key").add(str).add("--secret-key").add(str2, true).add("--image-name").add(str3);
        if (!StringUtils.isEmpty(str4)) {
            argumentListBuilder.add("--url").add(str4);
        }
        if (!StringUtils.isEmpty(str5)) {
            argumentListBuilder.add("--highest-severity-allowed").add(str5);
        }
        if (!StringUtils.isEmpty(str8)) {
            argumentListBuilder.add("--df-highest-severity-allowed").add(str8);
        }
        if (!StringUtils.isEmpty(str7) && !StringUtils.isEmpty(str6)) {
            argumentListBuilder.add("--username").add(str6).add("--password").add(str7, true);
        }
        if (BooleanUtils.isTrue(bool)) {
            argumentListBuilder.add("--local").add("--push-local");
        }
        launch.cmds(argumentListBuilder);
        launch.stdin((InputStream) null);
        launch.stdout(byteArrayOutputStream);
        launch.stderr(taskListener.getLogger());
        taskListener.getLogger().println("Vulnerability scan in progress...");
        int join = launch.masks(argumentListBuilder.toMaskArray()).join();
        taskListener.getLogger().println(byteArrayOutputStream.toString("UTF-8"));
        return join;
    }

    private static void runBasicCommand(Launcher launcher, TaskListener taskListener, String... strArr) throws Exception {
        Launcher.ProcStarter launch = launcher.launch();
        ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
        for (String str : strArr) {
            argumentListBuilder.add(str);
        }
        launch.cmds(argumentListBuilder);
        launch.stdin((InputStream) null);
        launch.stdout(taskListener.getLogger());
        launch.stderr(taskListener.getLogger());
        launch.cmds(argumentListBuilder);
        if (launch.join() != 0) {
            throw new Exception("error in command execution: " + Arrays.toString(strArr));
        }
    }

    private static void downloadExecutable(Launcher launcher, String str, String str2, TaskListener taskListener) throws Exception {
        runBasicCommand(launcher, taskListener, "wget", "-P", getTmpCliDirectory(str2), str);
    }

    private static void chmodCliExecutable(Launcher launcher, String str, TaskListener taskListener) throws Exception {
        runBasicCommand(launcher, taskListener, "chmod", "+x", str);
    }

    private static void deleteCli(Launcher launcher, TaskListener taskListener, String str) throws Exception {
        runBasicCommand(launcher, taskListener, "rm", "-rf", getTmpCliDirectory(str));
    }

    private static String getTmpCliDirectory(String str) {
        return str.replace(EXEC_FILE_NAME, "");
    }

    private static String downloadCliFile(TaskListener taskListener, String str, Launcher launcher) throws Exception {
        String cliPath = getCliPath(taskListener, launcher);
        try {
            String str2 = "https://" + (StringUtils.isEmpty(str) ? PRODUCTION_URL : str) + "/tools/cli/" + EXEC_FILE_NAME;
            taskListener.getLogger().println("download cli from: " + str2);
            downloadExecutable(launcher, str2, cliPath, taskListener);
            chmodCliExecutable(launcher, cliPath, taskListener);
            return cliPath;
        } catch (Exception e) {
            taskListener.getLogger().println("Exception: " + e.getMessage());
            throw e;
        }
    }

    private static String getCliPath(TaskListener taskListener, Launcher launcher) throws Exception {
        String str = "/tmp/" + UUID.randomUUID().toString() + "/";
        runBasicCommand(launcher, taskListener, "mkdir", str);
        return str + EXEC_FILE_NAME;
    }
}
