package com.anchore.jenkins.plugins.anchore;

import com.anchore.jenkins.plugins.anchore.Util;
import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.google.common.base.Strings;
import hudson.AbortException;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Descriptor;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import hudson.util.Secret;
import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildStep;
import net.sf.json.JSONObject;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:com/anchore/jenkins/plugins/anchore/AnchoreBuilder.class */
public class AnchoreBuilder extends Builder implements SimpleBuildStep {
    private static final Logger LOG = Logger.getLogger(AnchoreBuilder.class.getName());
    private String name;
    private List<Annotation> annotations;
    private String engineRetries = DescriptorImpl.DEFAULT_ENGINE_RETRIES;
    private String engineRetryInterval = DescriptorImpl.DEFAULT_ENGINE_RETRY_INTERVAL;
    private boolean bailOnFail = true;
    private boolean bailOnPluginFail = true;
    private String policyBundleId = "";
    private boolean autoSubscribeTagUpdates = true;
    private boolean forceAnalyze = false;
    private boolean excludeFromBaseImage = false;
    private String anchoreui = "";
    private String engineurl = "";
    private String engineCredentialsId = "";
    private String engineaccount = "";
    private boolean engineverify = false;
    private boolean isEngineverifyOverrride = false;

    @Extension
    @Symbol({"anchore"})
    /* loaded from: input_file:com/anchore/jenkins/plugins/anchore/AnchoreBuilder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        public static final String DEFAULT_NAME = "anchore_images";
        public static final String DEFAULT_ENGINE_RETRIES = "300";
        public static final String DEFAULT_ENGINE_RETRY_INTERVAL = "5";
        public static final boolean DEFAULT_BAIL_ON_FAIL = true;
        public static final boolean DEFAULT_BAIL_ON_PLUGIN_FAIL = true;
        public static final String DEFAULT_PLUGIN_MODE = "anchoreengine";
        public static final String DEFAULT_POLICY_BUNDLE_ID = "";
        public static final String EMPTY_STRING = "";
        public static final boolean DEFAULT_AUTOSUBSCRIBE_TAG_UPDATES = true;
        public static final boolean DEFAULT_FORCE_ANALYZE = false;
        public static final boolean DEFAULT_EXCLUDE_FROM_BASE_IMAGE = false;
        private boolean debug;
        private String anchoreui;
        private String engineurl;
        private String engineuser;
        private Secret enginepass;
        private String engineaccount;
        private boolean engineverify;

        @Deprecated
        private boolean enabled;

        public void setDebug(boolean z) {
            this.debug = z;
        }

        @Deprecated
        public void setEnabled(boolean z) {
            this.enabled = z;
        }

        public void setAnchoreui(String str) {
            this.anchoreui = str;
        }

        public void setEngineurl(String str) {
            this.engineurl = str;
        }

        public void setEngineuser(String str) {
            this.engineuser = str;
        }

        public void setEnginepass(Secret secret) {
            this.enginepass = secret;
        }

        public void setEngineaccount(String str) {
            this.engineaccount = str;
        }

        public void setEngineverify(boolean z) {
            this.engineverify = z;
        }

        public boolean getDebug() {
            return this.debug;
        }

        @Deprecated
        public boolean getEnabled() {
            return this.enabled;
        }

        public String getAnchoreui() {
            return this.anchoreui;
        }

        public String getEngineurl() {
            return this.engineurl;
        }

        public String getEngineuser() {
            return this.engineuser;
        }

        public Secret getEnginepass() {
            return this.enginepass;
        }

        public String getEngineaccount() {
            return this.engineaccount;
        }

        public boolean getEngineverify() {
            return this.engineverify;
        }

        public DescriptorImpl() {
            load();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return "Anchore Container Image Scanner";
        }

        public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            staplerRequest.bindJSON(this, jSONObject);
            save();
            return true;
        }

        public FormValidation doCheckName(@QueryParameter String str) {
            return !Strings.isNullOrEmpty(str) ? FormValidation.ok() : FormValidation.error("Please enter a valid file name");
        }

        public ListBoxModel doFillEngineCredentialsIdItems(@QueryParameter String str) {
            StandardListBoxModel standardListBoxModel = new StandardListBoxModel();
            return !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ? standardListBoxModel.includeCurrentValue(str) : standardListBoxModel.includeEmptyValue().includeMatchingAs(ACL.SYSTEM, Jenkins.getActiveInstance(), StandardUsernamePasswordCredentials.class, Collections.emptyList(), CredentialsMatchers.always());
        }
    }

    public String getName() {
        return this.name;
    }

    public String getEngineRetries() {
        return this.engineRetries;
    }

    public String getEngineRetryInterval() {
        return this.engineRetryInterval;
    }

    public boolean getBailOnFail() {
        return this.bailOnFail;
    }

    public boolean getBailOnPluginFail() {
        return this.bailOnPluginFail;
    }

    public String getPolicyBundleId() {
        return this.policyBundleId;
    }

    public List<Annotation> getAnnotations() {
        return this.annotations;
    }

    public boolean getAutoSubscribeTagUpdates() {
        return this.autoSubscribeTagUpdates;
    }

    public boolean getForceAnalyze() {
        return this.forceAnalyze;
    }

    public boolean getExcludeFromBaseImage() {
        return this.excludeFromBaseImage;
    }

    public String getAnchoreui() {
        return this.anchoreui;
    }

    public String getEngineurl() {
        return this.engineurl;
    }

    public String getEngineCredentialsId() {
        return this.engineCredentialsId;
    }

    public String getEngineaccount() {
        return this.engineaccount;
    }

    public boolean getEngineverify() {
        return this.engineverify;
    }

    @DataBoundSetter
    public void setEngineRetries(String str) {
        this.engineRetries = str;
    }

    @DataBoundSetter
    public void setEngineRetryInterval(String str) {
        this.engineRetryInterval = str;
    }

    @DataBoundSetter
    public void setBailOnFail(boolean z) {
        this.bailOnFail = z;
    }

    @DataBoundSetter
    public void setBailOnPluginFail(boolean z) {
        this.bailOnPluginFail = z;
    }

    @DataBoundSetter
    public void setPolicyBundleId(String str) {
        this.policyBundleId = str;
    }

    @DataBoundSetter
    public void setAnnotations(List<Annotation> list) {
        this.annotations = list;
    }

    @DataBoundSetter
    public void setAutoSubscribeTagUpdates(boolean z) {
        this.autoSubscribeTagUpdates = z;
    }

    @DataBoundSetter
    public void setForceAnalyze(boolean z) {
        this.forceAnalyze = z;
    }

    @DataBoundSetter
    public void setExcludeFromBaseImage(boolean z) {
        this.excludeFromBaseImage = z;
    }

    @DataBoundSetter
    public void setAnchoreui(String str) {
        this.anchoreui = str;
    }

    @DataBoundSetter
    public void setEngineurl(String str) {
        this.engineurl = str;
    }

    @DataBoundSetter
    public void setEngineCredentialsId(String str) {
        this.engineCredentialsId = str;
    }

    @DataBoundSetter
    public void setEngineaccount(String str) {
        this.engineaccount = str;
    }

    @DataBoundSetter
    public void setEngineverify(boolean z) {
        this.engineverify = z;
        this.isEngineverifyOverrride = true;
    }

    @DataBoundConstructor
    public AnchoreBuilder(String str) {
        this.name = str;
    }

    public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull Launcher launcher, @Nonnull TaskListener taskListener) throws InterruptedException, IOException {
        LOG.warning("Starting Anchore Container Image Scanner step, project: " + run.getParent().getDisplayName() + ", job: " + run.getNumber());
        BuildConfig buildConfig = null;
        BuildWorker buildWorker = null;
        DescriptorImpl m1getDescriptor = m1getDescriptor();
        ConsoleLog consoleLog = new ConsoleLog("AnchorePlugin", taskListener.getLogger(), m1getDescriptor.getDebug());
        try {
            try {
                String str = null;
                String str2 = null;
                if (!Strings.isNullOrEmpty(this.engineCredentialsId)) {
                    consoleLog.logDebug("Found build override for anchore-enterprise credentials. Processing Jenkins credential ID ");
                    try {
                        StandardUsernamePasswordCredentials findCredentialById = CredentialsProvider.findCredentialById(this.engineCredentialsId, StandardUsernamePasswordCredentials.class, run, Collections.emptyList());
                        if (null == findCredentialById) {
                            throw new AbortException("Cannot find Jenkins credentials by ID: '" + this.engineCredentialsId + "'. Ensure credentials are defined in Jenkins before using them");
                        }
                        str = findCredentialById.getUsername();
                        str2 = findCredentialById.getPassword().getPlainText();
                    } catch (AbortException e) {
                        throw e;
                    } catch (Exception e2) {
                        consoleLog.logError("Error looking up Jenkins credentials by ID: '" + this.engineCredentialsId + "'", e2);
                        throw new AbortException("Error looking up Jenkins credentials by ID: '" + this.engineCredentialsId);
                    }
                }
                String anchoreui = m1getDescriptor.getAnchoreui();
                BuildConfig buildConfig2 = new BuildConfig(this.name, this.engineRetries, this.engineRetryInterval, this.bailOnFail, this.bailOnPluginFail, this.policyBundleId, this.annotations, this.autoSubscribeTagUpdates, this.forceAnalyze, this.excludeFromBaseImage, m1getDescriptor.getDebug(), anchoreui, !Strings.isNullOrEmpty(this.engineurl) ? this.engineurl : m1getDescriptor.getEngineurl(), !Strings.isNullOrEmpty(str) ? str : m1getDescriptor.getEngineuser(), !Strings.isNullOrEmpty(str2) ? str2 : m1getDescriptor.getEnginepass().getPlainText(), !Strings.isNullOrEmpty(this.engineaccount) ? this.engineaccount : m1getDescriptor.getEngineaccount(), this.isEngineverifyOverrride ? this.engineverify : m1getDescriptor.getEngineverify());
                BuildWorker buildWorker2 = new BuildWorker(run, filePath, launcher, taskListener, buildConfig2);
                if (Strings.isNullOrEmpty(anchoreui)) {
                    consoleLog.logInfo("Anchore UI URL is not set. Links to Anchore UI will not be available");
                }
                if (!Strings.isNullOrEmpty(this.engineurl)) {
                    consoleLog.logInfo("Build override set for Anchore Engine URL");
                }
                if (!Strings.isNullOrEmpty(str) && !Strings.isNullOrEmpty(str2)) {
                    consoleLog.logInfo("Build override set for Anchore Engine credentials");
                }
                if (!Strings.isNullOrEmpty(this.engineaccount)) {
                    consoleLog.logInfo("Build override set for Anchore Engine account");
                }
                if (this.isEngineverifyOverrride) {
                    consoleLog.logInfo("Build override set for Anchore Engine verify SSL");
                }
                buildWorker2.runAnalyzer();
                Util.GATE_ACTION runGates = buildWorker2.runGates();
                try {
                    buildWorker2.runQueries();
                } catch (Exception e3) {
                    consoleLog.logWarn("Recording failure to execute Anchore queries and moving on with plugin operation", e3);
                }
                buildWorker2.setupBuildReports();
                if (null == runGates) {
                    consoleLog.logInfo("Marking Anchore Container Image Scanner step as successful, no final result");
                } else {
                    if (buildConfig2.getBailOnFail() && (Util.GATE_ACTION.STOP.equals(runGates) || Util.GATE_ACTION.FAIL.equals(runGates))) {
                        consoleLog.logWarn("Failing Anchore Container Image Scanner Plugin step due to final result " + runGates);
                        throw new AbortException("Failing Anchore Container Image Scanner Plugin step due to final result " + runGates);
                    }
                    consoleLog.logInfo("Marking Anchore Container Image Scanner step as successful, final result " + runGates);
                }
                if (null != buildWorker2) {
                    try {
                        buildWorker2.cleanup();
                    } catch (Exception e4) {
                        consoleLog.logDebug("Failed to cleanup after the plugin, ignoring the errors", e4);
                    }
                }
                consoleLog.logInfo("Completed Anchore Container Image Scanner step");
                LOG.warning("Completed Anchore Container Image Scanner step, project: " + run.getParent().getDisplayName() + ", job: " + run.getNumber());
            } catch (Exception e5) {
                if (0 != 0) {
                    throw e5;
                }
                if ((0 != 0 && buildConfig.getBailOnPluginFail()) || this.bailOnPluginFail) {
                    consoleLog.logError("Failing Anchore Container Image Scanner Plugin step due to errors in plugin execution", e5);
                    if (!(e5 instanceof AbortException)) {
                        throw new AbortException("Failing Anchore Container Image Scanner Plugin step due to errors in plugin execution");
                    }
                    throw e5;
                }
                consoleLog.logWarn("Marking Anchore Container Image Scanner step as successful despite errors in plugin execution");
                if (0 != 0) {
                    try {
                        buildWorker.cleanup();
                    } catch (Exception e6) {
                        consoleLog.logDebug("Failed to cleanup after the plugin, ignoring the errors", e6);
                    }
                }
                consoleLog.logInfo("Completed Anchore Container Image Scanner step");
                LOG.warning("Completed Anchore Container Image Scanner step, project: " + run.getParent().getDisplayName() + ", job: " + run.getNumber());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    buildWorker.cleanup();
                } catch (Exception e7) {
                    consoleLog.logDebug("Failed to cleanup after the plugin, ignoring the errors", e7);
                }
            }
            consoleLog.logInfo("Completed Anchore Container Image Scanner step");
            LOG.warning("Completed Anchore Container Image Scanner step, project: " + run.getParent().getDisplayName() + ", job: " + run.getNumber());
            throw th;
        }
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m1getDescriptor() {
        return super.getDescriptor();
    }
}
