package com.sysdig.jenkins.plugins.sysdig;

import com.google.common.base.Strings;
import com.sysdig.jenkins.plugins.sysdig.AnchoreBuilder;
import com.sysdig.jenkins.plugins.sysdig.Util;
import hudson.AbortException;
import hudson.FilePath;
import hudson.Launcher;
import hudson.PluginWrapper;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.ArtifactArchiver;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:com/sysdig/jenkins/plugins/sysdig/BuildWorker.class */
public class BuildWorker {
    private static final Logger LOG = Logger.getLogger(BuildWorker.class.getName());
    private static final String ANCHORE_BINARY = "anchore";
    private static final String GATES_OUTPUT_PREFIX = "sysdig_secure_gates";
    private static final String CVE_LISTING_PREFIX = "sysdig_secure_security";
    private static final String QUERY_OUTPUT_PREFIX = "sysdig_secure_query_";
    private static final String JENKINS_DIR_NAME_PREFIX = "SysdigSecureReport.";
    private static final String JSON_FILE_EXTENSION = ".json";
    Run<?, ?> build;
    FilePath workspace;
    Launcher launcher;
    TaskListener listener;
    BuildConfig config;
    private ConsoleLog console;
    private boolean analyzed;
    private String buildId;
    private String jenkinsOutputDirName;
    private Map<String, String> queryOutputMap;
    private Map<String, String> input_image_dfile = new LinkedHashMap();
    private Map<String, String> input_image_imageDigest = new LinkedHashMap();
    private String gateOutputFileName;
    private Util.GATE_ACTION finalAction;
    private JSONObject gateSummary;
    private String cveListingFileName;
    private String anchoreWorkspaceDirName;
    private String anchoreImageFileName;
    private String anchorePolicyFileName;
    private String anchoreGlobalWhiteListFileName;
    private String anchoreBundleFileName;
    private String anchoreScriptsDirName;
    private List<String> anchoreInputImages;

    public BuildWorker(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener, BuildConfig buildConfig) throws AbortException {
        try {
            this.build = run;
            this.workspace = filePath;
            if (null == taskListener) {
                LOG.warning("Sysdig Secure Container Image Scanner plugin cannot initialize Jenkins task listener");
                throw new AbortException("Cannot initialize Jenkins task listener. Aborting step");
            }
            this.listener = taskListener;
            if (null == buildConfig) {
                LOG.warning("Sysdig Secure Container Image Scanner cannot find the required configuration");
                throw new AbortException("Configuration for the plugin is invalid. Configure the plugin under Manage Jenkins->Configure System->Sysdig Secure Configuration first. Add the Sysdig Secure Container Image Scanner step in your project and retry");
            }
            this.config = buildConfig;
            this.console = new ConsoleLog("AnchoreWorker", this.listener.getLogger(), this.config.getDebug());
            this.console.logDebug("Initializing build worker");
            this.launcher = filePath.createLauncher(taskListener);
            this.analyzed = false;
            printConfig();
            checkConfig();
            initializeJenkinsWorkspace();
            initializeAnchoreWorkspace();
            this.console.logDebug("Build worker initialized");
        } catch (Exception e) {
            try {
                try {
                    if (this.console != null) {
                        this.console.logError("Failed to initialize worker for plugin execution", e);
                    }
                    cleanJenkinsWorkspaceQuietly();
                    cleanAnchoreWorkspaceQuietly();
                    throw new AbortException("Failed to initialize worker for plugin execution, check logs for corrective action");
                } catch (Exception e2) {
                    throw new AbortException("Failed to initialize worker for plugin execution, check logs for corrective action");
                }
            } catch (Throwable th) {
                throw new AbortException("Failed to initialize worker for plugin execution, check logs for corrective action");
            }
        }
    }

    public void runAnalyzer() throws AbortException {
        if (this.config.getEnginemode().equals(AnchoreBuilder.DescriptorImpl.DEFAULT_PLUGIN_MODE)) {
            runAnalyzerEngine();
        } else {
            runAnalyzerLocal();
        }
    }

    private static CloseableHttpClient makeHttpClient(boolean z) {
        CloseableHttpClient closeableHttpClient = null;
        if (z) {
            closeableHttpClient = HttpClients.createDefault();
        } else {
            try {
                SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
                sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
                closeableHttpClient = HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(sSLContextBuilder.build(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)).build();
            } catch (Exception e) {
                System.out.println(e);
            }
        }
        return closeableHttpClient;
    }

    /* JADX WARN: Finally extract failed */
    private void runAnalyzerEngine() throws AbortException {
        String engineuser = this.config.getEngineuser();
        String enginepass = this.config.getEnginepass();
        boolean engineverify = this.config.getEngineverify();
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(engineuser, enginepass));
        HttpClientContext create = HttpClientContext.create();
        create.setCredentialsProvider(basicCredentialsProvider);
        try {
            for (Map.Entry<String, String> entry : this.input_image_dfile.entrySet()) {
                String key = entry.getKey();
                String value = entry.getValue();
                this.console.logInfo("Submitting " + key + " for analysis");
                CloseableHttpClient makeHttpClient = makeHttpClient(engineverify);
                Throwable th = null;
                try {
                    String str = this.config.getEngineurl().replaceAll("/+$", "") + "/images";
                    JSONObject jSONObject = new JSONObject();
                    jSONObject.put("tag", key);
                    if (null != value) {
                        jSONObject.put("dockerfile", value);
                    }
                    if (null != this.config.getAnnotations() && !this.config.getAnnotations().isEmpty()) {
                        JSONObject jSONObject2 = new JSONObject();
                        for (Annotation annotation : this.config.getAnnotations()) {
                            jSONObject2.put(annotation.getKey(), annotation.getValue());
                        }
                        jSONObject.put("annotations", jSONObject2);
                    }
                    String jSONObject3 = jSONObject.toString();
                    HttpPost httpPost = new HttpPost(str);
                    httpPost.addHeader("Content-Type", "application/json");
                    httpPost.setEntity(new StringEntity(jSONObject3));
                    this.console.logDebug("sysdig-secure-engine add image URL: " + str);
                    this.console.logDebug("sysdig-secure-engine add image payload: " + jSONObject3);
                    CloseableHttpResponse execute = makeHttpClient.execute(httpPost, create);
                    Throwable th2 = null;
                    try {
                        try {
                            if (execute.getStatusLine().getStatusCode() != 200) {
                                this.console.logError("sysdig-secure-engine add image failed. URL: " + str + ", status: " + execute.getStatusLine() + ", error: " + EntityUtils.toString(execute.getEntity()));
                                throw new AbortException("Failed to analyze " + key + " due to error adding image to sysdig-secure-engine. Check above logs for errors from sysdig-secure-engine");
                            }
                            String string = JSONObject.fromObject(JSONArray.fromObject(EntityUtils.toString(execute.getEntity())).get(0)).getString("imageDigest");
                            this.console.logInfo("Analysis request accepted, received image digest " + string);
                            this.input_image_imageDigest.put(key, string);
                            if (execute != null) {
                                if (0 != 0) {
                                    try {
                                        execute.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    execute.close();
                                }
                            }
                            if (makeHttpClient != null) {
                                if (0 != 0) {
                                    try {
                                        makeHttpClient.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    makeHttpClient.close();
                                }
                            }
                        } finally {
                        }
                    } finally {
                    }
                } catch (Throwable th5) {
                    if (makeHttpClient != null) {
                        if (0 != 0) {
                            try {
                                makeHttpClient.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            makeHttpClient.close();
                        }
                    }
                    throw th5;
                }
            }
            this.analyzed = true;
        } catch (AbortException e) {
            throw e;
        } catch (Exception e2) {
            this.console.logError("Failed to add image(s) to sysdig-secure-engine due to an unexpected error", e2);
            throw new AbortException("Failed to add image(s) to sysdig-secure-engine due to an unexpected error. Please refer to above logs for more information");
        }
    }

    private void runAnalyzerLocal() throws AbortException {
        try {
            this.console.logInfo("Running Sysdig Secure Analyzer");
            int executeAnchoreCommand = executeAnchoreCommand("analyze --skipgates --imagefile " + this.anchoreImageFileName, new String[0]);
            if (executeAnchoreCommand != 0) {
                this.console.logError("Sysdig Secure analyzer failed with return code " + executeAnchoreCommand + ", check output above for details");
                throw new AbortException("Sysdig Secure analyzer failed, check output above for details");
            }
            this.console.logDebug("Sysdig Secure analyzer completed successfully");
            this.analyzed = true;
        } catch (AbortException e) {
            throw e;
        } catch (Exception e2) {
            this.console.logError("Failed to run Sysdig Secure analyzer due to an unexpected error", e2);
            throw new AbortException("Failed to run Sysdig Secure analyzer due to an unexpected error. Please refer to above logs for more information");
        }
    }

    private void doAnchoreioLogin() throws AbortException {
        try {
            if (executeCommand("docker exec " + this.config.getContainerId() + " /bin/bash -c \"export ANCHOREPASS=$ANCHOREPASS && sysdig secure login --user " + this.config.getAnchoreioUser() + "\"", "ANCHOREPASS=" + this.config.getAnchoreioPass()) != 0) {
                this.console.logWarn("Failed to log in to sysdig secure using specified credentials");
                throw new AbortException("Failed to log in to sysdig secure using specified credentials");
            }
        } catch (AbortException e) {
            throw e;
        } catch (Exception e2) {
            this.console.logWarn("Failed to log in to sysdig secure using specified credentials");
            throw new AbortException("Failed to log in to sysdig secure using specified credentials");
        }
    }

    private void doAnchoreioBundleSync() throws AbortException {
        try {
            if (executeAnchoreCommand("--json policybundle sync", new String[0]) != 0) {
                this.console.logWarn("Failed to sync your policy from sysdig secure");
                throw new AbortException("Failed to sync your policy from sysdig secure");
            }
        } catch (AbortException e) {
            throw e;
        } catch (Exception e2) {
            this.console.logWarn("Failed to sync your policy from sysdig secure");
            throw new AbortException("Failed to sync your policy from sysdig secure");
        }
    }

    public Util.GATE_ACTION runGates() throws AbortException {
        return this.config.getEnginemode().equals(AnchoreBuilder.DescriptorImpl.DEFAULT_PLUGIN_MODE) ? runGatesEngine() : runGatesLocal();
    }

    /* JADX WARN: Finally extract failed */
    private Util.GATE_ACTION runGatesEngine() throws AbortException {
        int statusCode;
        String engineuser = this.config.getEngineuser();
        String enginepass = this.config.getEnginepass();
        boolean engineverify = this.config.getEngineverify();
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(engineuser, enginepass));
        HttpClientContext create = HttpClientContext.create();
        create.setCredentialsProvider(basicCredentialsProvider);
        FilePath filePath = new FilePath(new FilePath(this.workspace, this.jenkinsOutputDirName), this.gateOutputFileName);
        this.finalAction = Util.GATE_ACTION.PASS;
        if (!this.analyzed) {
            this.console.logError("Image(s) were not added to sysdig-secure-engine (or a prior attempt to add images may have failed). Re-submit image(s) to sysdig-secure-engine before attempting policy evaluation");
            throw new AbortException("Submit image(s) to sysdig-secure-engine for analysis before attempting policy evaluation");
        }
        try {
            JSONObject jSONObject = new JSONObject();
            for (Map.Entry<String, String> entry : this.input_image_imageDigest.entrySet()) {
                String key = entry.getKey();
                String value = entry.getValue();
                this.console.logInfo("Waiting for analysis of " + key + ", polling status periodically");
                Boolean bool = false;
                String str = this.config.getEngineurl().replaceAll("/+$", "") + "/images/" + value + "/check?tag=" + key + "&detail=true";
                if (!Strings.isNullOrEmpty(this.config.getPolicyBundleId())) {
                    str = str + "&policyId=" + this.config.getPolicyBundleId();
                }
                this.console.logDebug("sysdig-secure-engine get policy evaluation URL: " + str);
                int i = 0;
                int parseInt = Integer.parseInt(this.config.getEngineRetries());
                Boolean bool2 = false;
                HttpGet httpGet = new HttpGet(str);
                httpGet.addHeader("Content-Type", "application/json");
                String str2 = null;
                boolean z = false;
                do {
                    if (z) {
                        this.console.logDebug("Snoozing before retrying sysdig-secure-engine get policy evaluation");
                        Thread.sleep(1000L);
                        z = false;
                    }
                    i++;
                    CloseableHttpClient makeHttpClient = makeHttpClient(engineverify);
                    Throwable th = null;
                    try {
                        this.console.logDebug("Attempting sysdig-secure-engine get policy evaluation (" + i + "/" + parseInt + ")");
                        CloseableHttpResponse execute = makeHttpClient.execute(httpGet, create);
                        Throwable th2 = null;
                        try {
                            try {
                                statusCode = execute.getStatusLine().getStatusCode();
                                if (statusCode != 200) {
                                    str2 = EntityUtils.toString(execute.getEntity());
                                    this.console.logDebug("sysdig-secure-engine get policy evaluation failed. URL: " + str + ", status: " + execute.getStatusLine() + ", error: " + str2);
                                    z = true;
                                } else {
                                    JSONObject fromObject = JSONObject.fromObject(JSONArray.fromObject(JSONArray.fromObject(JSONObject.fromObject(JSONObject.fromObject(JSONArray.fromObject(EntityUtils.toString(execute.getEntity())).get(0)).getJSONObject(value)))).get(0));
                                    Iterator it = fromObject.keySet().iterator();
                                    JSONArray jSONArray = it.hasNext() ? fromObject.getJSONArray((String) it.next()) : null;
                                    if (null == jSONArray) {
                                        throw new AbortException("Failed to analyze " + key + " due to missing tag eval records in sysdig-secure-engine policy evaluation response");
                                    }
                                    if (jSONArray.size() < 1) {
                                        this.console.logDebug("sysdig-secure-engine get policy evaluation response contains no tag eval records. May snooze and retry");
                                        z = true;
                                    } else {
                                        String string = JSONObject.fromObject(JSONObject.fromObject(jSONArray.get(0))).getString("status");
                                        JSONObject fromObject2 = JSONObject.fromObject(JSONObject.fromObject(JSONObject.fromObject(JSONObject.fromObject(jSONArray.get(0)).getJSONObject("detail")).getJSONObject("result")).getJSONObject("result"));
                                        this.console.logDebug("sysdig-secure-engine get policy evaluation status: " + string);
                                        this.console.logDebug("sysdig-secure-engine get policy evaluation result: " + fromObject2.toString());
                                        for (Object obj : fromObject2.keySet()) {
                                            try {
                                                jSONObject.put((String) obj, fromObject2.getJSONObject((String) obj));
                                            } catch (Exception e) {
                                                this.console.logDebug("Ignoring error parsing policy evaluation result key: " + obj);
                                            }
                                        }
                                        if (string.equals("pass")) {
                                            bool = true;
                                        }
                                        bool2 = true;
                                        this.console.logInfo("Completed analysis and processed policy evaluation result");
                                    }
                                }
                                if (execute != null) {
                                    if (0 != 0) {
                                        try {
                                            execute.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        execute.close();
                                    }
                                }
                                if (makeHttpClient != null) {
                                    if (0 != 0) {
                                        try {
                                            makeHttpClient.close();
                                        } catch (Throwable th4) {
                                            th.addSuppressed(th4);
                                        }
                                    } else {
                                        makeHttpClient.close();
                                    }
                                }
                                if (bool2.booleanValue()) {
                                    break;
                                }
                            } finally {
                            }
                        } catch (Throwable th5) {
                            if (execute != null) {
                                if (th2 != null) {
                                    try {
                                        execute.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    execute.close();
                                }
                            }
                            throw th5;
                        }
                    } catch (Throwable th7) {
                        if (makeHttpClient != null) {
                            if (0 != 0) {
                                try {
                                    makeHttpClient.close();
                                } catch (Throwable th8) {
                                    th.addSuppressed(th8);
                                }
                            } else {
                                makeHttpClient.close();
                            }
                        }
                        throw th7;
                    }
                } while (i < parseInt);
                if (!bool2.booleanValue()) {
                    if (statusCode != 200) {
                        this.console.logWarn("sysdig-secure-engine get policy evaluation failed. HTTP method: GET, URL: " + str + ", status: " + statusCode + ", error: " + str2);
                    }
                    this.console.logWarn("Exhausted all attempts polling sysdig-secure-engine. Analysis is incomplete for " + value);
                    throw new AbortException("Timed out waiting for sysdig-secure-engine analysis to complete (increasing engineRetries might help). Check above logs for errors from sysdig-secure-engine");
                }
                if (!bool.booleanValue()) {
                    this.finalAction = Util.GATE_ACTION.FAIL;
                }
            }
            try {
                this.console.logDebug("Writing policy evaluation result to " + filePath.getRemote());
                BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(filePath.write(), StandardCharsets.UTF_8));
                Throwable th9 = null;
                try {
                    try {
                        bufferedWriter.write(jSONObject.toString());
                        if (bufferedWriter != null) {
                            if (0 != 0) {
                                try {
                                    bufferedWriter.close();
                                } catch (Throwable th10) {
                                    th9.addSuppressed(th10);
                                }
                            } else {
                                bufferedWriter.close();
                            }
                        }
                        generateGatesSummary(jSONObject);
                        this.console.logInfo("Sysdig Secure Container Image Scanner Plugin step result - " + this.finalAction);
                        return this.finalAction;
                    } finally {
                    }
                } catch (Throwable th11) {
                    if (bufferedWriter != null) {
                        if (th9 != null) {
                            try {
                                bufferedWriter.close();
                            } catch (Throwable th12) {
                                th9.addSuppressed(th12);
                            }
                        } else {
                            bufferedWriter.close();
                        }
                    }
                    throw th11;
                }
            } catch (IOException | InterruptedException e2) {
                this.console.logWarn("Failed to write policy evaluation output to " + filePath.getRemote(), e2);
                throw new AbortException("Failed to write policy evaluation output to " + filePath.getRemote());
            }
        } catch (Exception e3) {
            this.console.logError("Failed to execute sysdig-secure-engine policy evaluation due to an unexpected error", e3);
            throw new AbortException("Failed to execute sysdig-secure-engine policy evaluation due to an unexpected error. Please refer to above logs for more information");
        } catch (AbortException e4) {
            throw e4;
        }
    }

    /* JADX WARN: Finally extract failed */
    private void runVulnerabilityListing() throws AbortException {
        if (!this.analyzed) {
            this.console.logError("Image(s) were not added to sysdig-secure-engine (or a prior attempt to add images may have failed). Re-submit image(s) to sysdig-secure-engine before attempting vulnerability listing");
            throw new AbortException("Submit image(s) to sysdig-secure-engine for analysis before attempting vulnerability listing");
        }
        String engineuser = this.config.getEngineuser();
        String enginepass = this.config.getEnginepass();
        boolean engineverify = this.config.getEngineverify();
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(engineuser, enginepass));
        HttpClientContext create = HttpClientContext.create();
        create.setCredentialsProvider(basicCredentialsProvider);
        try {
            JSONObject jSONObject = new JSONObject();
            JSONArray jSONArray = new JSONArray();
            for (String str : Arrays.asList("Tag", "CVE ID", "Severity", "Vulnerability Package", "Fix Available", "URL")) {
                JSONObject jSONObject2 = new JSONObject();
                jSONObject2.put("title", str);
                jSONArray.add(jSONObject2);
            }
            JSONArray jSONArray2 = new JSONArray();
            for (Map.Entry<String, String> entry : this.input_image_imageDigest.entrySet()) {
                String key = entry.getKey();
                String value = entry.getValue();
                try {
                    CloseableHttpClient makeHttpClient = makeHttpClient(engineverify);
                    Throwable th = null;
                    try {
                        this.console.logInfo("Querying vulnerability listing for " + key);
                        String str2 = this.config.getEngineurl().replaceAll("/+$", "") + "/images/" + value + "/vuln/all";
                        HttpGet httpGet = new HttpGet(str2);
                        httpGet.addHeader("Content-Type", "application/json");
                        this.console.logDebug("sysdig-secure-engine get vulnerability listing URL: " + str2);
                        try {
                            CloseableHttpResponse execute = makeHttpClient.execute(httpGet, create);
                            Throwable th2 = null;
                            try {
                                try {
                                    JSONArray jSONArray3 = JSONObject.fromObject(EntityUtils.toString(execute.getEntity())).getJSONArray("vulnerabilities");
                                    for (int i = 0; i < jSONArray3.size(); i++) {
                                        JSONObject jSONObject3 = jSONArray3.getJSONObject(i);
                                        JSONArray jSONArray4 = new JSONArray();
                                        jSONArray4.addAll(Arrays.asList(key, jSONObject3.getString("vuln"), jSONObject3.getString("severity"), jSONObject3.getString("package"), jSONObject3.getString("fix"), "<a href='" + jSONObject3.getString("url") + "'>" + jSONObject3.getString("url") + "</a>"));
                                        jSONArray2.add(jSONArray4);
                                    }
                                    if (execute != null) {
                                        if (0 != 0) {
                                            try {
                                                execute.close();
                                            } catch (Throwable th3) {
                                                th2.addSuppressed(th3);
                                            }
                                        } else {
                                            execute.close();
                                        }
                                    }
                                    if (makeHttpClient != null) {
                                        if (0 != 0) {
                                            try {
                                                makeHttpClient.close();
                                            } catch (Throwable th4) {
                                                th.addSuppressed(th4);
                                            }
                                        } else {
                                            makeHttpClient.close();
                                        }
                                    }
                                } finally {
                                }
                            } finally {
                            }
                        } catch (Exception e) {
                            throw e;
                        }
                    } catch (Throwable th5) {
                        if (makeHttpClient != null) {
                            if (0 != 0) {
                                try {
                                    makeHttpClient.close();
                                } catch (Throwable th6) {
                                    th.addSuppressed(th6);
                                }
                            } else {
                                makeHttpClient.close();
                            }
                        }
                        throw th5;
                    }
                } catch (Exception e2) {
                    throw e2;
                }
            }
            jSONObject.put("columns", jSONArray);
            jSONObject.put("data", jSONArray2);
            this.cveListingFileName = "sysdig_secure_security.json";
            FilePath filePath = new FilePath(new FilePath(this.workspace, this.jenkinsOutputDirName), this.cveListingFileName);
            try {
                this.console.logDebug("Writing vulnerability listing result to " + filePath.getRemote());
                BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(filePath.write(), StandardCharsets.UTF_8));
                Throwable th7 = null;
                try {
                    try {
                        bufferedWriter.write(jSONObject.toString());
                        if (bufferedWriter != null) {
                            if (0 != 0) {
                                try {
                                    bufferedWriter.close();
                                } catch (Throwable th8) {
                                    th7.addSuppressed(th8);
                                }
                            } else {
                                bufferedWriter.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th9) {
                    if (bufferedWriter != null) {
                        if (th7 != null) {
                            try {
                                bufferedWriter.close();
                            } catch (Throwable th10) {
                                th7.addSuppressed(th10);
                            }
                        } else {
                            bufferedWriter.close();
                        }
                    }
                    throw th9;
                }
            } catch (IOException | InterruptedException e3) {
                this.console.logWarn("Failed to write vulnerability listing to " + filePath.getRemote(), e3);
                throw new AbortException("Failed to write vulnerability listing to " + filePath.getRemote());
            }
        } catch (AbortException e4) {
            throw e4;
        } catch (Exception e5) {
            this.console.logError("Failed to fetch vulnerability listing from sysdig-secure-engine due to an unexpected error", e5);
            throw new AbortException("Failed to fetch vulnerability listing from sysdig-secure-engine due to an unexpected error. Please refer to above logs for more information");
        }
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:101:0x0335, code lost:
    
        r0 = r23;
     */
    /* JADX WARN: Code restructure failed: missing block: B:142:0x011b, code lost:
    
        switch(r20) {
            case 0: goto L42;
            case 1: goto L43;
            case 2: goto L44;
            case 3: goto L45;
            default: goto L160;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:143:0x0138, code lost:
    
        r9 = r18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:145:0x0154, code lost:
    
        r18 = r18 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:146:0x013f, code lost:
    
        r10 = r18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:148:0x0146, code lost:
    
        r11 = r18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:150:0x014d, code lost:
    
        r12 = r18;
     */
    /* JADX WARN: Code restructure failed: missing block: B:70:0x027a, code lost:
    
        switch(r28) {
            case 0: goto L83;
            case 1: goto L92;
            case 2: goto L101;
            default: goto L155;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:71:0x0294, code lost:
    
        r18 = r18 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:72:0x029a, code lost:
    
        if (r12 == (-1)) goto L90;
     */
    /* JADX WARN: Code restructure failed: missing block: B:74:0x02aa, code lost:
    
        if (r0.getString(r12).equalsIgnoreCase("none") != false) goto L90;
     */
    /* JADX WARN: Code restructure failed: missing block: B:76:0x02ba, code lost:
    
        if (r0.getString(r12).equalsIgnoreCase("false") != false) goto L90;
     */
    /* JADX WARN: Code restructure failed: missing block: B:77:0x02bd, code lost:
    
        r0 = r21 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:78:0x02c7, code lost:
    
        r21 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:81:0x02c5, code lost:
    
        r0 = r21;
     */
    /* JADX WARN: Code restructure failed: missing block: B:82:0x02cc, code lost:
    
        r19 = r19 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:83:0x02d2, code lost:
    
        if (r12 == (-1)) goto L99;
     */
    /* JADX WARN: Code restructure failed: missing block: B:85:0x02e2, code lost:
    
        if (r0.getString(r12).equalsIgnoreCase("none") != false) goto L99;
     */
    /* JADX WARN: Code restructure failed: missing block: B:87:0x02f2, code lost:
    
        if (r0.getString(r12).equalsIgnoreCase("false") != false) goto L99;
     */
    /* JADX WARN: Code restructure failed: missing block: B:88:0x02f5, code lost:
    
        r0 = r22 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:89:0x02ff, code lost:
    
        r22 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:91:0x02fd, code lost:
    
        r0 = r22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:92:0x0304, code lost:
    
        r20 = r20 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:93:0x030a, code lost:
    
        if (r12 == (-1)) goto L108;
     */
    /* JADX WARN: Code restructure failed: missing block: B:95:0x031a, code lost:
    
        if (r0.getString(r12).equalsIgnoreCase("none") != false) goto L108;
     */
    /* JADX WARN: Code restructure failed: missing block: B:97:0x032a, code lost:
    
        if (r0.getString(r12).equalsIgnoreCase("false") != false) goto L108;
     */
    /* JADX WARN: Code restructure failed: missing block: B:98:0x032d, code lost:
    
        r0 = r23 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:99:0x0337, code lost:
    
        r23 = r0;
     */
    /* JADX WARN: Removed duplicated region for block: B:127:0x009d  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void generateGatesSummary(net.sf.json.JSONObject r6) {
        /*
            Method dump skipped, instructions count: 1550
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sysdig.jenkins.plugins.sysdig.BuildWorker.generateGatesSummary(net.sf.json.JSONObject):void");
    }

    private void generateGatesSummary(FilePath filePath) throws AbortException {
        try {
            this.console.logDebug("Parsing gate output from " + filePath.getRemote());
            if (!filePath.exists() || filePath.length() <= 0) {
                this.console.logError("Gate output file not found or empty: " + filePath.getRemote());
                throw new AbortException("Gate output file not found or empty: " + filePath.getRemote());
            }
            JSONObject fromObject = JSONObject.fromObject(filePath.readToString());
            if (fromObject != null) {
                generateGatesSummary(fromObject);
            } else {
                this.console.logWarn("Failed to load/parse gate output from " + filePath.getRemote());
            }
        } catch (AbortException e) {
            throw e;
        } catch (Exception e2) {
            this.console.logError("Failed to generate gate output summary", e2);
            throw new AbortException("Failed to generate gate output summary");
        }
    }

    private Util.GATE_ACTION runGatesLocal() throws AbortException {
        if (!this.analyzed) {
            this.console.logError("Analysis step has not been executed (or may have failed in a prior attempt). Rerun analyzer before gates");
            throw new AbortException("Analysis step has not been executed (or may have failed in a prior attempt). Rerun analyzer before gates");
        }
        try {
            this.console.logInfo("Running Sysdig Secure Gates");
            FilePath filePath = new FilePath(new FilePath(this.workspace, this.jenkinsOutputDirName), this.gateOutputFileName);
            String str = "--json gate --imagefile " + this.anchoreImageFileName + " --show-triggerids --show-whitelisted";
            String policyEvalMethod = this.config.getPolicyEvalMethod();
            if (Strings.isNullOrEmpty(policyEvalMethod)) {
                policyEvalMethod = AnchoreBuilder.DescriptorImpl.DEFAULT_POLICY_EVAL_METHOD;
            }
            if (policyEvalMethod.equals("autosync")) {
                str = str + " --run-bundle --resultsonly";
                if (!Strings.isNullOrEmpty(this.config.getAnchoreioUser()) && !Strings.isNullOrEmpty(this.config.getAnchoreioPass())) {
                    try {
                        doAnchoreioLogin();
                        doAnchoreioBundleSync();
                    } catch (AbortException e) {
                        if (!this.config.getUseCachedBundle()) {
                            this.console.logWarn("Unable to log in/sync bundle");
                            throw e;
                        }
                    }
                }
            } else if (policyEvalMethod.equals("bundlefile")) {
                str = str + " --run-bundle --resultsonly";
                if (!Strings.isNullOrEmpty(this.anchoreBundleFileName)) {
                    str = str + " --bundlefile " + this.anchoreBundleFileName;
                }
            } else {
                if (!Strings.isNullOrEmpty(this.anchorePolicyFileName)) {
                    str = str + " --policy " + this.anchorePolicyFileName;
                }
                if (!Strings.isNullOrEmpty(this.anchoreGlobalWhiteListFileName)) {
                    str = str + " --global-whitelist " + this.anchoreGlobalWhiteListFileName;
                }
            }
            try {
                switch (executeAnchoreCommand(str, filePath.write(), new String[0])) {
                    case 0:
                        this.finalAction = Util.GATE_ACTION.GO;
                        break;
                    case 2:
                        this.finalAction = Util.GATE_ACTION.WARN;
                        break;
                    default:
                        this.finalAction = Util.GATE_ACTION.STOP;
                        break;
                }
                this.console.logDebug("Sysdig Secure gate execution completed successfully, final action: " + this.finalAction);
                generateGatesSummary(filePath);
                return this.finalAction;
            } catch (IOException | InterruptedException e2) {
                this.console.logWarn("Failed to write gates output to " + filePath.getRemote(), e2);
                throw new AbortException("Failed to write gates output to " + filePath.getRemote());
            }
        } catch (Exception e3) {
            this.console.logError("Failed to run Sysdig Secure gates due to an unexpected error", e3);
            throw new AbortException("Failed to run Sysdig Secure gates due to an unexpected error. Please refer to above logs for more information");
        } catch (AbortException e4) {
            throw e4;
        }
    }

    public void runQueries() throws AbortException {
        if (this.config.getEnginemode().equals(AnchoreBuilder.DescriptorImpl.DEFAULT_PLUGIN_MODE)) {
            runVulnerabilityListing();
        } else {
            runQueriesLocal();
        }
    }

    private void runQueriesLocal() throws AbortException {
        if (!this.analyzed) {
            this.console.logError("Analysis step has not been executed (or may have failed in a prior attempt). Rerun analyzer before queries");
            throw new AbortException("Analysis step has not been executed (or may have failed in a prior attempt). Rerun analyzer before queries");
        }
        try {
            if (this.config.getInputQueries() == null || this.config.getInputQueries().isEmpty()) {
                this.console.logDebug("No queries found, skipping query execution");
            } else {
                int i = 0;
                Iterator<AnchoreQuery> it = this.config.getInputQueries().iterator();
                while (it.hasNext()) {
                    String trim = it.next().getQuery().trim();
                    if (Strings.isNullOrEmpty(trim) || this.queryOutputMap.containsKey(trim)) {
                        this.console.logWarn("Invalid query or query may have already been executed");
                    } else {
                        this.console.logInfo("Running Sysdig Secure Query: " + trim);
                        i++;
                        String str = QUERY_OUTPUT_PREFIX + i + JSON_FILE_EXTENSION;
                        FilePath filePath = new FilePath(new FilePath(this.workspace, this.jenkinsOutputDirName), str);
                        try {
                            int executeAnchoreCommand = executeAnchoreCommand("--json query --imagefile " + this.anchoreImageFileName + " " + trim, filePath.write(), new String[0]);
                            if (executeAnchoreCommand != 0) {
                                this.console.logWarn("Query execution failed for: " + trim + ", return code: " + executeAnchoreCommand);
                            } else if (!filePath.exists() || filePath.length() <= 0) {
                                this.console.logWarn("Query execution completed successfully but did not generate a report for: " + trim);
                                filePath.delete();
                            } else {
                                this.console.logDebug("Query execution completed successfully and generated a report for: " + trim);
                                this.queryOutputMap.put(trim, str);
                            }
                        } catch (IOException | InterruptedException e) {
                            this.console.logWarn("Query execution failed for: " + trim, e);
                        }
                    }
                }
            }
        } catch (RuntimeException e2) {
            this.console.logError("Failed to run Sysdig Secure queries due to an unexpected error", e2);
            throw new AbortException("Failed to run Sysdig Secure queries due to an unexpected error. Please refer to above logs for more information");
        }
    }

    public void setupBuildReports() throws AbortException {
        try {
            this.console.logDebug("Archiving results");
            new ArtifactArchiver(this.jenkinsOutputDirName + "/").perform(this.build, this.workspace, this.launcher, this.listener);
            this.console.logDebug("Setting up build results");
            if (this.finalAction != null) {
                this.build.addAction(new AnchoreAction(this.build, this.finalAction.toString(), this.jenkinsOutputDirName, this.gateOutputFileName, this.queryOutputMap, this.gateSummary.toString(), this.cveListingFileName));
            } else {
                this.build.addAction(new AnchoreAction(this.build, "", this.jenkinsOutputDirName, this.gateOutputFileName, this.queryOutputMap, this.gateSummary.toString(), this.cveListingFileName));
            }
        } catch (Exception e) {
            this.console.logError("Failed to setup build results due to an unexpected error", e);
            throw new AbortException("Failed to setup build results due to an unexpected error. Please refer to above logs for more information");
        }
    }

    public void cleanup() {
        try {
            this.console.logDebug("Cleaning up build artifacts");
            if (!Strings.isNullOrEmpty(this.jenkinsOutputDirName)) {
                try {
                    this.console.logDebug("Deleting Jenkins workspace " + this.jenkinsOutputDirName);
                    cleanJenkinsWorkspaceQuietly();
                } catch (IOException | InterruptedException e) {
                    this.console.logDebug("Unable to delete Jenkins workspace " + this.jenkinsOutputDirName, e);
                }
            }
            if (!Strings.isNullOrEmpty(this.anchoreWorkspaceDirName)) {
                try {
                    this.console.logDebug("Deleting Sysdig Secure container workspace " + this.anchoreWorkspaceDirName);
                    int cleanAnchoreWorkspaceQuietly = cleanAnchoreWorkspaceQuietly();
                    if (cleanAnchoreWorkspaceQuietly != 0) {
                        this.console.logWarn("Unable to delete Sysdig Secure container workspace " + this.anchoreWorkspaceDirName + ", process returned " + cleanAnchoreWorkspaceQuietly);
                    }
                } catch (Exception e2) {
                    this.console.logWarn("Failed to recursively delete Sysdig Secure container workspace " + this.anchoreWorkspaceDirName, e2);
                }
            }
            if (this.config.getDoCleanup() && null != this.anchoreInputImages) {
                for (String str : this.anchoreInputImages) {
                    try {
                        this.console.logDebug("Deleting analytics for " + str + " from Sysdig Secure database");
                        int executeAnchoreCommand = executeAnchoreCommand("toolbox --image " + str + " delete --dontask", new String[0]);
                        if (executeAnchoreCommand != 0) {
                            this.console.logWarn("Failed to delete analytics for " + str + " from Sysdig Secure database, process returned " + executeAnchoreCommand);
                        }
                    } catch (Exception e3) {
                        this.console.logWarn("Failed to delete analytics for " + str + " from Sysdig Secure database", e3);
                    }
                }
            }
        } catch (RuntimeException e4) {
            this.console.logDebug("Failed to clean up build artifacts due to an unexpected error", e4);
        }
    }

    private void printConfig() {
        List plugins;
        this.console.logInfo("Jenkins version: " + Jenkins.VERSION);
        if (Jenkins.getActiveInstance() != null && Jenkins.getActiveInstance().getPluginManager() != null && (plugins = Jenkins.getActiveInstance().getPluginManager().getPlugins()) != null) {
            Iterator it = plugins.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                PluginWrapper pluginWrapper = (PluginWrapper) it.next();
                if (pluginWrapper.getShortName().equals("sysdig-secure")) {
                    this.console.logInfo(pluginWrapper.getDisplayName() + " version: " + pluginWrapper.getVersion());
                    break;
                }
            }
        }
        this.config.print(this.console);
    }

    private void checkConfig() throws AbortException {
        if (!this.config.getEnginemode().equals(AnchoreBuilder.DescriptorImpl.DEFAULT_PLUGIN_MODE) && !this.config.getEnginemode().equals("anchorelocal")) {
            this.console.logError("Undefined engine mode: " + this.config.getEnginemode());
            throw new AbortException("Undefined engine mode: " + this.config.getEnginemode() + ". Valid engine modes are 'anchoreengine' or 'anchorelocal'");
        }
        if (Strings.isNullOrEmpty(this.config.getName())) {
            this.console.logError("Image list file not found");
            throw new AbortException("Image list file not specified. Please provide a valid image list file name in the Sysdig Secure Container Image Scanner step and try again");
        }
        try {
            if (!new FilePath(this.workspace, this.config.getName()).exists()) {
                this.console.logError("Cannot find image list file \"" + this.config.getName() + "\" under " + this.workspace);
                throw new AbortException("Cannot find image list file '" + this.config.getName() + "'. Please ensure that image list file is created prior to Sysdig Secure Container Image Scanner step");
            }
            if (!this.config.getEnginemode().equals(AnchoreBuilder.DescriptorImpl.DEFAULT_PLUGIN_MODE) && Strings.isNullOrEmpty(this.config.getContainerId())) {
                this.console.logError("Sysdig Secure Container ID not found");
                throw new AbortException("Please configure \"Sysdig Secure Container ID\" under Manage Jenkins->Configure System->Sysdig Secure Configuration and retry. If the container is not running, the plugin will launch it");
            }
        } catch (Exception e) {
            this.console.logWarn("Unable to access image list file \"" + this.config.getName() + "\" under " + this.workspace, e);
            throw new AbortException("Unable to access image list file " + this.config.getName() + ". Please ensure that image list file is created prior to Sysdig Secure Container Image Scanner step");
        } catch (AbortException e2) {
            throw e2;
        }
    }

    private void initializeJenkinsWorkspace() throws AbortException {
        try {
            this.console.logDebug("Initializing Jenkins workspace");
            String str = this.build.getParent().getDisplayName() + "_" + this.build.getNumber();
            this.buildId = str;
            if (Strings.isNullOrEmpty(str)) {
                this.console.logWarn("Unable to generate a unique identifier for this build due to invalid configuration");
                throw new AbortException("Unable to generate a unique identifier for this build due to invalid configuration");
            }
            this.jenkinsOutputDirName = JENKINS_DIR_NAME_PREFIX + this.buildId;
            FilePath filePath = new FilePath(this.workspace, this.jenkinsOutputDirName);
            if (!filePath.exists()) {
                this.console.logDebug("Creating workspace directory " + this.jenkinsOutputDirName);
                filePath.mkdirs();
            }
            this.queryOutputMap = new LinkedHashMap();
            this.gateOutputFileName = "sysdig_secure_gates.json";
        } catch (Exception e) {
            this.console.logWarn("Failed to initialize Jenkins workspace", e);
            throw new AbortException("Failed to initialize Jenkins workspace due to to an unexpected error");
        } catch (AbortException e2) {
            throw e2;
        }
    }

    private void initializeAnchoreWorkspace() throws AbortException {
        if (this.config.getEnginemode().equals(AnchoreBuilder.DescriptorImpl.DEFAULT_PLUGIN_MODE)) {
            initializeAnchoreWorkspaceEngine();
        } else {
            initializeAnchoreWorkspaceLocal();
        }
    }

    private void initializeAnchoreWorkspaceEngine() throws AbortException {
        Iterator it;
        try {
            this.console.logDebug("Initializing Sysdig Secure workspace (enginemode)");
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new FilePath(this.workspace, this.config.getName()).read(), StandardCharsets.UTF_8));
            Throwable th = null;
            while (true) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    String str = null;
                    String str2 = null;
                    Iterable split = Util.IMAGE_LIST_SPLITTER.split(readLine);
                    if (null != split && null != (it = split.iterator()) && it.hasNext()) {
                        str = (String) it.next();
                        if (it.hasNext()) {
                            String str3 = (String) it.next();
                            StringBuilder sb = new StringBuilder();
                            BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(new FilePath(this.workspace, str3).read(), StandardCharsets.UTF_8));
                            Throwable th2 = null;
                            while (true) {
                                try {
                                    try {
                                        String readLine2 = bufferedReader2.readLine();
                                        if (readLine2 == null) {
                                            break;
                                        } else {
                                            sb.append(readLine2 + '\n');
                                        }
                                    } finally {
                                    }
                                } catch (Throwable th3) {
                                    if (bufferedReader2 != null) {
                                        if (th2 != null) {
                                            try {
                                                bufferedReader2.close();
                                            } catch (Throwable th4) {
                                                th2.addSuppressed(th4);
                                            }
                                        } else {
                                            bufferedReader2.close();
                                        }
                                    }
                                    throw th3;
                                }
                            }
                            if (bufferedReader2 != null) {
                                if (0 != 0) {
                                    try {
                                        bufferedReader2.close();
                                    } catch (Throwable th5) {
                                        th2.addSuppressed(th5);
                                    }
                                } else {
                                    bufferedReader2.close();
                                }
                            }
                            this.console.logDebug("Dockerfile contents: " + sb.toString());
                            str2 = new String(Base64.encodeBase64(sb.toString().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
                        }
                    }
                    if (null != str) {
                        this.console.logDebug("Image tag/digest: " + str);
                        this.console.logDebug("Base64 encoded Dockerfile contents: " + str2);
                        this.input_image_dfile.put(str, str2);
                    }
                } finally {
                }
            }
            if (bufferedReader != null) {
                if (0 != 0) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    bufferedReader.close();
                }
            }
        } catch (AbortException e) {
            throw e;
        } catch (Exception e2) {
            this.console.logError("Failed to initialize Sysdig Secure workspace due to an unexpected error", e2);
            throw new AbortException("Failed to initialize Sysdig Secure workspace due to an unexpected error. Please refer to above logs for more information");
        }
    }

    /* JADX WARN: Can't wrap try/catch for region: R(22:65|66|(2:68|(20:70|(1:72)|73|74|75|(2:77|(15:79|(1:81)|82|83|84|(2:86|(10:88|(1:90)|91|92|93|(2:95|(5:97|(1:99)|100|101|102))|103|100|101|102))|106|91|92|93|(0)|103|100|101|102))|109|82|83|84|(0)|106|91|92|93|(0)|103|100|101|102))|112|73|74|75|(0)|109|82|83|84|(0)|106|91|92|93|(0)|103|100|101|102) */
    /* JADX WARN: Code restructure failed: missing block: B:105:0x0911, code lost:
    
        r7.console.logWarn("Failed to resolve global whitelist, using default Sysdig Secure global whitelist");
     */
    /* JADX WARN: Code restructure failed: missing block: B:108:0x080d, code lost:
    
        r7.console.logWarn("Failed to resolve user policy, using default Sysdig Secure scanning policy");
     */
    /* JADX WARN: Code restructure failed: missing block: B:111:0x0709, code lost:
    
        r7.console.logWarn("Failed to resolve user bundle, using default Sysdig Secure scanning policy");
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0270, code lost:
    
        r7.console.logError("Failed to copy Dockerfile from Jenkins workspace: " + r0 + ", to Sysdig Secure workspace: " + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x02c4, code lost:
    
        throw new hudson.AbortException("Failed to copy Dockerfile from Jenkins workspace: " + r0 + ", to Sysdig Secure workspace: " + r0 + ". Please ensure that Dockerfile is present in the Jenkins workspace prior to running Sysdig Secure plugin");
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x037b, code lost:
    
        if (r0 == null) goto L50;
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x0380, code lost:
    
        if (0 == 0) goto L35;
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0397, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:43:0x0383, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:45:0x038b, code lost:
    
        r16 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x038d, code lost:
    
        r15.addSuppressed(r16);
     */
    /* JADX WARN: Failed to calculate best type for var: r12v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r12v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x0401: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:136:0x0401 */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x0406: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:138:0x0406 */
    /* JADX WARN: Removed duplicated region for block: B:59:0x0433 A[Catch: AbortException -> 0x091e, Exception -> 0x0921, TryCatch #14 {AbortException -> 0x091e, Exception -> 0x0921, blocks: (B:2:0x0000, B:4:0x00af, B:5:0x010b, B:8:0x010c, B:10:0x0174, B:13:0x0192, B:15:0x019d, B:17:0x01ad, B:19:0x01bb, B:21:0x01c5, B:23:0x01df, B:30:0x0270, B:31:0x02c4, B:25:0x02c5, B:26:0x0306, B:33:0x02e4, B:34:0x0354, B:43:0x0383, B:41:0x0397, B:46:0x038d, B:53:0x03da, B:51:0x03ee, B:56:0x03e4, B:57:0x0427, B:59:0x0433, B:60:0x0447, B:61:0x0448, B:63:0x04b4, B:64:0x050a, B:66:0x050b, B:68:0x0518, B:70:0x0533, B:72:0x05bc, B:75:0x060f, B:77:0x061c, B:79:0x0637, B:81:0x06c0, B:84:0x0713, B:86:0x0720, B:88:0x073b, B:90:0x07c4, B:93:0x0817, B:95:0x0824, B:97:0x083f, B:99:0x08c8, B:103:0x0902, B:105:0x0911, B:106:0x07fe, B:108:0x080d, B:109:0x06fa, B:111:0x0709, B:112:0x05f6, B:114:0x0605, B:117:0x03a7, B:126:0x03b4, B:124:0x03c8, B:129:0x03be, B:131:0x03cf, B:134:0x03fe, B:142:0x040b, B:140:0x041f, B:145:0x0415, B:147:0x0426), top: B:1:0x0000, inners: #1, #4, #5, #7, #8, #10, #12 }] */
    /* JADX WARN: Removed duplicated region for block: B:61:0x0448 A[Catch: AbortException -> 0x091e, Exception -> 0x0921, TryCatch #14 {AbortException -> 0x091e, Exception -> 0x0921, blocks: (B:2:0x0000, B:4:0x00af, B:5:0x010b, B:8:0x010c, B:10:0x0174, B:13:0x0192, B:15:0x019d, B:17:0x01ad, B:19:0x01bb, B:21:0x01c5, B:23:0x01df, B:30:0x0270, B:31:0x02c4, B:25:0x02c5, B:26:0x0306, B:33:0x02e4, B:34:0x0354, B:43:0x0383, B:41:0x0397, B:46:0x038d, B:53:0x03da, B:51:0x03ee, B:56:0x03e4, B:57:0x0427, B:59:0x0433, B:60:0x0447, B:61:0x0448, B:63:0x04b4, B:64:0x050a, B:66:0x050b, B:68:0x0518, B:70:0x0533, B:72:0x05bc, B:75:0x060f, B:77:0x061c, B:79:0x0637, B:81:0x06c0, B:84:0x0713, B:86:0x0720, B:88:0x073b, B:90:0x07c4, B:93:0x0817, B:95:0x0824, B:97:0x083f, B:99:0x08c8, B:103:0x0902, B:105:0x0911, B:106:0x07fe, B:108:0x080d, B:109:0x06fa, B:111:0x0709, B:112:0x05f6, B:114:0x0605, B:117:0x03a7, B:126:0x03b4, B:124:0x03c8, B:129:0x03be, B:131:0x03cf, B:134:0x03fe, B:142:0x040b, B:140:0x041f, B:145:0x0415, B:147:0x0426), top: B:1:0x0000, inners: #1, #4, #5, #7, #8, #10, #12 }] */
    /* JADX WARN: Removed duplicated region for block: B:77:0x061c A[Catch: IOException | InterruptedException -> 0x0707, AbortException -> 0x091e, Exception -> 0x0921, TryCatch #8 {IOException | InterruptedException -> 0x0707, blocks: (B:75:0x060f, B:77:0x061c, B:79:0x0637, B:81:0x06c0, B:109:0x06fa), top: B:74:0x060f, outer: #14 }] */
    /* JADX WARN: Removed duplicated region for block: B:86:0x0720 A[Catch: IOException | InterruptedException -> 0x080b, AbortException -> 0x091e, Exception -> 0x0921, TryCatch #10 {IOException | InterruptedException -> 0x080b, blocks: (B:84:0x0713, B:86:0x0720, B:88:0x073b, B:90:0x07c4, B:106:0x07fe), top: B:83:0x0713, outer: #14 }] */
    /* JADX WARN: Removed duplicated region for block: B:95:0x0824 A[Catch: IOException | InterruptedException -> 0x090f, AbortException -> 0x091e, Exception -> 0x0921, TryCatch #5 {IOException | InterruptedException -> 0x090f, blocks: (B:93:0x0817, B:95:0x0824, B:97:0x083f, B:99:0x08c8, B:103:0x0902), top: B:92:0x0817, outer: #14 }] */
    /* JADX WARN: Type inference failed for: r12v0, types: [java.io.BufferedWriter] */
    /* JADX WARN: Type inference failed for: r13v0, types: [java.lang.Throwable] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void initializeAnchoreWorkspaceLocal() throws hudson.AbortException {
        /*
            Method dump skipped, instructions count: 2361
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sysdig.jenkins.plugins.sysdig.BuildWorker.initializeAnchoreWorkspaceLocal():void");
    }

    private void setupAnchoreContainer() throws AbortException {
        String str;
        String containerId = this.config.getContainerId();
        if (isAnchoreRunning()) {
            this.console.logDebug("Sysdig Secure container " + containerId + " is already running");
            return;
        }
        this.console.logDebug("Sysdig Secure container " + containerId + " is not running");
        String containerImageId = this.config.getContainerImageId();
        if (!isAnchoreImageAvailable()) {
            this.console.logError("Sysdig Secure container image " + containerImageId + " not found on local dockerhost, cannot launch Sysdig Secure container " + containerId);
            throw new AbortException("Sysdig Secure container image " + containerImageId + " not found on local dockerhost, cannot launch Sysdig Secure container " + containerId + ". Please make the anchore/jenkins image available to the local dockerhost and retry");
        }
        this.console.logInfo("Launching Sysdig Secure container " + containerId + " from image " + containerImageId);
        str = "docker run -d -v /var/run/docker.sock:/var/run/docker.sock";
        str = Strings.isNullOrEmpty(this.config.getLocalVol()) ? "docker run -d -v /var/run/docker.sock:/var/run/docker.sock" : str + " -v " + this.config.getLocalVol() + ":/root/.anchore";
        if (!Strings.isNullOrEmpty(this.config.getModulesVol())) {
            str = str + " -v " + this.config.getModulesVol() + ":/root/sysdig_secure_modules";
        }
        if (executeCommand(str + " --name " + containerId + " " + containerImageId, new String[0]) == 0) {
            this.console.logDebug("Sysdig Secure container " + containerId + " has been launched");
        } else {
            this.console.logError("Failed to launch Sysdig Secure container " + containerId + " ");
            throw new AbortException("Failed to launch Sysdig Secure container " + containerId);
        }
    }

    private boolean isAnchoreRunning() throws AbortException {
        this.console.logDebug("Checking container " + this.config.getContainerId());
        if (!Strings.isNullOrEmpty(this.config.getContainerId())) {
            return executeCommand(new StringBuilder().append("docker start ").append(this.config.getContainerId()).toString(), new String[0]) == 0;
        }
        this.console.logError("Sysdig Secure Container ID not found");
        throw new AbortException("Please configure \"Sysdig Secure Container ID\" under Manage Jenkins->Configure System->Sysdig Secure Configuration and retry. If the container is not running, the plugin will launch it");
    }

    private boolean isAnchoreImageAvailable() throws AbortException {
        this.console.logDebug("Checking container image " + this.config.getContainerImageId());
        if (!Strings.isNullOrEmpty(this.config.getContainerImageId())) {
            return executeCommand(new StringBuilder().append("docker inspect ").append(this.config.getContainerImageId()).toString(), new String[0]) == 0;
        }
        this.console.logError("Sysdig Secure Container Image ID not found");
        throw new AbortException("Please configure \"Sysdig Secure Container Image ID\" under Manage Jenkins->Configure System->Sysdig Secure Configuration and retry");
    }

    private JSONArray generateDataTablesColumnsForGateSummary() {
        JSONArray jSONArray = new JSONArray();
        for (Util.GATE_SUMMARY_COLUMN gate_summary_column : Util.GATE_SUMMARY_COLUMN.values()) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("data", gate_summary_column.toString());
            jSONObject.put("title", gate_summary_column.toString().replaceAll("_", " "));
            jSONArray.add(jSONObject);
        }
        return jSONArray;
    }

    private int executeAnchoreCommand(String str, String... strArr) throws AbortException {
        return executeAnchoreCommand(str, this.config.getDebug() ? this.console.getLogger() : null, this.console.getLogger(), strArr);
    }

    private int executeAnchoreCommand(String str, OutputStream outputStream, String... strArr) throws AbortException {
        return executeAnchoreCommand(str, outputStream, this.console.getLogger(), strArr);
    }

    private int executeAnchoreCommand(String str, OutputStream outputStream, OutputStream outputStream2, String... strArr) throws AbortException {
        String str2 = "docker exec " + this.config.getContainerId() + " " + ANCHORE_BINARY;
        if (this.config.getDebug()) {
            str2 = str2 + " --debug";
        }
        if (!Strings.isNullOrEmpty(this.anchoreScriptsDirName)) {
            str2 = str2 + " --config-override user_scripts_dir=" + this.anchoreScriptsDirName;
        }
        return executeCommand(str2 + " " + str, outputStream, outputStream2, strArr);
    }

    private int executeCommand(String str, String... strArr) throws AbortException {
        return executeCommand(str, this.config.getDebug() ? this.console.getLogger() : null, this.console.getLogger(), strArr);
    }

    private int executeCommand(String str, OutputStream outputStream, OutputStream outputStream2, String... strArr) throws AbortException {
        if (this.config.getUseSudo()) {
            str = "sudo " + str;
        }
        Launcher.ProcStarter launch = this.launcher.launch();
        launch.envs(strArr);
        launch.cmdAsSingleString(str);
        launch.stdin((InputStream) null);
        if (null != outputStream) {
            launch.stdout(outputStream);
        }
        if (null != outputStream2) {
            launch.stderr(outputStream2);
        }
        try {
            this.console.logDebug("Executing \"" + str + "\"");
            int join = launch.join();
            this.console.logDebug("Execution of \"" + str + "\" returned " + join);
            return join;
        } catch (Exception e) {
            this.console.logWarn("Failed to execute \"" + str + "\"", e);
            throw new AbortException("Failed to execute \"" + str + "\"");
        }
    }

    private void cleanJenkinsWorkspaceQuietly() throws IOException, InterruptedException {
        new FilePath(this.workspace, this.jenkinsOutputDirName).deleteRecursive();
    }

    private int cleanAnchoreWorkspaceQuietly() throws AbortException {
        return executeCommand("docker exec " + this.config.getContainerId() + " rm -rf " + this.anchoreWorkspaceDirName, new String[0]);
    }
}
