package io.jenkins.plugins.grypescanner;

import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.Util;
import hudson.model.AbstractProject;
import hudson.model.Descriptor;
import hudson.model.Result;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.ArtifactArchiver;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import java.io.IOException;
import java.net.URL;
import jenkins.tasks.SimpleBuildStep;
import net.sf.json.JSONObject;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:io/jenkins/plugins/grypescanner/GrypeScannerStep.class */
public class GrypeScannerStep extends Builder implements SimpleBuildStep {
    private static final String SCAN_TARGET_DEFAULT = "dir:./";
    private static final String REP_NAME_DEFAULT = "grypeReport_${JOB_NAME}_${BUILD_NUMBER}.txt";
    private String scanDest;
    private String repName;
    private boolean autoInstall;

    @Extension(ordinal = -2.0d)
    @Symbol({"grypeScan"})
    /* loaded from: input_file:io/jenkins/plugins/grypescanner/GrypeScannerStep$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        public DescriptorImpl() {
            super(GrypeScannerStep.class);
            load();
        }

        public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            staplerRequest.bindJSON(this, jSONObject);
            save();
            return true;
        }

        public String getDefaultScanDest() {
            return GrypeScannerStep.SCAN_TARGET_DEFAULT;
        }

        public String getDisplayName() {
            return "Vulnerability scan with grype";
        }

        public String getDefaultRepName() {
            return GrypeScannerStep.REP_NAME_DEFAULT;
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }
    }

    @DataBoundConstructor
    public GrypeScannerStep(String str, String str2, Boolean bool) {
        this.scanDest = str;
        this.repName = str2;
        this.autoInstall = bool.booleanValue();
    }

    public void perform(Run<?, ?> run, FilePath filePath, EnvVars envVars, Launcher launcher, TaskListener taskListener) throws InterruptedException, IOException {
        String str;
        if (!launcher.isUnix()) {
            taskListener.fatalError("The grypescanner requires a unix system, see https://github.com/anchore/grype for system requirements");
            run.setResult(Result.FAILURE);
            return;
        }
        if (!this.autoInstall) {
            int join = launcher.launch().cmds(new String[]{"which", "grype"}).envs(envVars).stdout(taskListener).stderr(taskListener.getLogger()).join();
            taskListener.getLogger().println("return value: " + join);
            if (join != 0) {
                taskListener.fatalError("Can't find 'grype' in PATH! Please, ensure that 'grype' is available in PATH or activate the 'Download and install grype automatically' setting!");
                run.setResult(Result.FAILURE);
                return;
            }
        }
        String replaceMacro = Util.replaceMacro(this.scanDest, run.getEnvironment(taskListener));
        String replaceMacro2 = Util.replaceMacro(this.repName, run.getEnvironment(taskListener));
        FilePath child = filePath.child("grypeTmpDir");
        child.mkdirs();
        FilePath child2 = child.child("default.tmpl");
        child2.copyFrom(getClass().getResource("default.tmpl"));
        taskListener.getLogger().println("Running grype scan: ");
        FilePath child3 = filePath.child(replaceMacro2);
        if (this.autoInstall) {
            envVars.put("GRYPE_DB_CACHE_DIR", child.toURI().getPath());
            FilePath child4 = child.child("install.sh");
            child4.copyFrom(new URL("https://raw.githubusercontent.com/anchore/grype/main/install.sh"));
            taskListener.getLogger().println("Installing grype...");
            int join2 = launcher.launch().cmds(new String[]{"sh", child4.toURI().getPath(), "-b", child.toURI().getPath()}).envs(envVars).stdout(taskListener).stderr(taskListener.getLogger()).pwd(filePath).join();
            if (join2 != 0) {
                taskListener.fatalError("Grype installation failed! Return code: " + join2);
                run.setResult(Result.FAILURE);
                return;
            }
            str = child.child("grype").toURI().getPath();
        } else {
            str = "grype";
        }
        taskListener.getLogger().println("return value: " + launcher.launch().cmds(new String[]{str, replaceMacro, "-o", "template", "-t", child2.toURI().getPath(), "--file", child3.toURI().getPath()}).envs(envVars).stdout(taskListener).stderr(taskListener.getLogger()).pwd(filePath).join());
        new ArtifactArchiver(replaceMacro2).perform(run, filePath, envVars, launcher, taskListener);
    }

    public String getScanDest() {
        return this.scanDest;
    }

    public void setScanDest(String str) {
        this.scanDest = str;
    }

    public String getRepName() {
        return this.repName;
    }

    public void setRepName(String str) {
        this.repName = str;
    }

    public boolean isAutoInstall() {
        return this.autoInstall;
    }

    public void setAutoInstall(boolean z) {
        this.autoInstall = z;
    }
}
