package io.jenkins.plugins.zscaler;

import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.google.common.annotations.VisibleForTesting;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.AbortException;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.ProxyConfiguration;
import hudson.model.AbstractProject;
import hudson.model.Computer;
import hudson.model.Node;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.remoting.VirtualChannel;
import hudson.tasks.BuildWrapperDescriptor;
import hudson.util.LogTaskListener;
import io.jenkins.plugins.zscaler.models.BuildDetails;
import io.jenkins.plugins.zscaler.models.SCMConstants;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildWrapper;
import org.apache.commons.io.IOUtils;
import org.jenkinsci.plugins.workflow.multibranch.BranchJobProperty;
import org.json.JSONArray;
import org.json.JSONObject;
import org.json.XML;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;

/* loaded from: input_file:WEB-INF/lib/zscaler-iac-scan.jar:io/jenkins/plugins/zscaler/ZscalerScan.class */
public class ZscalerScan extends SimpleBuildWrapper {
    private static final Logger LOGGER = Logger.getLogger(ZscalerScan.class.getName());
    private Boolean failBuild;
    private String logLevel;
    private String filePath;
    private String dirPath;

    @Extension
    /* loaded from: input_file:WEB-INF/lib/zscaler-iac-scan.jar:io/jenkins/plugins/zscaler/ZscalerScan$DescriptorImpl.class */
    public static class DescriptorImpl extends BuildWrapperDescriptor {
        @NonNull
        public String getDisplayName() {
            return "Zscaler IaC scan";
        }

        public boolean isApplicable(AbstractProject<?, ?> abstractProject) {
            return true;
        }
    }

    @DataBoundConstructor
    public ZscalerScan(Boolean bool) {
        this.failBuild = bool;
    }

    public void setUp(SimpleBuildWrapper.Context context, Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener, EnvVars envVars) throws IOException, InterruptedException {
        Node node;
        try {
            BuildDetails buildDetails = getBuildDetails(run, taskListener);
            run.addAction(new Report(run));
            if (filePath != null) {
                FilePath filePath2 = null;
                VirtualChannel channel = launcher.getChannel();
                if (channel != null) {
                    Computer currentComputer = Computer.currentComputer();
                    if (currentComputer != null && (node = currentComputer.getNode()) != null) {
                        filePath2 = node.getRootPath();
                    }
                    if (filePath2 == null) {
                        filePath2 = filePath;
                    }
                    taskListener.getLogger().println("Zscaler IaC binary location set to - " + filePath2.toURI().getPath());
                    ProxyConfiguration proxyConfiguration = Jenkins.get().proxy;
                    channel.call(new ScannerSetupTask(taskListener, Configuration.get(), proxyConfiguration, filePath2.toURI().getPath(), resolveCredentials()));
                    String str = (String) channel.call(new RunScanTask(taskListener, filePath, Configuration.get(), filePath2.toURI().getPath(), proxyConfiguration, buildDetails, this.filePath, this.dirPath));
                    postResultsToWorkspace(str, run.getParent().getBuildDir().getAbsolutePath(), run.getNumber());
                    validateAndFailBuild(str, taskListener);
                }
            }
        } catch (Exception e) {
            taskListener.getLogger().println(e.getMessage());
            throw e;
        }
    }

    @VisibleForTesting
    BuildDetails getBuildDetails(Run run, TaskListener taskListener) throws IOException, InterruptedException {
        JSONObject optJSONObject;
        JSONObject optJSONObject2;
        EnvVars environment = run.getEnvironment(new LogTaskListener(Logger.getLogger(getClass().getName()), Level.INFO));
        BuildDetails buildDetails = new BuildDetails();
        buildDetails.setBuildNumber(String.valueOf(run.getNumber()));
        buildDetails.setBuildTriggeredBy((String) environment.get("USER"));
        buildDetails.addEventDetails("build_url", (String) environment.get("BUILD_URL"));
        buildDetails.addEventDetails("action", run.getDisplayName());
        try {
            String configXml = getConfigXml(run);
            if (configXml != null) {
                SCMDetails.populateSCMDetails(environment, buildDetails);
                JSONObject jSONObject = XML.toJSONObject(configXml);
                if (buildDetails.getCommitSha() == null) {
                    for (BranchJobProperty branchJobProperty : run.getParent().getAllProperties()) {
                        if (branchJobProperty.getBranch().getName().equals(environment.get(SCMConstants.BranchName))) {
                            buildDetails.setCommitSha(branchJobProperty.getBranch().getSourceId());
                        }
                    }
                    SCMDetails.populateSCMDetails(environment, buildDetails, jSONObject);
                }
                JSONObject optJSONObject3 = jSONObject.optJSONObject("project");
                if (optJSONObject3 != null && (optJSONObject = optJSONObject3.optJSONObject("buildWrappers")) != null && (optJSONObject2 = optJSONObject.optJSONObject("io.jenkins.plugins.zscaler.ZscalerScan")) != null) {
                    String optString = optJSONObject2.optString("failBuild");
                    if (optString != null) {
                        buildDetails.addAdditionalDetails("fail_build", optString);
                    }
                    String optString2 = optJSONObject2.optString("logLevel");
                    if (optString2 != null) {
                        buildDetails.addAdditionalDetails("log_level", optString2);
                    }
                }
                if (getLogLevel() != null) {
                    buildDetails.addAdditionalDetails("log_level", getLogLevel());
                }
            } else {
                taskListener.getLogger().format("Config xml for the job %s not found.", run.getParent().getName());
            }
        } catch (Exception e) {
            taskListener.getLogger().println("Failed to populate config information due to - " + e.getMessage());
        }
        return buildDetails;
    }

    private StandardUsernamePasswordCredentials resolveCredentials() throws AbortException {
        Optional<StandardUsernamePasswordCredentials> resolveUserNamePassword = Configuration.resolveUserNamePassword(Configuration.get().getCredentialsId());
        if (resolveUserNamePassword.isPresent()) {
            return resolveUserNamePassword.get();
        }
        throw new AbortException("Invalid credentials to connect to Zscaler");
    }

    @VisibleForTesting
    void postResultsToWorkspace(String str, String str2, int i) throws IOException {
        Path path = Paths.get(str2, String.valueOf(i), "iac-scan-results", i + ".json");
        Path parent = path.getParent();
        if (parent != null) {
            Files.createDirectories(parent, new FileAttribute[0]);
        }
        Files.write(path, str.getBytes(StandardCharsets.UTF_8), new OpenOption[0]);
    }

    @VisibleForTesting
    void validateAndFailBuild(String str, TaskListener taskListener) throws IOException {
        taskListener.getLogger().println(str);
        LOGGER.log(Level.INFO, "Results::" + str);
        if (!isFailBuild().booleanValue()) {
            taskListener.getLogger().println("Zscaler IaC scan found violations");
            return;
        }
        try {
            JSONObject jSONObject = new JSONObject(str);
            if (jSONObject.keySet().contains("no_resources_message")) {
                return;
            }
            JSONArray optJSONArray = jSONObject.optJSONArray("failed_policies");
            if (optJSONArray == null || optJSONArray.length() <= 0) {
            } else {
                throw new AbortException("Zscaler IaC scan found violations, they need to be fixed");
            }
        } catch (Exception e) {
            throw new AbortException("Zscaler IaC scan failed");
        }
    }

    private String getConfigXml(Run run) {
        File[] listFiles = run.getParent().getRootDir().listFiles();
        if (listFiles == null) {
            return null;
        }
        for (File file : listFiles) {
            if (file.getName().equals("config.xml")) {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    Throwable th = null;
                    try {
                        try {
                            String iOUtils = IOUtils.toString(fileInputStream, Charset.defaultCharset());
                            if (fileInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        fileInputStream.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    fileInputStream.close();
                                }
                            }
                            return iOUtils;
                        } catch (Throwable th3) {
                            th = th3;
                            throw th3;
                            break;
                        }
                    } finally {
                    }
                } catch (IOException e) {
                    LOGGER.log(Level.SEVERE, String.format("Failed to read file - %s/%s ", file.getAbsolutePath(), file.getName()));
                }
            }
        }
        return null;
    }

    public Boolean isFailBuild() {
        if (this.failBuild == null) {
            this.failBuild = true;
        }
        return this.failBuild;
    }

    @DataBoundSetter
    public void setFailBuild(Boolean bool) {
        this.failBuild = bool;
    }

    public String getLogLevel() {
        return this.logLevel;
    }

    @DataBoundSetter
    public void setLogLevel(String str) {
        this.logLevel = str;
    }

    @DataBoundSetter
    public void setFilePath(String str) {
        this.filePath = str;
    }

    @DataBoundSetter
    public void setDirPath(String str) {
        this.dirPath = str;
    }

    public String getFilePath() {
        return this.filePath;
    }

    public String getDirPath() {
        return this.dirPath;
    }
}
