package org.jenkinsci.plugins.aquadockerscannerbuildstep;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.AbortException;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.Util;
import hudson.model.AbstractProject;
import hudson.model.Descriptor;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.tasks.ArtifactArchiver;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import hudson.util.Secret;
import java.io.IOException;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.CheckForNull;
import javax.servlet.ServletException;
import jenkins.tasks.SimpleBuildStep;
import net.sf.json.JSONException;
import net.sf.json.JSONObject;
import org.codehaus.plexus.util.xml.pull.XmlPullParser;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.StaplerRequest;

/* loaded from: input_file:WEB-INF/lib/aqua-security-scanner.jar:org/jenkinsci/plugins/aquadockerscannerbuildstep/AquaDockerScannerBuilder.class */
public class AquaDockerScannerBuilder extends Builder implements SimpleBuildStep {
    public static final int OK_CODE = 0;
    public static final int DISALLOWED_CODE = 4;
    private final String locationType;
    private final String registry;
    private final boolean register;
    private final String localImage;
    private final String hostedImage;
    private final String onDisallowed;
    private final String notCompliesCmd;
    private final boolean hideBase;
    private final boolean showNegligible;
    private final String policies;
    private final String customFlags;

    @CheckForNull
    private String containerRuntime;

    @CheckForNull
    private String scannerPath;

    @CheckForNull
    private String tarFilePath;

    @CheckForNull
    private String localToken;
    private Secret localTokenSecret;

    @Extension
    @Symbol({"aqua"})
    /* loaded from: input_file:WEB-INF/lib/aqua-security-scanner.jar:org/jenkinsci/plugins/aquadockerscannerbuildstep/AquaDockerScannerBuilder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        private String aquaScannerImage;
        private Secret apiURL;
        private String authval;
        private Secret user;
        private Secret password;
        private Secret token;
        private int timeout;
        private String runOptions;
        private boolean caCertificates;

        public DescriptorImpl() {
            load();
        }

        public FormValidation doCheckTimeout(@QueryParameter String str) throws IOException, ServletException {
            try {
                Integer.parseInt(str);
                return FormValidation.ok();
            } catch (NumberFormatException e) {
                return FormValidation.error("Must be a number");
            }
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        public String getDisplayName() {
            return "Aqua Security";
        }

        public boolean configure(StaplerRequest staplerRequest, JSONObject jSONObject) throws Descriptor.FormException {
            this.aquaScannerImage = jSONObject.getString("aquaScannerImage");
            this.apiURL = Secret.fromString(jSONObject.getString("apiURL"));
            JSONObject jSONObject2 = jSONObject.getJSONObject("auth");
            this.authval = jSONObject2.getString("value");
            try {
                if (this.authval.equals("token")) {
                    this.token = Secret.fromString(jSONObject2.getString("token"));
                    this.user = Secret.fromString(XmlPullParser.NO_NAMESPACE);
                    this.password = Secret.fromString(XmlPullParser.NO_NAMESPACE);
                } else {
                    this.user = Secret.fromString(jSONObject2.getString("user"));
                    this.password = Secret.fromString(jSONObject2.getString("password"));
                    this.token = Secret.fromString(XmlPullParser.NO_NAMESPACE);
                }
                try {
                    this.timeout = jSONObject.getInt("timeout");
                    this.runOptions = jSONObject.getString("runOptions");
                    this.caCertificates = jSONObject.getBoolean("caCertificates");
                    save();
                    return super.configure(staplerRequest, jSONObject);
                } catch (JSONException e) {
                    throw new Descriptor.FormException("Timeout value must be a number.", "timeout");
                }
            } catch (JSONException e2) {
                throw new Descriptor.FormException("Either Username/PWD or token must be set. Error is " + e2.getMessage(), "auth");
            }
        }

        public String getAquaScannerImage() {
            return this.aquaScannerImage;
        }

        public String getApiURL() {
            return Secret.toString(this.apiURL);
        }

        public String getAuthVal() {
            return this.authval;
        }

        public String getUser() {
            return Secret.toString(this.user);
        }

        public Secret getPassword() {
            return this.password;
        }

        public Secret getToken() {
            return this.token;
        }

        public int getTimeout() {
            return this.timeout;
        }

        public String getRunOptions() {
            return this.runOptions;
        }

        public String isAuthType(String str) {
            Logger.getLogger(XmlPullParser.NO_NAMESPACE).log(Level.INFO, "Checking auth type:" + str);
            Logger.getLogger(XmlPullParser.NO_NAMESPACE).log(Level.INFO, "Saved auth type:" + getAuthVal());
            return getAuthVal() == null ? "uname".equals(str) ? "true" : "false" : getAuthVal().equals(str) ? "true" : "false";
        }

        public boolean getCaCertificates() {
            return this.caCertificates;
        }
    }

    @DataBoundConstructor
    public AquaDockerScannerBuilder(String str, String str2, boolean z, String str3, String str4, String str5, String str6, boolean z2, boolean z3, String str7, String str8, String str9, String str10, String str11, String str12) {
        this.locationType = str;
        this.registry = str2;
        this.register = z;
        this.localImage = str3;
        this.hostedImage = str4;
        this.onDisallowed = str5;
        this.notCompliesCmd = str6;
        this.hideBase = z2;
        this.showNegligible = z3;
        this.policies = str7;
        this.localToken = str8;
        this.customFlags = str9;
        this.tarFilePath = str10;
        this.containerRuntime = str11;
        this.scannerPath = str12;
        this.localTokenSecret = Secret.fromString(str8);
    }

    public String getLocationType() {
        return this.locationType;
    }

    @CheckForNull
    public String getContainerRuntime() {
        return this.containerRuntime;
    }

    @CheckForNull
    public String getScannerPath() {
        return this.scannerPath;
    }

    public String getRegistry() {
        return this.registry;
    }

    public boolean getRegister() {
        return this.register;
    }

    public String getLocalImage() {
        return this.localImage;
    }

    public String getHostedImage() {
        return this.hostedImage;
    }

    public String getOnDisallowed() {
        return this.onDisallowed;
    }

    public String getNotCompliesCmd() {
        return this.notCompliesCmd;
    }

    public String getPolicies() {
        return this.policies;
    }

    @CheckForNull
    public String getLocalToken() {
        return this.localToken;
    }

    public String getCustomFlags() {
        return this.customFlags;
    }

    public boolean getHideBase() {
        return this.hideBase;
    }

    public boolean getShowNegligible() {
        return this.showNegligible;
    }

    @CheckForNull
    public String getTarFilePath() {
        return this.tarFilePath;
    }

    public String isLocationType(String str) {
        return this.locationType == null ? "local".equals(str) ? "true" : "false" : this.locationType.equals(str) ? "true" : "false";
    }

    public String isOnDisallowed(String str) {
        return this.onDisallowed == null ? "ignore".equals(str) ? "true" : "false" : this.onDisallowed.equals(str) ? "true" : "false";
    }

    @DataBoundSetter
    public void setContainerRuntime(@CheckForNull String str) {
        this.containerRuntime = (String) Util.fixNull(str, "docker");
    }

    @DataBoundSetter
    public void setScannerPath(@CheckForNull String str) {
        this.scannerPath = Util.fixNull(str);
    }

    @DataBoundSetter
    public void setTarFilePath(@CheckForNull String str) {
        this.tarFilePath = Util.fixNull(str);
    }

    @DataBoundSetter
    public void setLocalToken(@CheckForNull String str) {
        this.localToken = Util.fixNull(str);
    }

    public void perform(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener) throws AbortException, InterruptedException {
        String str;
        String aquaScannerImage = m36getDescriptor().getAquaScannerImage();
        String apiURL = m36getDescriptor().getApiURL();
        String user = m36getDescriptor().getUser();
        Secret password = m36getDescriptor().getPassword();
        Secret token = m36getDescriptor().getToken();
        if (XmlPullParser.NO_NAMESPACE.equals(user) && Secret.toString(password).equals(XmlPullParser.NO_NAMESPACE) && Secret.toString(token).equals(XmlPullParser.NO_NAMESPACE) && Secret.toString(this.localTokenSecret).equals(XmlPullParser.NO_NAMESPACE)) {
            throw new AbortException("Either Username/Password or Token should be provided in Global Settings, or valid token provided with in Token field in the build configuration");
        }
        int timeout = m36getDescriptor().getTimeout();
        String runOptions = m36getDescriptor().getRunOptions();
        boolean caCertificates = m36getDescriptor().getCaCertificates();
        boolean z = user == null || user.trim().equals(XmlPullParser.NO_NAMESPACE) || password == null || Secret.toString(password).trim().equals(XmlPullParser.NO_NAMESPACE);
        boolean z2 = token == null || Secret.toString(token).trim().equals(XmlPullParser.NO_NAMESPACE);
        if (apiURL == null || apiURL.trim().equals(XmlPullParser.NO_NAMESPACE) || (z && z2)) {
            throw new AbortException("Missing configuration. Please set the global configuration parameters in The \"Aqua Security\" section under  \"Manage Jenkins/Configure System\", before continuing.\n");
        }
        if (apiURL.indexOf("://") == -1) {
            apiURL = "https://" + apiURL;
        }
        String replaceAll = UUID.randomUUID().toString().replaceAll("-", XmlPullParser.NO_NAMESPACE);
        String str2 = "scanout-" + replaceAll + ".html";
        String str3 = this.locationType;
        boolean z3 = -1;
        switch (str3.hashCode()) {
            case -1211484089:
                if (str3.equals("hosted")) {
                    z3 = false;
                    break;
                }
                break;
            case -989376862:
                if (str3.equals("dockerarchive")) {
                    z3 = 2;
                    break;
                }
                break;
            case 103145323:
                if (str3.equals("local")) {
                    z3 = true;
                    break;
                }
                break;
        }
        switch (z3) {
            case false:
                str = this.hostedImage;
                break;
            case true:
                str = this.localImage;
                break;
            case true:
                Path fileName = Paths.get(this.tarFilePath, new String[0]).getFileName();
                if (fileName != null) {
                    str = fileName.toString().split("\\.")[0];
                    break;
                } else {
                    throw new AbortException("can not extract the file name \n");
                }
            default:
                str = XmlPullParser.NO_NAMESPACE;
                break;
        }
        int execute = ScannerExecuter.execute(run, filePath, launcher, taskListener, str2, aquaScannerImage, apiURL, user, password, token, timeout, runOptions, this.locationType, this.localImage, this.registry, this.register, this.hostedImage, this.hideBase, this.showNegligible, this.onDisallowed == null || !this.onDisallowed.equals("fail"), this.notCompliesCmd, caCertificates, this.policies, this.localTokenSecret, this.customFlags, this.tarFilePath, this.containerRuntime, this.scannerPath);
        run.addAction(new AquaScannerAction(run, replaceAll, str2, str));
        archiveArtifacts(run, filePath, launcher, taskListener);
        taskListener.getLogger().println("exitCode: " + execute);
        switch (execute) {
            case 0:
                taskListener.getLogger().println("Scanning success.");
                return;
            case 4:
                throw new AbortException("Scanning failed.");
            default:
                throw new AbortException("Scanning failed.");
        }
    }

    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    private void archiveArtifacts(Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener) throws InterruptedException {
        try {
            new ArtifactArchiver("scanout*").perform(run, filePath, launcher, taskListener);
            try {
                new ArtifactArchiver("styles.css").perform(run, filePath, launcher, taskListener);
            } catch (Exception e) {
                throw new InterruptedException("Failed to setup build results due to an unexpected error. Please refer to above logs for more information");
            }
        } catch (Exception e2) {
            throw new InterruptedException("Failed to setup build results due to an unexpected error. Please refer to above logs for more information");
        }
    }

    /* renamed from: getDescriptor, reason: merged with bridge method [inline-methods] */
    public DescriptorImpl m36getDescriptor() {
        return super.getDescriptor();
    }
}
