package org.whitesource.fs.scanOrigins.artifactory;

import com.amazonaws.util.IOUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.jfrog.artifactory.client.Artifactory;
import org.jfrog.artifactory.client.RepositoryHandle;
import org.jfrog.artifactory.client.model.Item;
import org.jfrog.artifactory.client.model.LightweightRepository;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.whitesource.agent.api.model.AgentProjectInfo;
import org.whitesource.agent.api.model.Coordinates;
import org.whitesource.agent.api.model.DependencyInfo;
import org.whitesource.agent.dependency.resolver.docker.DockerImageSystemPackagesManager;
import org.whitesource.agent.dependency.resolver.docker.datatypes.DockerImage;
import org.whitesource.agent.utils.docker.DockerUtils;
import org.whitesource.config.FSAConfigurationManager;
import org.whitesource.config.scan.config.AgentConfiguration;
import org.whitesource.config.utils.ConfigPropertyKeys;
import org.whitesource.statistics.CompletionStatus;
import org.whitesource.statistics.Statistics;
import org.whitesource.statistics.StatisticsTypes.Docker.DockerEntityStatistics;
import org.whitesource.statistics.StatisticsTypes.Docker.DockerResolverStatistics;
import org.whitesource.utils.Constants;
import org.whitesource.utils.OsUtils;
import org.whitesource.utils.Prints.PrintUtils;
import org.whitesource.utils.WssStringUtils;
import org.whitesource.utils.archive.ArchiveExtractor;
import org.whitesource.utils.files.FilesUtils;
import org.whitesource.utils.files.TempFolders;
import org.whitesource.utils.files.patterns.PathMatcherUtils;
import org.whitesource.utils.logger.LoggerFactory;
import org.whitesource.utils.resolverUtils.artifactory.ArtifactoryUtils;

/* loaded from: input_file:org/whitesource/fs/scanOrigins/artifactory/ArtifactoryDockerRepositoryScanner.class */
public class ArtifactoryDockerRepositoryScanner {
    private Artifactory artifactoryClient;
    private FSAConfigurationManager config;
    private ArchiveExtractor archiveExtractor;
    private boolean enableDockerLayersView;
    private Collection<Statistics> dockerEntityStatistics;
    private List<String> artifactoryIncludesRegex;
    private List<String> artifactoryExcludesRegex;
    private static final Logger logger = LoggerFactory.getLogger(ArtifactoryDockerRepositoryScanner.class);
    private static String VIRTUAL = "virtual";
    private String artifactoryTempFolderDir = new FilesUtils().createTmpFolder(false, TempFolders.UNIQUE_ARTIFACTORY_DOCKER_TEMP_FOLDER);
    private Map<String, String> manifestFiles = new HashMap();

    /* loaded from: input_file:org/whitesource/fs/scanOrigins/artifactory/ArtifactoryDockerRepositoryScanner$LayerInfo.class */
    public static class LayerInfo {
        String size;
        String digest;
        String mediaType;

        public String getDigest() {
            return this.digest;
        }

        public void setDigest(String str) {
            this.digest = str;
        }

        public String getSize() {
            return this.size;
        }

        public void setSize(String str) {
            this.size = str;
        }

        public String getMediaType() {
            return this.mediaType;
        }

        public void setMediaType(String str) {
            this.mediaType = str;
        }
    }

    public ArtifactoryDockerRepositoryScanner(FSAConfigurationManager fSAConfigurationManager, Artifactory artifactory) {
        this.config = fSAConfigurationManager;
        this.artifactoryClient = artifactory;
        AgentConfiguration agent = fSAConfigurationManager.getAgent();
        this.artifactoryIncludesRegex = agent.getArtifactoryIncludes();
        this.artifactoryExcludesRegex = agent.getArtifactoryExcludes();
        this.enableDockerLayersView = fSAConfigurationManager.getPropertyAsBoolean(ConfigPropertyKeys.DOCKER_LAYERS);
        this.archiveExtractor = new ArchiveExtractor(agent.getArchiveIncludes(), agent.getArchiveExcludes(), agent.getIncludes());
    }

    public Collection<AgentProjectInfo> scanArtifactoryDockerRepository(LightweightRepository lightweightRepository) {
        DockerResolverStatistics dockerResolverStatistics = new DockerResolverStatistics("Scan Docker Repository '" + lightweightRepository.getKey() + Constants.APOSTROPHE, false, true);
        dockerResolverStatistics.startStatisticLog();
        this.dockerEntityStatistics = new LinkedList();
        logger.info("Scan artifactory docker repository '{}'", lightweightRepository.getKey());
        LinkedList linkedList = new LinkedList();
        try {
            RepositoryHandle repository = this.artifactoryClient.repository(lightweightRepository.getKey());
            boolean equals = repository.get().getRclass().toString().equals(VIRTUAL);
            Collection<RepositoryHandle> virtualRepositoryIncludedLocalRepositories = equals ? ArtifactoryUtils.getVirtualRepositoryIncludedLocalRepositories(this.artifactoryClient, lightweightRepository) : null;
            List<String> dockerImagesToScan = getDockerImagesToScan(lightweightRepository, repository.folder("/").info());
            File file = new File(this.artifactoryTempFolderDir + OsUtils.SYS_FILE_SEPARATOR + lightweightRepository.getKey());
            for (String str : dockerImagesToScan) {
                String str2 = this.artifactoryTempFolderDir + OsUtils.SYS_FILE_SEPARATOR + str;
                String str3 = str2 + ".tar";
                String str4 = str;
                if (equals) {
                    str4 = getImageLocalRepositoryPath(repository, virtualRepositoryIncludedLocalRepositories, str);
                    if (str4 == null) {
                        logger.debug("Failed to find docker image '{}' local repository, Seems that this image exist in Remote repository which is not supported", str);
                    }
                }
                if (!downloadArtifactoryDockerImageIntoTar(str4, str3)) {
                    logger.warn("Failed to download artifactory docker image '{}'", str);
                } else if (this.archiveExtractor.unTar(str2, str3)) {
                    AgentProjectInfo scanArtifactoryDockerImage = scanArtifactoryDockerImage(str2, str);
                    if (scanArtifactoryDockerImage != null) {
                        linkedList.add(scanArtifactoryDockerImage);
                    } else {
                        logger.warn("Failed to scan repository '{}' docker image '{}'", lightweightRepository.getKey(), str);
                    }
                    FileUtils.cleanDirectory(file);
                } else {
                    logger.warn("Failed to extract artifactory docker image '{}' archive file", str);
                }
            }
        } catch (Exception e) {
            logger.warn("Error while scanning artifactory docker repository '{}', Error: {}", lightweightRepository.getKey(), e.getMessage());
            logger.debug(Constants.GO_ERROR, (Throwable) e);
        }
        dockerResolverStatistics.setSubStatistics(this.dockerEntityStatistics);
        dockerResolverStatistics.setElapsedTime(PrintUtils.calculateStatisticsTime(dockerResolverStatistics));
        dockerResolverStatistics.endStatisticLog(CompletionStatus.COMPLETED);
        return linkedList;
    }

    private String getImageLocalRepositoryPath(RepositoryHandle repositoryHandle, Collection<RepositoryHandle> collection, String str) {
        String str2 = this.manifestFiles.get(str);
        for (RepositoryHandle repositoryHandle2 : collection) {
            try {
                org.jfrog.artifactory.client.model.File file = (org.jfrog.artifactory.client.model.File) repositoryHandle2.file(str2).info();
                org.jfrog.artifactory.client.model.File file2 = (org.jfrog.artifactory.client.model.File) repositoryHandle.file(str2).info();
                if (file == null) {
                    continue;
                } else {
                    String sha256 = file.getChecksums() != null ? file.getChecksums().getSha256() : null;
                    String sha2562 = file2.getChecksums() != null ? file.getChecksums().getSha256() : null;
                    if (sha256 != null && sha256.equals(sha2562)) {
                        logger.debug("Artifactory docker image '{}' with digest '{}' - local repository: '{}'", str, sha2562, repositoryHandle2.get().getKey());
                        return str.replace(repositoryHandle.get().getKey(), repositoryHandle2.get().getKey());
                    }
                }
            } catch (Exception e) {
            }
        }
        return null;
    }

    private List<String> getDockerImagesToScan(LightweightRepository lightweightRepository, Item item) {
        LinkedList linkedList = new LinkedList();
        LinkedList<org.jfrog.artifactory.client.model.File> linkedList2 = new LinkedList();
        ArtifactoryUtils.getArtifactoryFilesFromRepo(this.artifactoryClient, item, linkedList2, "/", lightweightRepository.getKey(), Collections.singletonList(PathMatcherUtils.getPathMatcher(PathMatcherUtils.convertAntToPattern("**/manifest.json", true))), new ArrayList());
        for (org.jfrog.artifactory.client.model.File file : linkedList2) {
            String str = file.getRepo() + file.getPath().replace("/manifest.json", "");
            this.manifestFiles.put(str, file.getPath());
            linkedList.add(str);
        }
        return WssStringUtils.getMatchingList(linkedList, this.artifactoryIncludesRegex, this.artifactoryExcludesRegex);
    }

    private AgentProjectInfo scanArtifactoryDockerImage(String str, String str2) {
        try {
            AgentProjectInfo agentProjectInfo = new AgentProjectInfo();
            DockerImageSystemPackagesManager dockerImageSystemPackagesManager = new DockerImageSystemPackagesManager(false);
            if (StringUtils.countMatches(str2, "/") < 2) {
                logger.warn("Artifactory docker image manifest file path isn't legal '{}' since the path doesnt have repository key, image name or tag, skipping this manifest file", str2);
                return agentProjectInfo;
            }
            String str3 = str + OsUtils.SYS_FILE_SEPARATOR + Constants.MANIFEST_JSON;
            String str4 = new String(Files.readAllBytes(Paths.get(str3, new String[0])), StandardCharsets.UTF_8);
            DockerImage dockerImageEntity = getDockerImageEntity(str2, str4);
            DockerEntityStatistics statistics = dockerImageEntity.getStatistics();
            statistics.startStatisticLog();
            int i = 1;
            Iterator<String> it = getLayersFilesArray(str3, str4).iterator();
            while (it.hasNext()) {
                String extractDockerImageArchiveFile = extractDockerImageArchiveFile(str, i, it.next());
                if (extractDockerImageArchiveFile != null) {
                    int i2 = i;
                    i++;
                    dockerImageSystemPackagesManager.scanDockerEntitySystemPackages(dockerImageEntity, new File(extractDockerImageArchiveFile), i2);
                }
            }
            Collection<DependencyInfo> systemPackages = dockerImageSystemPackagesManager.getSystemPackages(0);
            agentProjectInfo.getDependencies().addAll(systemPackages);
            logger.info("Found {} system packages in image '{}'", Integer.valueOf(agentProjectInfo.getDependencies().size()), str2);
            setDockerEntityStatisticsInfo(dockerImageEntity, str2);
            DockerUtils.calculateSystemPackagesStatistics(systemPackages, dockerImageEntity);
            agentProjectInfo.setCoordinates(new Coordinates(null, dockerImageEntity.getImageName(), dockerImageEntity.getTag()));
            statistics.getStopWatch().reset();
            agentProjectInfo.getDependencies().addAll(DockerUtils.resolveDockerEntityDependencies(this.config, new File(str), statistics));
            return agentProjectInfo;
        } catch (Exception e) {
            logger.warn("Error while scanning artifactory docker image '{}', Error: {}", str2, e.getMessage());
            logger.debug(Constants.GO_ERROR, (Throwable) e);
            return null;
        }
    }

    private void setDockerEntityStatisticsInfo(DockerImage dockerImage, String str) {
        DockerEntityStatistics statistics = dockerImage.getStatistics();
        String str2 = dockerImage.getImageName() + ":" + dockerImage.getTag() + ":" + dockerImage.getId();
        statistics.setStepName(str);
        statistics.setCoordinates(str2);
        statistics.setSubStatistics(dockerImage.getSubStatistics());
        statistics.endStatisticLog(CompletionStatus.COMPLETED);
        this.dockerEntityStatistics.add(statistics);
    }

    private String extractDockerImageArchiveFile(String str, int i, String str2) {
        String str3 = str + OsUtils.SYS_FILE_SEPARATOR + str2;
        String str4 = str3 + "_extract1";
        String str5 = str3 + "_extract2";
        if (!this.archiveExtractor.gunzipIt(str3, str4)) {
            logger.warn("Skip scanning layer #{}. Failed to Extract '{}'", Integer.valueOf(i), str3);
            return null;
        }
        if (this.archiveExtractor.unTar(str5, str4)) {
            return str5;
        }
        logger.warn("Skip scanning layer #{}. Failed to Extract '{}'", Integer.valueOf(i), str3);
        return null;
    }

    private DockerImage getDockerImageEntity(String str, String str2) {
        String imageManifestSha256 = getImageManifestSha256(str2);
        int lastIndexOf = str.lastIndexOf("/");
        return new DockerImage(str.substring(str.lastIndexOf("/", lastIndexOf - 1) + 1, lastIndexOf), str.substring(lastIndexOf + 1), imageManifestSha256);
    }

    /* JADX WARN: Failed to calculate best type for var: r10v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 10, insn: 0x00f2: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r10 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:61:0x00f2 */
    /* JADX WARN: Not initialized variable reg: 9, insn: 0x00ed: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r9 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:59:0x00ed */
    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r9v0, types: [java.io.InputStream] */
    private boolean downloadArtifactoryDockerImageIntoTar(String str, String str2) {
        ?? r9;
        ?? r10;
        try {
            File file = new File(str2);
            if (!file.getParentFile().mkdirs() || !file.createNewFile()) {
                logger.warn("Failed to create artifactory '{}' file.", file.getAbsolutePath());
                return false;
            }
            try {
                try {
                    InputStream inputStream = this.artifactoryClient.getInputStream("/api/archive/download/" + str + "?archiveType=tar");
                    Throwable th = null;
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    Throwable th2 = null;
                    try {
                        try {
                            IOUtils.copy(inputStream, fileOutputStream);
                            if (fileOutputStream != null) {
                                if (0 != 0) {
                                    try {
                                        fileOutputStream.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    fileOutputStream.close();
                                }
                            }
                            if (inputStream != null) {
                                if (0 != 0) {
                                    try {
                                        inputStream.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    inputStream.close();
                                }
                            }
                            return true;
                        } finally {
                        }
                    } catch (Throwable th5) {
                        if (fileOutputStream != null) {
                            if (th2 != null) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th6) {
                                    th2.addSuppressed(th6);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        throw th5;
                    }
                } catch (Exception e) {
                    logger.error("Failed to download artifactory docker repository '{}', Error: '{}'", str, e.getMessage());
                    logger.debug(Constants.GO_ERROR, (Throwable) e);
                    return false;
                }
            } catch (Throwable th7) {
                if (r9 != 0) {
                    if (r10 != 0) {
                        try {
                            r9.close();
                        } catch (Throwable th8) {
                            r10.addSuppressed(th8);
                        }
                    } else {
                        r9.close();
                    }
                }
                throw th7;
            }
        } catch (Exception e2) {
            logger.error("Failed to download artifactory docker repository '{}', Error: '{}'", str, e2.getMessage());
            logger.debug(Constants.GO_ERROR, (Throwable) e2);
            return false;
        }
    }

    private String getImageManifestSha256(String str) {
        String str2 = (String) ((JSONObject) new JSONObject(str).get("config")).get(CMSAttributeTableGenerator.DIGEST);
        if (StringUtils.isNotBlank(str2)) {
            str2 = str2.replace("sha256:", "");
        }
        return str2;
    }

    private List<String> getLayersFilesArray(String str, String str2) {
        LinkedList linkedList = new LinkedList();
        try {
            for (LayerInfo layerInfo : (LayerInfo[]) new ObjectMapper().readValue(new JSONObject(str2).getJSONArray("layers").toString(), LayerInfo[].class)) {
                linkedList.add(layerInfo.getDigest().replace(":", "__"));
            }
        } catch (IOException e) {
            String str3 = "Error reading manifest file in image " + str;
            logger.warn(str3 + " {}", e.getMessage());
            logger.debug(str3 + " {}", (Throwable) e);
        }
        return linkedList;
    }
}
