package org.whitesource.agent.dependency.resolver.docker.remotedocker.amazon;

import com.amazonaws.AmazonClientException;
import com.amazonaws.services.ecr.AmazonECR;
import com.amazonaws.services.ecr.AmazonECRClientBuilder;
import com.amazonaws.services.ecr.model.AuthorizationData;
import com.amazonaws.services.ecr.model.BatchGetImageRequest;
import com.amazonaws.services.ecr.model.BatchGetImageResult;
import com.amazonaws.services.ecr.model.DescribeImagesRequest;
import com.amazonaws.services.ecr.model.DescribeImagesResult;
import com.amazonaws.services.ecr.model.DescribeRepositoriesRequest;
import com.amazonaws.services.ecr.model.DescribeRepositoriesResult;
import com.amazonaws.services.ecr.model.GetAuthorizationTokenRequest;
import com.amazonaws.services.ecr.model.Image;
import com.amazonaws.services.ecr.model.ImageDetail;
import com.amazonaws.services.ecr.model.ImageFailure;
import com.amazonaws.services.ecr.model.ImageIdentifier;
import com.amazonaws.services.ecr.model.InvalidParameterException;
import com.amazonaws.services.ecr.model.Repository;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker;
import org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDockerImage;
import org.whitesource.config.scan.config.RemoteDockerConfiguration;
import org.whitesource.utils.Constants;
import org.whitesource.utils.ContainerRegistryTypes;
import org.whitesource.utils.command.Command;
import org.whitesource.utils.command.CommandUtils;
import org.whitesource.utils.logger.LoggerFactory;

/* loaded from: input_file:org/whitesource/agent/dependency/resolver/docker/remotedocker/amazon/RemoteDockerAmazonECR.class */
public class RemoteDockerAmazonECR extends AbstractRemoteDocker {
    private static final String AWS = "aws";
    private static final String VERSION = "--version";
    private static final String AMAZON_ECR = "Amazon ECR";
    private static final String REGISTRY_REGEX = "\\/\\/(\\d+)\\.";
    private Map<String, String> imageToRepositoryUriMap;
    private Set<String> loggedInRegistries;
    private Set<String> invalidRegistries;
    private static final Logger logger = LoggerFactory.getLogger(RemoteDockerAmazonECR.class);
    private static final AmazonECR amazonClient = AmazonECRClientBuilder.standard().build();

    public RemoteDockerAmazonECR(RemoteDockerConfiguration remoteDockerConfiguration) {
        super(remoteDockerConfiguration);
        this.imageToRepositoryUriMap = new HashMap();
        this.loggedInRegistries = new HashSet();
        this.invalidRegistries = new HashSet();
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    public boolean isRegistryCliInstalled() {
        boolean execute = new Command(".", AWS, "--version").execute();
        if (!execute) {
            logger.warn("{}", "AWS CLI is not installed or its path is not configured correctly");
            this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, null, "AWS CLI is not installed or its path is not configured correctly"), logger, "error");
        }
        return execute;
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    protected boolean loginRemoteDocker() {
        return true;
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    protected void logoutRemoteDocker() {
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    public String getRemoteDockerName() {
        return AMAZON_ECR;
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    public boolean loginToRemoteRegistry() {
        boolean z = false;
        List<String> amazonRegistryIds = this.config.getAmazonRegistryIds();
        if (amazonRegistryIds.isEmpty()) {
            z = buildAWSAuthAndDockerLogin(new GetAuthorizationTokenRequest());
            if (this.loggedInRegistries.size() > 0) {
                logger.info("Login to default registry : {} - OK", this.loggedInRegistries.stream().findFirst().get());
            } else {
                z = false;
                logger.warn("Failed to login to default Amazon ECR registry");
            }
        } else {
            for (String str : amazonRegistryIds) {
                if (StringUtils.isNotBlank(str)) {
                    GetAuthorizationTokenRequest getAuthorizationTokenRequest = new GetAuthorizationTokenRequest();
                    getAuthorizationTokenRequest.withRegistryIds(str);
                    if (buildAWSAuthAndDockerLogin(getAuthorizationTokenRequest)) {
                        z = true;
                        this.loggedInRegistries.add(str);
                        logger.info("Login to registry : {} - OK", str);
                    } else {
                        this.invalidRegistries.add(str);
                        logger.info("Login to registry : {} - Failed", str);
                    }
                }
            }
            if (this.loggedInRegistries.isEmpty()) {
                logger.warn("Invalid Amazon ECR Registry Ids provided");
                this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, null, "Could not login to any amazon registry"), logger, "error");
            } else if (!this.invalidRegistries.isEmpty()) {
                StringBuilder sb = new StringBuilder();
                Iterator<String> it = this.invalidRegistries.iterator();
                while (it.hasNext()) {
                    sb.append(it.next());
                    sb.append("\r\n");
                }
                logger.warn("The following Amazon ECR Registry Ids are invalid and were not processed: \r\n{}", sb);
            }
        }
        return z;
    }

    private boolean buildAWSAuthAndDockerLogin(GetAuthorizationTokenRequest getAuthorizationTokenRequest) {
        boolean z = false;
        String str = null;
        try {
            Iterator<AuthorizationData> it = amazonClient.getAuthorizationToken(getAuthorizationTokenRequest).getAuthorizationData().iterator();
            while (it.hasNext()) {
                AuthorizationData next = it.next();
                try {
                    String[] split = new String(Base64.getDecoder().decode(next.getAuthorizationToken())).split(":");
                    String linuxPrefixSudo = getLinuxPrefixSudo();
                    Command command = new Command(".", Constants.DOCKER, "login", "-u", split[0], "-p", split[1], next.getProxyEndpoint());
                    if (StringUtils.isNotBlank(linuxPrefixSudo)) {
                        command.getArgs().add(0, linuxPrefixSudo.trim());
                    }
                    CommandUtils.setCommandPrintableArgs(command, Collections.singletonList("-p"));
                    boolean execute = command.execute();
                    z = z || execute;
                    if (getAuthorizationTokenRequest.getRegistryIds() == null || getAuthorizationTokenRequest.getRegistryIds().isEmpty()) {
                        extractDefaultRegistryId(next.getProxyEndpoint(), execute);
                    }
                } finally {
                }
            }
        } catch (InvalidParameterException e) {
            str = "Failed to login to Amazon ECR registry";
            logger.error("Remote Exception occurred, {}, input data: {}", str, getAuthorizationTokenRequest.toString(), e);
        } catch (AmazonClientException e2) {
            str = "Failed to login to Amazon ECR registry";
            logger.error("Exception occurred, {}, input data: {}", str, getAuthorizationTokenRequest.toString(), e2);
        } catch (Exception e3) {
            str = "Failed to login to Amazon ECR registry";
            logger.error("Exception {} occurred, {}, input data: {}", e3.getClass().getName(), str, getAuthorizationTokenRequest.toString(), e3);
        }
        if (str != null) {
            this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, null, str), logger, "error");
        }
        return z;
    }

    private void extractDefaultRegistryId(String str, boolean z) {
        Matcher matcher = Pattern.compile(REGISTRY_REGEX).matcher(str);
        String group = matcher.find() ? matcher.group(1) : "";
        if (!StringUtils.isNotBlank(group)) {
            logger.warn("Amazon ECR default registry wasn't found");
        } else if (z) {
            this.loggedInRegistries.add(group);
        } else {
            this.invalidRegistries.add(group);
        }
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    public String getImageFullURL(AbstractRemoteDockerImage abstractRemoteDockerImage) {
        String str;
        String str2 = "";
        if (abstractRemoteDockerImage != null && (str = this.imageToRepositoryUriMap.get(abstractRemoteDockerImage.getRepositoryName())) != null && !str.isEmpty()) {
            str2 = str + ":" + ((DockerImageAmazon) abstractRemoteDockerImage).getMainTag();
        }
        return str2;
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    public ContainerRegistryTypes getContainerType() {
        return ContainerRegistryTypes.AWS;
    }

    private Collection<Repository> getRepositoriesList(String str) {
        LinkedList linkedList = new LinkedList();
        try {
            DescribeRepositoriesRequest withRegistryId = new DescribeRepositoriesRequest().withRegistryId(str);
            boolean z = true;
            LinkedList linkedList2 = new LinkedList();
            while (z) {
                DescribeRepositoriesResult describeRepositories = amazonClient.describeRepositories(withRegistryId);
                if (describeRepositories == null || describeRepositories.getNextToken() == null) {
                    z = false;
                }
                if (describeRepositories != null) {
                    if (describeRepositories.getRepositories() != null) {
                        linkedList.addAll(describeRepositories.getRepositories());
                    }
                    if (describeRepositories.getNextToken() != null) {
                        withRegistryId.setNextToken(describeRepositories.getNextToken());
                    }
                }
            }
            linkedList.forEach(repository -> {
                this.imageToRepositoryUriMap.put(repository.getRepositoryName(), repository.getRepositoryUri());
                linkedList2.add(repository.getRepositoryName());
            });
            logger.info("Amazon repositories for registry \"{}\" : {}", str, linkedList2);
        } catch (Exception e) {
            String str2 = "Could not get repositories info of registry - " + str;
            logger.warn("{}", str2);
            logger.debug("{}", e.getMessage());
            this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, null, str2), logger, "error");
        }
        return linkedList;
    }

    private Collection<ImageDetail> getRepositoryImages(String str, String str2) {
        LinkedList linkedList = new LinkedList();
        try {
            logger.info("Get repository images for repository '{}'", str);
            DescribeImagesRequest withRegistryId = new DescribeImagesRequest().withRepositoryName(str).withRegistryId(str2);
            boolean z = true;
            while (z) {
                DescribeImagesResult describeImages = amazonClient.describeImages(withRegistryId);
                if (describeImages == null || describeImages.getNextToken() == null) {
                    z = false;
                }
                if (describeImages != null) {
                    if (describeImages.getImageDetails() != null) {
                        linkedList.addAll(describeImages.getImageDetails());
                    }
                    if (describeImages.getNextToken() != null) {
                        withRegistryId.setNextToken(describeImages.getNextToken());
                    }
                }
            }
        } catch (Exception e) {
            String str3 = "Could not get repository images info of repository " + str + " - on registry - " + str2;
            logger.warn("{}", str3);
            logger.debug("{}", e.getMessage());
            this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, null, str3), logger, "error");
        }
        return linkedList;
    }

    private List<Image> getImagesInformation(String str, String str2, String str3) {
        List<Image> emptyList = Collections.emptyList();
        try {
            BatchGetImageResult batchGetImage = amazonClient.batchGetImage(new BatchGetImageRequest().withImageIds(new ImageIdentifier().withImageDigest(str3)).withRepositoryName(str).withRegistryId(str2));
            if (batchGetImage != null) {
                if (batchGetImage.getImages() != null) {
                    emptyList = batchGetImage.getImages();
                }
                List<ImageFailure> failures = batchGetImage.getFailures();
                if (failures != null && !failures.isEmpty()) {
                    logger.warn("Errors received when trying to get amazon images from registry '{}' repository '{}' :", str2, str);
                    Iterator<ImageFailure> it = failures.iterator();
                    while (it.hasNext()) {
                        logger.warn("{}", it.next());
                    }
                    this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, "Could not get detailed information for repository name  " + str, null), logger, "error");
                }
            }
        } catch (Exception e) {
            String str4 = "Could not get detailed information for repository name  " + str + " - " + e.getMessage();
            logger.warn("{}", str4);
            logger.debug("", (Throwable) e);
            this.failErrorLevelHandler.handleFailErrorLevel(generateErrorMessage(null, null, str4), logger, "error");
        }
        return emptyList;
    }

    @Override // org.whitesource.agent.dependency.resolver.docker.remotedocker.AbstractRemoteDocker
    protected Set<AbstractRemoteDockerImage> getRemoteRegistryImagesList() {
        logger.info("Get list of images for registries : [{}]", String.join(", ", this.loggedInRegistries));
        HashSet hashSet = new HashSet();
        for (String str : this.loggedInRegistries) {
            logger.info("Get amazon registryId \"{}\" repositories list", str);
            Iterator<Repository> it = getRepositoriesList(str).iterator();
            while (it.hasNext()) {
                String repositoryName = it.next().getRepositoryName();
                if (isImagePullRequiredByName(repositoryName)) {
                    logger.debug("Get repository details for amazon registryId - {} , repository - {}", str, repositoryName);
                    for (ImageDetail imageDetail : getRepositoryImages(repositoryName, str)) {
                        String imageDigest = imageDetail.getImageDigest();
                        String registryId = imageDetail.getRegistryId();
                        List<String> imageTags = imageDetail.getImageTags();
                        Date imagePushedAt = imageDetail.getImagePushedAt();
                        logger.debug("Get amazon image information - repository name '{}', digest '{}', tags '{}'", repositoryName, imageDigest, imageTags);
                        for (Image image : getImagesInformation(repositoryName, registryId, imageDigest)) {
                            String imageManifest = image.getImageManifest();
                            hashSet.add(new DockerImageAmazon(registryId, repositoryName, imageDigest, imageTags, imagePushedAt, imageManifest, image.getImageId().getImageTag(), getSHA256FromManifest(imageManifest)));
                        }
                    }
                }
            }
        }
        logger.debug("Amazon found {} images", Integer.valueOf(hashSet.size()));
        return hashSet;
    }
}
