package com.neuvector;

import com.github.packageurl.PackageURL;
import com.google.gson.Gson;
import com.neuvector.model.Image;
import com.neuvector.model.NVScanner;
import com.neuvector.model.Registry;
import com.neuvector.model.ScanRepoReportData;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Random;
import java.util.stream.Stream;
import org.eclipse.jgit.lib.ConfigConstants;

/* loaded from: input_file:com/neuvector/Scanner.class */
public class Scanner {
    private static final String SOCKET_MAPPING = "/var/run/docker.sock:/var/run/docker.sock";
    private static final String CONTAINER_PATH = "/var/neuvector";
    private static final String SCAN_REPORT = "scan_result.json";

    public static ScanRepoReportData scanRegistry(Registry registry, NVScanner nVScanner, String str, Boolean bool) {
        ScanRepoReportData runScan;
        if (registry == null || nVScanner == null) {
        }
        String pullDockerImage = pullDockerImage(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL(), nVScanner.getNvRegistryUser(), nVScanner.getNvRegistryPassword());
        if (pullDockerImage.length() > 0) {
            runScan = new ScanRepoReportData();
            runScan.setError_message(pullDockerImage);
        } else {
            String[] strArr = {registry.getLoginPassword(), str};
            runScan = bool.booleanValue() ? (registry.getLoginUser() == null && registry.getLoginPassword() == null) ? runScan(new String[]{PackageURL.StandardTypes.DOCKER, "run", "--name", generateScannerName(), "--rm", "-v", SOCKET_MAPPING, "-v", getMountPath(nVScanner), "-e", "SCANNER_REPOSITORY=" + registry.getRepository(), "-e", "SCANNER_TAG=" + registry.getRepositoryTag(), "-e", "SCANNER_LICENSE=" + str, "-e", "SCANNER_REGISTRY=" + registry.getRegistryURL(), "-e", "SCANNER_SCAN_LAYERS=true", getNVImagePath(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL())}, nVScanner.getNvMountPath(), strArr) : runScan(new String[]{PackageURL.StandardTypes.DOCKER, "run", "--name", generateScannerName(), "--rm", "-v", SOCKET_MAPPING, "-v", getMountPath(nVScanner), "-e", "SCANNER_REPOSITORY=" + registry.getRepository(), "-e", "SCANNER_TAG=" + registry.getRepositoryTag(), "-e", "SCANNER_LICENSE=" + str, "-e", "SCANNER_REGISTRY=" + registry.getRegistryURL(), "-e", "SCANNER_REGISTRY_USERNAME=" + registry.getLoginUser(), "-e", "SCANNER_REGISTRY_PASSWORD=" + registry.getLoginPassword(), "-e", "SCANNER_SCAN_LAYERS=true", getNVImagePath(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL())}, nVScanner.getNvMountPath(), strArr) : (registry.getLoginUser() == null && registry.getLoginPassword() == null) ? runScan(new String[]{PackageURL.StandardTypes.DOCKER, "run", "--name", generateScannerName(), "--rm", "-v", SOCKET_MAPPING, "-v", getMountPath(nVScanner), "-e", "SCANNER_REPOSITORY=" + registry.getRepository(), "-e", "SCANNER_TAG=" + registry.getRepositoryTag(), "-e", "SCANNER_LICENSE=" + str, "-e", "SCANNER_REGISTRY=" + registry.getRegistryURL(), getNVImagePath(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL())}, nVScanner.getNvMountPath(), strArr) : runScan(new String[]{PackageURL.StandardTypes.DOCKER, "run", "--name", generateScannerName(), "--rm", "-v", SOCKET_MAPPING, "-v", getMountPath(nVScanner), "-e", "SCANNER_REPOSITORY=" + registry.getRepository(), "-e", "SCANNER_TAG=" + registry.getRepositoryTag(), "-e", "SCANNER_LICENSE=" + str, "-e", "SCANNER_REGISTRY=" + registry.getRegistryURL(), "-e", "SCANNER_REGISTRY_USERNAME=" + registry.getLoginUser(), "-e", "SCANNER_REGISTRY_PASSWORD=" + registry.getLoginPassword(), getNVImagePath(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL())}, nVScanner.getNvMountPath(), strArr);
        }
        return runScan;
    }

    public static ScanRepoReportData scanRegistry(Registry registry, NVScanner nVScanner, String str) {
        return scanRegistry(registry, nVScanner, str, false);
    }

    public static ScanRepoReportData scanLocalImage(Image image, NVScanner nVScanner, String str, Boolean bool) {
        ScanRepoReportData runScan;
        if (image == null || nVScanner == null) {
        }
        String pullDockerImage = pullDockerImage(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL(), nVScanner.getNvRegistryUser(), nVScanner.getNvRegistryPassword());
        if (pullDockerImage.length() > 0) {
            runScan = new ScanRepoReportData();
            runScan.setError_message(pullDockerImage);
        } else {
            String[] strArr = {str};
            runScan = bool.booleanValue() ? runScan(new String[]{PackageURL.StandardTypes.DOCKER, "run", "--name", generateScannerName(), "--rm", "-v", SOCKET_MAPPING, "-v", getMountPath(nVScanner), "-e", "SCANNER_REPOSITORY=" + image.getImageName(), "-e", "SCANNER_TAG=" + image.getImageTag(), "-e", "SCANNER_LICENSE=" + str, "-e", "SCANNER_SCAN_LAYERS=true", getNVImagePath(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL())}, nVScanner.getNvMountPath(), strArr) : runScan(new String[]{PackageURL.StandardTypes.DOCKER, "run", "--name", generateScannerName(), "--rm", "-v", SOCKET_MAPPING, "-v", getMountPath(nVScanner), "-e", "SCANNER_REPOSITORY=" + image.getImageName(), "-e", "SCANNER_TAG=" + image.getImageTag(), "-e", "SCANNER_LICENSE=" + str, getNVImagePath(nVScanner.getNvScannerImage(), nVScanner.getNvRegistryURL())}, nVScanner.getNvMountPath(), strArr);
        }
        return runScan;
    }

    public static ScanRepoReportData scanLocalImage(Image image, NVScanner nVScanner, String str) {
        return scanLocalImage(image, nVScanner, str, false);
    }

    private static String pullDockerImage(String str, String str2, String str3, String str4) {
        String runCMD;
        if (str2 == null) {
            str2 = "";
        }
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        if (str2.isEmpty() && str3.isEmpty() && str4.isEmpty()) {
            return "";
        }
        if (str3.equals("") || str4.equals("")) {
            runCMD = runCMD(new String[]{PackageURL.StandardTypes.DOCKER, ConfigConstants.CONFIG_PULL_SECTION, getNVImagePath(str, str2)});
        } else {
            runCMD = runCMD(new String[]{PackageURL.StandardTypes.DOCKER, "login", "-u", str3, "-p", str4, str2});
            if (runCMD.length() == 0) {
                runCMD(new String[]{PackageURL.StandardTypes.DOCKER, ConfigConstants.CONFIG_PULL_SECTION, getNVImagePath(str, str2)});
                runCMD = runCMD(new String[]{PackageURL.StandardTypes.DOCKER, "logout"});
            }
        }
        if (!runCMD.isEmpty() && !str4.isEmpty()) {
            runCMD = maskCredential(runCMD, str4);
        }
        return runCMD;
    }

    private static String getNVImagePath(String str, String str2) {
        String str3;
        if (str2.isEmpty()) {
            str3 = str;
        } else {
            String str4 = str2.contains("//") ? str2.split("//")[1] : str2;
            str3 = str2.endsWith("/") ? str4 + str : str4 + "/" + str;
        }
        return str3;
    }

    private static ScanRepoReportData parseScanReport(String str) {
        ScanRepoReportData scanRepoReportData;
        StringBuilder sb = new StringBuilder();
        String str2 = null;
        try {
            Stream<String> lines = Files.lines(Paths.get(str, new String[0]), StandardCharsets.UTF_8);
            Throwable th = null;
            try {
                try {
                    lines.forEach(str3 -> {
                        sb.append(str3).append("\n");
                    });
                    if (lines != null) {
                        if (0 != 0) {
                            try {
                                lines.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            lines.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            str2 = e.getMessage();
        }
        if (str2 != null) {
            scanRepoReportData = new ScanRepoReportData();
            scanRepoReportData.setError_message(str2);
        } else {
            scanRepoReportData = (ScanRepoReportData) new Gson().fromJson(sb.toString(), ScanRepoReportData.class);
        }
        return scanRepoReportData;
    }

    private static String runCMD(String[] strArr) {
        String message;
        try {
            Process exec = Runtime.getRuntime().exec(strArr);
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(exec.getInputStream()));
            BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(exec.getErrorStream()));
            StringBuilder sb = new StringBuilder(String.join(" ", strArr));
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                sb.append(readLine);
            }
            while (true) {
                String readLine2 = bufferedReader2.readLine();
                if (readLine2 == null) {
                    break;
                }
                sb.append(readLine2);
            }
            message = exec.waitFor() != 0 ? sb.toString() : "";
        } catch (IOException e) {
            message = e.getMessage();
        } catch (InterruptedException e2) {
            message = e2.getMessage();
        }
        return message;
    }

    private static ScanRepoReportData runScan(String[] strArr, String str, String[] strArr2) {
        ScanRepoReportData parseScanReport;
        String runCMD = runCMD(strArr);
        if (runCMD.length() > 0) {
            for (String str2 : strArr2) {
                if (!str2.isEmpty()) {
                    runCMD = maskCredential(runCMD, str2);
                }
            }
            parseScanReport = new ScanRepoReportData();
            parseScanReport.setError_message(runCMD);
        } else {
            parseScanReport = parseScanReport(getScanReportPath(str));
        }
        return parseScanReport;
    }

    private static String getMountPath(NVScanner nVScanner) {
        String str;
        String nvMountPath = nVScanner.getNvMountPath();
        if (nvMountPath == null || nvMountPath.length() <= 0) {
            str = CONTAINER_PATH + ":/var/neuvector";
        } else {
            if (nvMountPath.charAt(nvMountPath.length() - 1) == '/') {
                nvMountPath = nvMountPath.substring(0, nvMountPath.length() - 1);
            }
            str = nvMountPath + ":/var/neuvector";
        }
        return str;
    }

    private static String getScanReportPath(String str) {
        return (str == null || str.length() == 0) ? "/var/neuvector/scan_result.json" : removeLastSlash(str) + "/" + SCAN_REPORT;
    }

    private static String removeLastSlash(String str) {
        return (str == null || str.length() <= 0 || str.charAt(str.length() - 1) != '/') ? str : str.substring(0, str.length() - 1);
    }

    private static String generateScannerName() {
        StringBuilder sb = new StringBuilder();
        Random random = new Random();
        while (sb.length() < 6) {
            sb.append("ABCDEFGHIJKLMNOPQRSTUVWXYZ".charAt((int) (random.nextFloat() * "ABCDEFGHIJKLMNOPQRSTUVWXYZ".length())));
        }
        return sb.toString();
    }

    private static String maskCredential(String str, String str2) {
        return str.replace(str2, "******");
    }

    public static String deleteDockerImagesByLabelKey(String str) {
        return runCMD(new String[]{PackageURL.StandardTypes.DOCKER, "image", ConfigConstants.CONFIG_KEY_PRUNE, "--force", "--filter=label=".concat(str)});
    }
}
