package io.specmatic.gradle.vuln;

import io.specmatic.gradle.exec.ConfigureExecTaskPluginKt;
import io.specmatic.gradle.license.SpecmaticLicenseReportingPluginKt;
import java.io.File;
import java.io.FileOutputStream;
import java.io.RandomAccessFile;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import javax.inject.Inject;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.Unit;
import kotlin.collections.MapsKt;
import kotlin.io.CloseableKt;
import kotlin.io.FilesKt;
import kotlin.jdk7.AutoCloseableKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.StringsKt;
import org.apache.commons.lang3.SystemUtils;
import org.gradle.api.Action;
import org.gradle.api.DefaultTask;
import org.gradle.api.GradleException;
import org.gradle.api.Project;
import org.gradle.api.provider.Property;
import org.gradle.api.tasks.CacheableTask;
import org.gradle.api.tasks.Input;
import org.gradle.api.tasks.OutputDirectory;
import org.gradle.api.tasks.OutputFile;
import org.gradle.api.tasks.TaskAction;
import org.gradle.process.ExecOperations;
import org.gradle.process.ExecSpec;
import org.jetbrains.annotations.NotNull;

/* compiled from: VulnScanTask.kt */
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��D\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010\u0011\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0002\n��\n\u0002\u0010 \n\u0002\b\u0005\n\u0002\u0010\u000b\n\u0002\b\u0007\b'\u0018��2\u00020\u0001B\u000f\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\b\u0010\u0016\u001a\u00020\u0017H\u0002J\u0016\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u00060\u00192\u0006\u0010\u001a\u001a\u00020\u0006H&J\b\u0010\u001b\u001a\u00020\u0011H\u0007J\b\u0010\u001c\u001a\u00020\u0011H\u0007J\b\u0010\u001d\u001a\u00020\u0017H\u0002J\u0018\u0010\u001e\u001a\u00020\u001f2\u0006\u0010\u001a\u001a\u00020\u00062\u0006\u0010 \u001a\u00020\u0011H\u0002J\b\u0010!\u001a\u00020\u0006H\u0004J\b\u0010\"\u001a\u00020\u0011H\u0002J\b\u0010#\u001a\u00020\u0011H\u0002J\b\u0010$\u001a\u00020\u0011H\u0002J\b\u0010%\u001a\u00020\u0017H\u0007R\u0011\u0010\u0005\u001a\u00020\u00068G¢\u0006\u0006\u001a\u0004\b\u0007\u0010\bR\u001a\u0010\t\u001a\b\u0012\u0004\u0012\u00020\u00060\n8EX\u0084\u0004¢\u0006\u0006\u001a\u0004\b\u000b\u0010\fR\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u0011\u0010\r\u001a\u00020\u00068G¢\u0006\u0006\u001a\u0004\b\u000e\u0010\bR\u001a\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00110\u00108gX¦\u0004¢\u0006\u0006\u001a\u0004\b\u0012\u0010\u0013R\u001a\u0010\u0014\u001a\b\u0012\u0004\u0012\u00020\u00110\u00108gX¦\u0004¢\u0006\u0006\u001a\u0004\b\u0015\u0010\u0013¨\u0006&"}, d2 = {"Lio/specmatic/gradle/vuln/AbstractVulnScanTask;", "Lorg/gradle/api/DefaultTask;", "execLauncher", "Lorg/gradle/process/ExecOperations;", "(Lorg/gradle/process/ExecOperations;)V", "arch", "", "getArch", "()Ljava/lang/String;", "commonArgs", "", "getCommonArgs", "()[Ljava/lang/String;", "os", "getOs", "reportsDir", "Lorg/gradle/api/provider/Property;", "Ljava/io/File;", "getReportsDir", "()Lorg/gradle/api/provider/Property;", "trivyHomeDir", "getTrivyHomeDir", "downloadTrivy", "", "getCommandLine", "", "format", "getJsonReportFile", "getTextTableReportFile", "maybeDownloadTrivy", "runScan", "", "output", "trivyExecutable", "trivyExecutableFile", "trivyInstallDir", "trivyVersionFile", "vulnScan", "plugin"})
@CacheableTask
@SourceDebugExtension({"SMAP\nVulnScanTask.kt\nKotlin\n*S Kotlin\n*F\n+ 1 VulnScanTask.kt\nio/specmatic/gradle/vuln/AbstractVulnScanTask\n+ 2 _Maps.kt\nkotlin/collections/MapsKt___MapsKt\n*L\n1#1,165:1\n126#2:166\n153#2,3:167\n*S KotlinDebug\n*F\n+ 1 VulnScanTask.kt\nio/specmatic/gradle/vuln/AbstractVulnScanTask\n*L\n33#1:166\n33#1:167,3\n*E\n"})
/* loaded from: input_file:io/specmatic/gradle/vuln/AbstractVulnScanTask.class */
public abstract class AbstractVulnScanTask extends DefaultTask {

    @NotNull
    private final ExecOperations execLauncher;

    @Inject
    public AbstractVulnScanTask(@NotNull ExecOperations execOperations) {
        Intrinsics.checkNotNullParameter(execOperations, "execLauncher");
        this.execLauncher = execOperations;
    }

    @TaskAction
    public final void vulnScan() {
        maybeDownloadTrivy();
        ((File) getReportsDir().get()).mkdirs();
        Map mapOf = MapsKt.mapOf(new Pair[]{TuplesKt.to("table", getTextTableReportFile()), TuplesKt.to("json", getJsonReportFile())});
        ArrayList arrayList = new ArrayList(mapOf.size());
        for (Map.Entry entry : mapOf.entrySet()) {
            arrayList.add(Boolean.valueOf(runScan((String) entry.getKey(), (File) entry.getValue())));
        }
    }

    @OutputDirectory
    @NotNull
    public abstract Property<File> getReportsDir();

    @OutputFile
    @NotNull
    public final File getJsonReportFile() {
        Object obj = getReportsDir().get();
        Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
        return FilesKt.resolve((File) obj, "report.json");
    }

    @OutputFile
    @NotNull
    public final File getTextTableReportFile() {
        Object obj = getReportsDir().get();
        Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
        return FilesKt.resolve((File) obj, "report.txt");
    }

    @OutputDirectory
    @NotNull
    public abstract Property<File> getTrivyHomeDir();

    private final boolean runScan(String str, File file) {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            Throwable th = null;
            try {
                try {
                    final FileOutputStream fileOutputStream2 = fileOutputStream;
                    final List<String> commandLine = getCommandLine(str);
                    Project project = getProject();
                    Intrinsics.checkNotNullExpressionValue(project, "getProject(...)");
                    SpecmaticLicenseReportingPluginKt.pluginInfo(project, "$ " + ConfigureExecTaskPluginKt.shellEscapedArgs(commandLine));
                    this.execLauncher.exec(new Action() { // from class: io.specmatic.gradle.vuln.AbstractVulnScanTask$runScan$1$1
                        public final void execute(ExecSpec execSpec) {
                            Intrinsics.checkNotNullParameter(execSpec, "$this$exec");
                            execSpec.setStandardOutput(fileOutputStream2);
                            execSpec.setErrorOutput(System.err);
                            execSpec.setCommandLine(commandLine);
                        }
                    });
                    CloseableKt.closeFinally(fileOutputStream, (Throwable) null);
                    return true;
                } finally {
                }
            } catch (Throwable th2) {
                CloseableKt.closeFinally(fileOutputStream, th);
                throw th2;
            }
        } catch (Exception e) {
            Project project2 = getProject();
            Intrinsics.checkNotNullExpressionValue(project2, "getProject(...)");
            SpecmaticLicenseReportingPluginKt.pluginInfo(project2, "trivy failed with error: " + e.getMessage() + " (ignoring error)");
            return false;
        }
    }

    @NotNull
    public abstract List<String> getCommandLine(@NotNull String str);

    private final void maybeDownloadTrivy() {
        ((File) getTrivyHomeDir().get()).mkdirs();
        Object obj = getTrivyHomeDir().get();
        Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
        FileChannel channel = new RandomAccessFile(FilesKt.resolve((File) obj, "trivy-download.lock"), "rw").getChannel();
        try {
            FileLock lock = channel.lock();
            Throwable th = null;
            try {
                try {
                    FileLock fileLock = lock;
                    if (System.currentTimeMillis() - (trivyExecutableFile().exists() ? trivyExecutableFile().lastModified() : 0L) > 604800000) {
                        downloadTrivy();
                    }
                    Unit unit = Unit.INSTANCE;
                    AutoCloseableKt.closeFinally(lock, (Throwable) null);
                    Unit unit2 = Unit.INSTANCE;
                    CloseableKt.closeFinally(channel, (Throwable) null);
                } finally {
                }
            } catch (Throwable th2) {
                AutoCloseableKt.closeFinally(lock, th);
                throw th2;
            }
        } catch (Throwable th3) {
            CloseableKt.closeFinally(channel, (Throwable) null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final File trivyInstallDir() {
        Object obj = getTrivyHomeDir().get();
        Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
        return FilesKt.resolve((File) obj, "trivy");
    }

    private final File trivyVersionFile() {
        Object obj = getTrivyHomeDir().get();
        Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
        return FilesKt.resolve((File) obj, "trivy.version");
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x0102, code lost:
    
        if (kotlin.text.StringsKt.endsWith$default(r0, ".tar.gz", false, 2, (java.lang.Object) null) != false) goto L17;
     */
    /* JADX WARN: Removed duplicated region for block: B:18:0x010d A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:27:? A[LOOP:0: B:7:0x0069->B:27:?, LOOP_END, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private final void downloadTrivy() {
        /*
            Method dump skipped, instructions count: 462
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: io.specmatic.gradle.vuln.AbstractVulnScanTask.downloadTrivy():void");
    }

    @Input
    @NotNull
    public final String getOs() {
        if (SystemUtils.IS_OS_WINDOWS) {
            return "windows";
        }
        if (SystemUtils.IS_OS_MAC) {
            return "macos";
        }
        if (SystemUtils.IS_OS_LINUX) {
            return "linux";
        }
        throw new RuntimeException("Unsupported operating system for trivy: " + SystemUtils.OS_NAME);
    }

    @Input
    @NotNull
    public final String getArch() {
        String str = SystemUtils.OS_ARCH;
        Intrinsics.checkNotNullExpressionValue(str, "OS_ARCH");
        String lowerCase = str.toLowerCase(Locale.ROOT);
        Intrinsics.checkNotNullExpressionValue(lowerCase, "toLowerCase(...)");
        if ((StringsKt.contains$default(lowerCase, "x86", false, 2, (Object) null) || StringsKt.contains$default(lowerCase, "amd64", false, 2, (Object) null)) && StringsKt.contains$default(lowerCase, "64", false, 2, (Object) null)) {
            return "64bit";
        }
        if (StringsKt.contains$default(lowerCase, "aarch", false, 2, (Object) null) && StringsKt.contains$default(lowerCase, "64", false, 2, (Object) null)) {
            return "arm64";
        }
        throw new GradleException("Unsupported architecture for trivy: " + lowerCase);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NotNull
    public final String trivyExecutable() {
        String path = trivyExecutableFile().getPath();
        Intrinsics.checkNotNullExpressionValue(path, "getPath(...)");
        return path;
    }

    private final File trivyExecutableFile() {
        return FilesKt.resolve(trivyInstallDir(), "trivy" + (Intrinsics.areEqual(getOs(), "windows") ? ".exe" : ""));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Input
    @NotNull
    public final String[] getCommonArgs() {
        return new String[]{"--quiet", "--no-progress"};
    }
}
