package com.atlassian.pipelines.runner.core.log.processor.filter;

import com.amazonaws.regions.ServiceAbbreviations;
import com.atlassian.pipelines.rest.model.v1.pipeline.targetref.TargetModel;
import com.atlassian.pipelines.runner.api.log.processor.filter.LogLineFilter;
import com.atlassian.pipelines.runner.api.model.analytic.ImmutableDockerCommandAnalytic;
import com.atlassian.pipelines.runner.api.model.log.LogLine;
import com.atlassian.pipelines.runner.api.model.step.StepId;
import com.atlassian.pipelines.runner.api.service.AnalyticService;
import com.fasterxml.jackson.databind.annotation.JsonPOJOBuilder;
import com.google.common.collect.ImmutableMap;
import com.heroku.logfmt.Logfmt;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.function.Function;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.aspectj.lang.JoinPoint;
import org.codehaus.stax2.XMLStreamProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/pipelines/runner/core/log/processor/filter/DockerCommandAnalyticsFilter.class */
public final class DockerCommandAnalyticsFilter implements LogLineFilter {
    protected static final Logger logger = LoggerFactory.getLogger((Class<?>) DockerCommandAnalyticsFilter.class);
    private static final Map<String, String> REGISTRY_PATTERNS = ImmutableMap.builder().put("gcr", ".+\\.gcr\\.io").put("ecr", ".+\\.dkr\\.ecr\\..+\\.amazonaws\\.com").put("azr", ".+\\.azurecr\\.io").put("dockerhub", "[^.:]+").build();
    private static final Function<Matcher, Optional<Map<String, String>>> IMAGE_PUSH_PROPERTIES = matcher -> {
        HashMap hashMap = new HashMap();
        hashMap.put("registry", "other");
        if (matcher.find()) {
            String str = matcher.group(1).split("/")[0];
            Optional findFirst = REGISTRY_PATTERNS.entrySet().stream().filter(entry -> {
                return Pattern.compile((String) entry.getValue()).matcher(str).matches();
            }).map((v0) -> {
                return v0.getKey();
            }).findFirst();
            if (findFirst.isPresent()) {
                hashMap.put("registry", (String) findFirst.get());
            }
        }
        return Optional.of(hashMap);
    };
    private static final Map<String, List<Path>> PATHS = (Map) Stream.of((Object[]) new Path[]{new Path("GET", "/containers/json", "List containers", Path.ManagementCommand.CONTAINER, "ls"), new Path("POST", "/containers/create", "Create a container", Path.ManagementCommand.CONTAINER, "run"), new Path("GET", "/containers/.+/json", "Inspect a container", Path.ManagementCommand.CONTAINER, "inspect"), new Path("GET", "/containers/.+/top", "List processes running inside a container", Path.ManagementCommand.CONTAINER, "top"), new Path("GET", "/containers/.+/logs", "Get container logs", Path.ManagementCommand.CONTAINER, ServiceAbbreviations.CloudWatchLogs), new Path("GET", "/containers/.+/changes", "Get changes on a container’s filesystem", Path.ManagementCommand.CONTAINER, "diff"), new Path("GET", "/containers/.+/export", "Export a container", Path.ManagementCommand.CONTAINER, "export"), new Path("GET", "/containers/.+/stats", "Get container stats based on resource usage", Path.ManagementCommand.CONTAINER, "stats"), new Path("POST", "/containers/.+/resize", "Resize a container TTY", Path.ManagementCommand.CONTAINER), new Path("POST", "/containers/.+/start", "Start a container", Path.ManagementCommand.CONTAINER, "start"), new Path("POST", "/containers/.+/stop", "Stop a container", Path.ManagementCommand.CONTAINER, "stop"), new Path("POST", "/containers/.+/restart", "Restart a container", Path.ManagementCommand.CONTAINER, "restart"), new Path("POST", "/containers/.+/kill", "Kill a container", Path.ManagementCommand.CONTAINER, "kill"), new Path("POST", "/containers/.+/update", "Update a container", Path.ManagementCommand.CONTAINER, "update"), new Path("POST", "/containers/.+/rename", "Rename a container", Path.ManagementCommand.CONTAINER, "rename"), new Path("POST", "/containers/.+/pause", "Pause a container", Path.ManagementCommand.CONTAINER, "pause"), new Path("POST", "/containers/.+/unpause", "Unpause a container", Path.ManagementCommand.CONTAINER, "unpause"), new Path("POST", "/containers/.+/attach", "Attach to a container", Path.ManagementCommand.CONTAINER, "attach"), new Path("GET", "/containers/.+/attach/ws", "Attach to a container via a websocket", Path.ManagementCommand.CONTAINER), new Path("POST", "/containers/.+/wait", "Wait for a container", Path.ManagementCommand.CONTAINER, "wait"), new Path("DELETE", "/containers/.+", "Remove a container", Path.ManagementCommand.CONTAINER, "rm"), new Path("HEAD", "/containers/.+/archive", "Get information about files in a container", Path.ManagementCommand.CONTAINER), new Path("GET", "/containers/.+/archive", "Get an archive of a filesystem resource in a container", Path.ManagementCommand.CONTAINER, "cp"), new Path("PUT", "/containers/.+/archive", "Extract an archive of files or folders to a directory in a container", Path.ManagementCommand.CONTAINER, "cp"), new Path("POST", "/containers/prune", "Delete stopped containers", Path.ManagementCommand.CONTAINER, "prune"), new Path("POST", "/commit", "Create a new image from a container", Path.ManagementCommand.CONTAINER, TargetModel.COMMIT_ATTRIBUTE), new Path("GET", "/images/json", "List images", Path.ManagementCommand.IMAGE, "ls"), new Path("POST", "/build", "Build an image", Path.ManagementCommand.IMAGE, JsonPOJOBuilder.DEFAULT_BUILD_METHOD), new Path("POST", "/images/create", "Create an image", Path.ManagementCommand.IMAGE, "pull"), new Path("GET", "/images/.+/json", "Inspect an image", Path.ManagementCommand.IMAGE, "inspect"), new Path("GET", "/images/.+/history", "Get the history of an image", Path.ManagementCommand.IMAGE, "history"), new Path("POST", "/images/(.+)/push", "Push an image", Path.ManagementCommand.IMAGE, "push", IMAGE_PUSH_PROPERTIES), new Path("POST", "/images/.+/tag", "Tag an image", Path.ManagementCommand.IMAGE, "tag"), new Path("DELETE", "/images/.+", "Remove and image", Path.ManagementCommand.IMAGE, "rm"), new Path("GET", "/images/search", "Search images", Path.ManagementCommand.NONE, "search"), new Path("POST", "/images/prune", "Delete unused images", Path.ManagementCommand.IMAGE, "prune"), new Path("GET", "/images/.+/get", "Export an image", Path.ManagementCommand.IMAGE, "save"), new Path("GET", "/images/get", "Export several images", Path.ManagementCommand.IMAGE, "save"), new Path("POST", "/images/load", "Import images", Path.ManagementCommand.IMAGE, "load"), new Path("GET", "/networks", "List networks", Path.ManagementCommand.NETWORK, "ls"), new Path("GET", "/networks/.+", "Inspect a network", Path.ManagementCommand.NETWORK, "inspect"), new Path("DELETE", "/networks/.+", "Remove a network", Path.ManagementCommand.NETWORK, "rm"), new Path("POST", "/networks/create", "Create a network", Path.ManagementCommand.NETWORK, "create"), new Path("POST", "/networks/.+/connect", "Connect a container to a network", Path.ManagementCommand.NETWORK, "connect"), new Path("POST", "/networks/.+/disconnect", "Disconnect a container from a network", Path.ManagementCommand.NETWORK, "disconnect"), new Path("POST", "/networks/prune", "Delete unused networks", Path.ManagementCommand.NETWORK, "prune"), new Path("GET", "/volumes", "List volumes", Path.ManagementCommand.VOLUME, "ls"), new Path("POST", "/volumes/create", "Create a volume", Path.ManagementCommand.VOLUME, "create"), new Path("GET", "/volumes/.+", "Inspect a volume", Path.ManagementCommand.VOLUME, "inspect"), new Path("DELETE", "/volumes/.+", "Remove a volume", Path.ManagementCommand.VOLUME, "rm"), new Path("POST", "/volumes/prune", "Delete unused volumes", Path.ManagementCommand.NETWORK, "prune"), new Path("POST", "/containers/.+/exec", "Run a command in a running container", Path.ManagementCommand.CONTAINER, "exec"), new Path("POST", "/exec/.+/start", "Start an exec instance", Path.ManagementCommand.NONE), new Path("POST", "/exec/.+/resize", "Resize an exec instance", Path.ManagementCommand.NONE), new Path("GET", "/exec/.+/json", "Inspect an exec instance", Path.ManagementCommand.NONE), new Path("GET", "/swarm", "Inspect swarm", Path.ManagementCommand.SWARM), new Path("POST", "/swarm/init", "Initialize a new swarm", Path.ManagementCommand.SWARM, "init"), new Path("POST", "/swarm/join", "Join an existing swarm", Path.ManagementCommand.SWARM, "join"), new Path("POST", "/swarm/leave", "Leave a swarm", Path.ManagementCommand.SWARM, "leave"), new Path("POST", "/swarm/update", "Update a swarm", Path.ManagementCommand.SWARM, "update"), new Path("GET", "/swarm/unlockkey", "Get the unlock key", Path.ManagementCommand.SWARM, "unlock-key"), new Path("POST", "/swarm/unlock", "Unlock a locked manager", Path.ManagementCommand.SWARM, JoinPoint.SYNCHRONIZATION_UNLOCK), new Path("GET", "/nodes", "List nodes", Path.ManagementCommand.NODE, "ls"), new Path("GET", "/nodes/.+", "Inspect a node", Path.ManagementCommand.NODE, "inspect"), new Path("DELETE", "/nodes/.+", "Delete a node", Path.ManagementCommand.NODE, "rm"), new Path("POST", "/nodes/.+/update", "Update a node", Path.ManagementCommand.NODE, "update"), new Path("GET", "/services", "List services", Path.ManagementCommand.SERVICE, "ls"), new Path("POST", "/services/create", "Create a service", Path.ManagementCommand.SERVICE, "create"), new Path("GET", "/services/.+", "Inspect a service", Path.ManagementCommand.SERVICE, "inspect"), new Path("DELETE", "/services/.+", "Delete a service", Path.ManagementCommand.SERVICE, "rm"), new Path("POST", "/services/.+/update", "Update a service", Path.ManagementCommand.SERVICE, "update"), new Path("GET", "/services/.+/logs", "Get service logs", Path.ManagementCommand.SERVICE, ServiceAbbreviations.CloudWatchLogs), new Path("GET", "/tasks", "List tasks", Path.ManagementCommand.NODE), new Path("GET", "/tasks/.+", "Inspect a task", Path.ManagementCommand.NODE), new Path("GET", "/secrets", "List secrets", Path.ManagementCommand.SECRET, "ls"), new Path("POST", "/secrets/create", "Create a secret", Path.ManagementCommand.SECRET, "create"), new Path("GET", "/secrets/.+", "Inspect a secret", Path.ManagementCommand.SECRET, "inspect"), new Path("DELETE", "/secrets/.+", "Delete a secret", Path.ManagementCommand.SECRET, "rm"), new Path("POST", "/secrets/.+/update", "Update a secret", Path.ManagementCommand.SECRET, "update"), new Path("GET", "/plugins", "List plugins", Path.ManagementCommand.PLUGIN, "ls"), new Path("GET", "/plugins/privileges", "Get plugin privileges", Path.ManagementCommand.PLUGIN), new Path("POST", "/plugins/pull", "Install a plugin", Path.ManagementCommand.PLUGIN, "install"), new Path("GET", "/plugins/.+/json", "Inspect a plugin", Path.ManagementCommand.PLUGIN, "inspect"), new Path("DELETE", "/plugins/.+", "Remove a plugin", Path.ManagementCommand.PLUGIN, "rm"), new Path("POST", "/plugins/.+/enable", "Enable a plugin", Path.ManagementCommand.PLUGIN, "enable"), new Path("POST", "/plugins/.+/disable", "Disable a plugin", Path.ManagementCommand.PLUGIN, XMLStreamProperties.XSP_V_XMLID_NONE), new Path("POST", "/plugins/.+/upgrade", "Upgrade a plugin", Path.ManagementCommand.PLUGIN, "upgrade"), new Path("POST", "/plugins/create", "Create a plugin", Path.ManagementCommand.PLUGIN, "create"), new Path("POST", "/plugins/.+/push", "Push a plugin", Path.ManagementCommand.PLUGIN, "push"), new Path("POST", "/plugins/.+/set", "Configure a plugin", Path.ManagementCommand.PLUGIN, "set"), new Path("POST", "/auth", "Check auth configuration", Path.ManagementCommand.NONE, "login"), new Path("GET", "/info", "Get system information", Path.ManagementCommand.SYSTEM, "info"), new Path("GET", "/version", "Get version", Path.ManagementCommand.NONE, "version"), new Path("GET", "/_ping", "Ping", Path.ManagementCommand.NONE), new Path("GET", "/events", "Monitor events", Path.ManagementCommand.SYSTEM, "events"), new Path("GET", "/system/df", "Get data usage information", Path.ManagementCommand.SYSTEM, "df")}).collect(Collectors.groupingBy(path -> {
        return path.method;
    }, Collectors.toList()));
    private static final String PLUGIN_KEY = "plugin";
    private static final String METHOD_KEY = "method";
    private static final String URI_KEY = "uri";
    private static final String ALLOWED_KEY = "allowed";
    private static final String PIPELINES_PLUGIN = "pipelines";
    private final StepId stepId;
    private final AnalyticService analyticService;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/atlassian/pipelines/runner/core/log/processor/filter/DockerCommandAnalyticsFilter$Path.class */
    public static final class Path {
        private final String method;
        private final Pattern pattern;
        private final String description;
        private final ManagementCommand managementCommand;
        private String command;
        private Function<Matcher, Optional<Map<String, String>>> propertiesParser;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:com/atlassian/pipelines/runner/core/log/processor/filter/DockerCommandAnalyticsFilter$Path$ManagementCommand.class */
        public enum ManagementCommand {
            CONTAINER,
            IMAGE,
            NETWORK,
            NODE,
            PLUGIN,
            SECRET,
            SERVICE,
            SWARM,
            SYSTEM,
            VOLUME,
            NONE
        }

        private Path(String str, String str2, String str3, ManagementCommand managementCommand, String str4, Function<Matcher, Optional<Map<String, String>>> function) {
            this(str, str2, str3, managementCommand, str4);
            this.propertiesParser = function;
        }

        private Path(String str, String str2, String str3, ManagementCommand managementCommand, String str4) {
            this(str, str2, str3, managementCommand);
            this.command = str4;
        }

        private Path(String str, String str2, String str3, ManagementCommand managementCommand) {
            this.method = str;
            this.pattern = Pattern.compile(str2);
            this.description = str3;
            this.managementCommand = managementCommand;
        }

        public String getMethod() {
            return this.method;
        }

        public Pattern getPattern() {
            return this.pattern;
        }

        public String getDescription() {
            return this.description;
        }

        public ManagementCommand getManagementCommand() {
            return this.managementCommand;
        }

        public Optional<String> getCommand() {
            return Optional.ofNullable(this.command);
        }

        public Optional<Map<String, String>> getAdditionalProperties(Matcher matcher) {
            return this.propertiesParser == null ? Optional.empty() : this.propertiesParser.apply(matcher);
        }
    }

    public DockerCommandAnalyticsFilter(StepId stepId, AnalyticService analyticService) {
        this.stepId = stepId;
        this.analyticService = analyticService;
    }

    @Override // java.util.function.Function
    public LogLine apply(LogLine logLine) {
        try {
            Map map = (Map) Logfmt.parse(logLine.getText().toCharArray()).entrySet().stream().collect(Collectors.toMap((v0) -> {
                return v0.getKey();
            }, entry -> {
                return new String((char[]) entry.getValue());
            }));
            if (map.containsKey(PLUGIN_KEY) && ((String) map.get(PLUGIN_KEY)).equals(PIPELINES_PLUGIN) && map.get("uri") != null) {
                PATHS.getOrDefault(map.get("method"), Collections.emptyList()).stream().filter(path -> {
                    return path.getPattern().matcher((CharSequence) map.get("uri")).find();
                }).findFirst().ifPresent(path2 -> {
                    this.analyticService.sendAnalytic(ImmutableDockerCommandAnalytic.builder().withStepId(this.stepId).withDescription(path2.getDescription()).withManagementCommand(path2.getManagementCommand().toString()).withAllowed((String) map.get(ALLOWED_KEY)).withCommand(path2.getCommand()).withAdditionalProperties(path2.getAdditionalProperties(path2.getPattern().matcher((CharSequence) map.get("uri")))).build());
                });
            }
        } catch (RuntimeException e) {
            logger.warn("Error scanning log message for docker commands", (Throwable) e);
        }
        return logLine;
    }
}
