package eu.openanalytics.containerproxy.backend.kubernetes;

import com.spotify.docker.client.DockerCertificates;
import eu.openanalytics.containerproxy.ContainerProxyException;
import eu.openanalytics.containerproxy.backend.AbstractContainerBackend;
import eu.openanalytics.containerproxy.model.runtime.Container;
import eu.openanalytics.containerproxy.model.runtime.Proxy;
import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
import eu.openanalytics.containerproxy.util.Retrying;
import io.fabric8.kubernetes.api.model.ContainerBuilder;
import io.fabric8.kubernetes.api.model.ContainerPort;
import io.fabric8.kubernetes.api.model.ContainerPortBuilder;
import io.fabric8.kubernetes.api.model.DoneablePod;
import io.fabric8.kubernetes.api.model.DoneableService;
import io.fabric8.kubernetes.api.model.EnvVar;
import io.fabric8.kubernetes.api.model.LocalObjectReference;
import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.SecurityContextBuilder;
import io.fabric8.kubernetes.api.model.Service;
import io.fabric8.kubernetes.api.model.ServicePort;
import io.fabric8.kubernetes.api.model.ServicePortBuilder;
import io.fabric8.kubernetes.api.model.Volume;
import io.fabric8.kubernetes.api.model.VolumeBuilder;
import io.fabric8.kubernetes.api.model.VolumeMount;
import io.fabric8.kubernetes.api.model.VolumeMountBuilder;
import io.fabric8.kubernetes.client.ConfigBuilder;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import io.fabric8.kubernetes.client.dsl.PodResource;
import java.io.IOException;
import java.io.OutputStream;
import java.net.URI;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import java.util.function.BiConsumer;
import java.util.stream.Collectors;
import org.apache.commons.io.IOUtils;
import org.thymeleaf.spring5.processor.SpringInputGeneralFieldTagProcessor;

/* loaded from: input_file:BOOT-INF/lib/containerproxy-0.4.0.jar:eu/openanalytics/containerproxy/backend/kubernetes/KubernetesBackend.class */
public class KubernetesBackend extends AbstractContainerBackend {
    private static final String PROPERTY_PREFIX = "proxy.kubernetes.";
    private static final String PROPERTY_NAMESPACE = "namespace";
    private static final String PROPERTY_API_VERSION = "api-version";
    private static final String PROPERTY_IMG_PULL_POLICY = "image-pull-policy";
    private static final String PROPERTY_IMG_PULL_SECRETS = "image-pull-secrets";
    private static final String PROPERTY_IMG_PULL_SECRET = "image-pull-secret";
    private static final String DEFAULT_NAMESPACE = "default";
    private static final String DEFAULT_API_VERSION = "v1";
    private static final String PARAM_POD = "pod";
    private static final String PARAM_SERVICE = "service";
    private KubernetesClient kubeClient;

    @Override // eu.openanalytics.containerproxy.backend.AbstractContainerBackend, eu.openanalytics.containerproxy.backend.IContainerBackend
    public void initialize() throws ContainerProxyException {
        super.initialize();
        ConfigBuilder configBuilder = new ConfigBuilder();
        String property = getProperty(SpringInputGeneralFieldTagProcessor.URL_INPUT_TYPE_ATTR_VALUE);
        if (property != null) {
            configBuilder.withMasterUrl(property);
        }
        String property2 = getProperty("cert-path");
        if (property2 != null && Files.isDirectory(Paths.get(property2, new String[0]), new LinkOption[0])) {
            Path path = Paths.get(property2, DockerCertificates.DEFAULT_CA_CERT_NAME);
            if (Files.exists(path, new LinkOption[0])) {
                configBuilder.withCaCertFile(path.toString());
            }
            Path path2 = Paths.get(property2, DockerCertificates.DEFAULT_CLIENT_CERT_NAME);
            if (Files.exists(path2, new LinkOption[0])) {
                configBuilder.withClientCertFile(path2.toString());
            }
            Path path3 = Paths.get(property2, DockerCertificates.DEFAULT_CLIENT_KEY_NAME);
            if (Files.exists(path3, new LinkOption[0])) {
                configBuilder.withClientKeyFile(path3.toString());
            }
        }
        this.kubeClient = new DefaultKubernetesClient(configBuilder.build());
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // eu.openanalytics.containerproxy.backend.AbstractContainerBackend
    protected Container startContainer(ContainerSpec containerSpec, Proxy proxy) throws Exception {
        Container container = new Container();
        container.setSpec(containerSpec);
        container.setId(UUID.randomUUID().toString());
        String property = getProperty(PROPERTY_NAMESPACE, "default");
        String property2 = getProperty(PROPERTY_API_VERSION, DEFAULT_API_VERSION);
        String[] strArr = (String[]) Optional.ofNullable(containerSpec.getVolumes()).orElse(new String[0]);
        Volume[] volumeArr = new Volume[strArr.length];
        VolumeMount[] volumeMountArr = new VolumeMount[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            String[] split = strArr[i].split(":");
            String str = split[0];
            String str2 = split[1];
            String str3 = "shinyproxy-volume-" + i;
            volumeArr[i] = new VolumeBuilder().withNewHostPath(str).withName(str3).build();
            volumeMountArr[i] = new VolumeMountBuilder().withMountPath(str2).withName(str3).build();
        }
        ArrayList arrayList = new ArrayList();
        for (String str4 : buildEnv(containerSpec, proxy)) {
            int indexOf = str4.indexOf(61);
            if (indexOf == -1) {
                this.log.warn("Invalid environment variable: " + str4);
            }
            arrayList.add(new EnvVar(str4.substring(0, indexOf), str4.substring(indexOf + 1), null));
        }
        ContainerBuilder withEnv = new ContainerBuilder().withImage(containerSpec.getImage()).withCommand(containerSpec.getCmd()).withName("sp-container-" + container.getId()).withPorts((List<ContainerPort>) containerSpec.getPortMapping().values().stream().map(num -> {
            return new ContainerPortBuilder().withContainerPort(num).build();
        }).collect(Collectors.toList())).withVolumeMounts(volumeMountArr).withSecurityContext(new SecurityContextBuilder().withPrivileged(Boolean.valueOf(containerSpec.isPrivileged())).build()).withEnv(arrayList);
        String property3 = getProperty(PROPERTY_IMG_PULL_POLICY);
        if (property3 != null) {
            withEnv.withImagePullPolicy(property3);
        }
        String[] strArr2 = new String[0];
        String property4 = getProperty(PROPERTY_IMG_PULL_SECRET);
        if (property4 == null) {
            String property5 = getProperty(PROPERTY_IMG_PULL_SECRETS);
            if (property5 != null) {
                strArr2 = property5.split(",");
            }
        } else {
            strArr2 = new String[]{property4};
        }
        Pod pod = (Pod) this.kubeClient.resource((KubernetesClient) ((DoneablePod) ((DoneablePod) ((DoneablePod) ((NonNamespaceOperation) this.kubeClient.pods().inNamespace(property)).createNew()).withApiVersion(property2).withKind("Pod").withNewMetadata().withName("sp-pod-" + container.getId()).addToLabels("app", container.getId()).endMetadata()).withNewSpec().withContainers(Collections.singletonList(withEnv.build())).withVolumes(volumeArr).withImagePullSecrets((List<LocalObjectReference>) Arrays.asList(strArr2).stream().map(LocalObjectReference::new).collect(Collectors.toList())).endSpec()).done()).waitUntilReady(600L, TimeUnit.SECONDS);
        Service service = null;
        if (!isUseInternalNetwork()) {
            Service done = ((DoneableService) ((DoneableService) ((DoneableService) ((NonNamespaceOperation) this.kubeClient.services().inNamespace(property)).createNew()).withApiVersion(property2).withKind("Service").withNewMetadata().withName("sp-service-" + container.getId()).endMetadata()).withNewSpec().addToSelector("app", container.getId()).withType("NodePort").withPorts((List<ServicePort>) containerSpec.getPortMapping().values().stream().map(num2 -> {
                return new ServicePortBuilder().withPort(num2).build();
            }).collect(Collectors.toList())).endSpec()).done();
            Retrying.retry(i2 -> {
                try {
                    this.kubeClient.resource((KubernetesClient) done).waitUntilReady(600L, TimeUnit.SECONDS);
                    return true;
                } catch (Exception e) {
                    return false;
                }
            }, 5, 1000);
            service = (Service) this.kubeClient.resource((KubernetesClient) done).waitUntilReady(600L, TimeUnit.SECONDS);
        }
        container.getParameters().put(PARAM_POD, pod);
        container.getParameters().put(PARAM_SERVICE, service);
        for (String str5 : containerSpec.getPortMapping().keySet()) {
            int intValue = containerSpec.getPortMapping().get(str5).intValue();
            int i3 = -1;
            if (service != null) {
                i3 = ((Integer) service.getSpec().getPorts().stream().filter(servicePort -> {
                    return servicePort.getPort().intValue() == intValue;
                }).map(servicePort2 -> {
                    return servicePort2.getNodePort();
                }).findAny().orElse(-1)).intValue();
            }
            proxy.getTargets().put(this.mappingStrategy.createMapping(str5, container, proxy), calculateTarget(container, intValue, i3));
        }
        Thread.sleep(15000L);
        return container;
    }

    protected URI calculateTarget(Container container, int i, int i2) throws Exception {
        String hostIP;
        int i3;
        String property = getProperty("container-protocol", "http");
        Pod pod = (Pod) Pod.class.cast(container.getParameters().get(PARAM_POD));
        if (isUseInternalNetwork()) {
            hostIP = pod.getStatus().getPodIP();
            i3 = i;
        } else {
            hostIP = pod.getStatus().getHostIP();
            i3 = i2;
        }
        return new URI(String.format("%s://%s:%s", property, hostIP, Integer.valueOf(i3)));
    }

    @Override // eu.openanalytics.containerproxy.backend.AbstractContainerBackend
    protected void doStopProxy(Proxy proxy) throws Exception {
        for (Container container : proxy.getContainers()) {
            Pod pod = (Pod) Pod.class.cast(container.getParameters().get(PARAM_POD));
            if (pod != null) {
                this.kubeClient.pods().delete(pod);
            }
            Service service = (Service) Service.class.cast(container.getParameters().get(PARAM_SERVICE));
            if (service != null) {
                this.kubeClient.services().delete(service);
            }
        }
    }

    @Override // eu.openanalytics.containerproxy.backend.AbstractContainerBackend, eu.openanalytics.containerproxy.backend.IContainerBackend
    public BiConsumer<OutputStream, OutputStream> getOutputAttacher(Proxy proxy) {
        if (proxy.getContainers().isEmpty()) {
            return null;
        }
        return (outputStream, outputStream2) -> {
            try {
                IOUtils.copy(((PodResource) ((NonNamespaceOperation) this.kubeClient.pods().inNamespace(getProperty(PROPERTY_NAMESPACE, "default"))).withName("sp-pod-" + proxy.getContainers().get(0).getId())).watchLog().getOutput(), outputStream);
            } catch (IOException e) {
                this.log.error("Error while attaching to container output", (Throwable) e);
            }
        };
    }

    @Override // eu.openanalytics.containerproxy.backend.AbstractContainerBackend
    protected String getPropertyPrefix() {
        return PROPERTY_PREFIX;
    }
}
