package org.fusesource.fabric.openshift.agent;

import com.openshift.client.IApplication;
import com.openshift.client.IOpenShiftConnection;
import com.openshift.client.IOpenShiftSSHKey;
import java.io.File;
import java.net.MalformedURLException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import org.apache.curator.framework.CuratorFramework;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Reference;
import org.eclipse.jgit.errors.UnsupportedCredentialItem;
import org.eclipse.jgit.transport.CredentialItem;
import org.eclipse.jgit.transport.CredentialsProvider;
import org.eclipse.jgit.transport.URIish;
import org.fusesource.common.util.Maps;
import org.fusesource.common.util.Strings;
import org.fusesource.fabric.agent.download.DownloadManagers;
import org.fusesource.fabric.agent.mvn.Parser;
import org.fusesource.fabric.api.Container;
import org.fusesource.fabric.api.DataStore;
import org.fusesource.fabric.api.FabricService;
import org.fusesource.fabric.api.jcip.GuardedBy;
import org.fusesource.fabric.api.jcip.ThreadSafe;
import org.fusesource.fabric.api.scr.AbstractComponent;
import org.fusesource.fabric.api.scr.ValidatingReference;
import org.fusesource.fabric.groups.Group;
import org.fusesource.fabric.groups.GroupListener;
import org.fusesource.fabric.groups.internal.ZooKeeperGroup;
import org.fusesource.fabric.openshift.CreateOpenshiftContainerOptions;
import org.fusesource.fabric.openshift.OpenShiftConstants;
import org.fusesource.fabric.openshift.OpenShiftUtils;
import org.fusesource.fabric.utils.SystemProperties;
import org.fusesource.fabric.zookeeper.ZkPath;
import org.osgi.service.cm.ConfigurationAdmin;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
@Component(name = "org.fusesource.fabric.openshift.agent", description = "Fabric agent for deploying applications into external OpenShift cartridges", immediate = true)
/* loaded from: input_file:org/fusesource/fabric/openshift/agent/OpenShiftDeployAgent.class */
public final class OpenShiftDeployAgent extends AbstractComponent implements GroupListener<ControllerNode> {
    private static final String REALM_PROPERTY_NAME = "realm";
    private static final String ROLE_PROPERTY_NAME = "role";
    private static final String DEFAULT_REALM = "karaf";
    private static final String DEFAULT_ROLE = "admin";

    @Reference(referenceInterface = ConfigurationAdmin.class)
    private final ValidatingReference<ConfigurationAdmin> configAdmin = new ValidatingReference<>();

    @Reference(referenceInterface = CuratorFramework.class)
    private final ValidatingReference<CuratorFramework> curator = new ValidatingReference<>();

    @Reference(referenceInterface = FabricService.class)
    private final ValidatingReference<FabricService> fabricService = new ValidatingReference<>();
    private final ExecutorService downloadExecutor = Executors.newSingleThreadExecutor();
    private final Runnable runnable = new Runnable() { // from class: org.fusesource.fabric.openshift.agent.OpenShiftDeployAgent.1
        @Override // java.lang.Runnable
        public void run() {
            OpenShiftDeployAgent.this.onConfigurationChanged();
        }
    };

    @GuardedBy("volatile")
    private volatile Group<ControllerNode> group;
    private static final Logger LOGGER = LoggerFactory.getLogger(OpenShiftDeployAgent.class);
    private static final String KARAF_NAME = System.getProperty(SystemProperties.KARAF_NAME);

    @Activate
    void activate(Map<String, String> map) {
        this.group = new ZooKeeperGroup((CuratorFramework) this.curator.get(), ZkPath.OPENSHIFT.getPath(new String[0]), ControllerNode.class);
        this.group.add(this);
        this.group.update(createState());
        this.group.start();
        activateComponent();
    }

    @Deactivate
    void deactivate() {
        deactivateComponent();
        try {
            if (this.group != null) {
                this.group.close();
            }
        } catch (Exception e) {
            LOGGER.warn("Failed to remove git server from registry.", e);
        }
        shutdownExecutor(this.downloadExecutor);
    }

    private void shutdownExecutor(ExecutorService executorService) {
        executorService.shutdown();
        try {
            executorService.awaitTermination(1L, TimeUnit.MINUTES);
        } catch (InterruptedException e) {
        }
        executorService.shutdownNow();
    }

    public void groupEvent(Group<ControllerNode> group, GroupListener.GroupEvent groupEvent) {
        if (isValid()) {
            if (group.isMaster()) {
                LOGGER.info("OpenShiftDeployAgent is the master");
            } else {
                LOGGER.info("OpenShiftDeployAgent is not the master");
            }
            try {
                DataStore dataStore = null;
                if (this.fabricService != null) {
                    dataStore = ((FabricService) this.fabricService.get()).getDataStore();
                } else {
                    LOGGER.warn("No fabricService yet!");
                }
                if (group.isMaster()) {
                    group.update(createState());
                }
                if (dataStore != null) {
                    if (group.isMaster()) {
                        dataStore.trackConfiguration(this.runnable);
                        onConfigurationChanged();
                    } else {
                        dataStore.untrackConfiguration(this.runnable);
                    }
                }
            } catch (IllegalStateException e) {
            }
        }
    }

    protected void onConfigurationChanged() {
        final String gitUrl;
        LOGGER.info("Configuration has changed; so checking the Fabric managed Java cartridges on OpenShift are up to date");
        for (Container container : ((FabricService) this.fabricService.get()).getContainers()) {
            Map<String, String> configuration = container.getOverlayProfile().getConfiguration(OpenShiftConstants.OPENSHIFT_PID);
            if (configuration != null) {
                DeploymentUpdater deploymentUpdater = null;
                try {
                    deploymentUpdater = createDeployTask(container, configuration);
                } catch (MalformedURLException e) {
                    LOGGER.error("Failed to create DeploymentUpdater. " + e, e);
                }
                if (deploymentUpdater != null && OpenShiftUtils.isFabricManaged(configuration)) {
                    String id = container.getId();
                    IOpenShiftConnection createConnection = OpenShiftUtils.createConnection(container);
                    CreateOpenshiftContainerOptions createOptions = OpenShiftUtils.getCreateOptions(container);
                    if (createConnection == null || createOptions == null) {
                        LOGGER.warn("Ignoring container which has no openshift connection or options. connection: " + createConnection + " options: " + createOptions);
                    } else {
                        try {
                            try {
                                IApplication application = OpenShiftUtils.getApplication(container, createConnection);
                                if (application != null && (gitUrl = application.getGitUrl()) != null) {
                                    LOGGER.info("Git URL is " + gitUrl);
                                    final CartridgeGitRepository cartridgeGitRepository = new CartridgeGitRepository(id);
                                    final List<IOpenShiftSSHKey> sSHKeys = application.getDomain().getUser().getSSHKeys();
                                    final CredentialsProvider credentialsProvider = new CredentialsProvider() { // from class: org.fusesource.fabric.openshift.agent.OpenShiftDeployAgent.2
                                        public boolean supports(CredentialItem... credentialItemArr) {
                                            return true;
                                        }

                                        public boolean isInteractive() {
                                            return true;
                                        }

                                        public boolean get(URIish uRIish, CredentialItem... credentialItemArr) throws UnsupportedCredentialItem {
                                            OpenShiftDeployAgent.LOGGER.info("Credential request " + uRIish + " items " + Arrays.asList(credentialItemArr));
                                            int i = -1;
                                            for (CredentialItem credentialItem : credentialItemArr) {
                                                if (credentialItem instanceof CredentialItem.StringType) {
                                                    CredentialItem.StringType stringType = (CredentialItem.StringType) credentialItem;
                                                    i++;
                                                    int i2 = i < sSHKeys.size() ? i : 0;
                                                    if (i2 < sSHKeys.size()) {
                                                        String publicKey = ((IOpenShiftSSHKey) sSHKeys.get(i2)).getPublicKey();
                                                        OpenShiftDeployAgent.LOGGER.info("For item " + credentialItem + " index " + i + " using passphrase: " + publicKey);
                                                        stringType.setValue(publicKey);
                                                    } else {
                                                        OpenShiftDeployAgent.LOGGER.warn("No ssh keys we can pass into git!");
                                                    }
                                                } else {
                                                    OpenShiftDeployAgent.LOGGER.warn("Unknown CredentialItem " + credentialItem);
                                                }
                                            }
                                            return true;
                                        }
                                    };
                                    final DeploymentUpdater deploymentUpdater2 = deploymentUpdater;
                                    SshSessionFactoryUtils.useOpenShiftSessionFactory(new Callable<Object>() { // from class: org.fusesource.fabric.openshift.agent.OpenShiftDeployAgent.3
                                        @Override // java.util.concurrent.Callable
                                        public Object call() throws Exception {
                                            cartridgeGitRepository.cloneOrPull(gitUrl, credentialsProvider);
                                            deploymentUpdater2.updateDeployment(cartridgeGitRepository.getGit(), cartridgeGitRepository.getLocalRepo(), credentialsProvider);
                                            return null;
                                        }
                                    });
                                }
                                OpenShiftUtils.close(createConnection);
                            } catch (Exception e2) {
                                LOGGER.error("Failed to update container " + id + ". Reason: " + e2, e2);
                                OpenShiftUtils.close(createConnection);
                            }
                        } catch (Throwable th) {
                            OpenShiftUtils.close(createConnection);
                            throw th;
                        }
                    }
                }
            }
        }
    }

    private DeploymentUpdater createDeployTask(Container container, Map<String, String> map) throws MalformedURLException {
        String relativePath = relativePath(container, map, OpenShiftConstants.PROPERTY_DEPLOY_WEBAPPS);
        String relativePath2 = relativePath(container, map, OpenShiftConstants.PROPERTY_DEPLOY_JARS);
        if (relativePath == null && relativePath2 == null) {
            return null;
        }
        DeploymentUpdater deploymentUpdater = new DeploymentUpdater(DownloadManagers.createDownloadManager((FabricService) this.fabricService.get(), container.getOverlayProfile(), this.downloadExecutor), container, relativePath, relativePath2);
        deploymentUpdater.setRepositories(Maps.stringValue(map, OpenShiftConstants.PROPERTY_REPOSITORIES, OpenShiftConstants.DEFAULT_REPOSITORIES));
        deploymentUpdater.setCopyFilesIntoGit(Maps.booleanValue(map, OpenShiftConstants.PROPERTY_COPY_BINARIES_TO_GIT, false));
        return deploymentUpdater;
    }

    private String relativePath(Container container, Map<String, String> map, String str) {
        String stringValue = Maps.stringValue(map, str);
        if (!Strings.isNotBlank(stringValue)) {
            return null;
        }
        if (stringValue.startsWith("..") || stringValue.startsWith(Parser.FILE_SEPARATOR) || stringValue.startsWith(File.separator)) {
            throw new IllegalStateException("Invalid relative path '" + stringValue + "' for property " + str + " for container " + container.getId());
        }
        return stringValue;
    }

    private ControllerNode createState() {
        ControllerNode controllerNode = new ControllerNode();
        controllerNode.setContainer(KARAF_NAME);
        return controllerNode;
    }

    void bindConfigAdmin(ConfigurationAdmin configurationAdmin) {
        this.configAdmin.bind(configurationAdmin);
    }

    void unbindConfigAdmin(ConfigurationAdmin configurationAdmin) {
        this.configAdmin.unbind(configurationAdmin);
    }

    void bindCurator(CuratorFramework curatorFramework) {
        this.curator.bind(curatorFramework);
    }

    void unbindCurator(CuratorFramework curatorFramework) {
        this.curator.unbind(curatorFramework);
    }

    void bindFabricService(FabricService fabricService) {
        this.fabricService.bind(fabricService);
    }

    void unbindFabricService(FabricService fabricService) {
        this.fabricService.unbind(fabricService);
    }
}
