package org.jboss.intersmash.provision.openshift;

import cz.xtf.core.config.OpenShiftConfig;
import cz.xtf.core.event.helpers.EventHelper;
import cz.xtf.core.openshift.OpenShiftWaiters;
import cz.xtf.core.openshift.OpenShifts;
import cz.xtf.core.waiting.SimpleWaiter;
import cz.xtf.core.waiting.failfast.FailFastCheck;
import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.apiextensions.v1.CustomResourceDefinition;
import io.fabric8.kubernetes.api.model.apps.StatefulSet;
import io.fabric8.kubernetes.client.GracePeriodConfigurable;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.kubernetes.client.dsl.base.CustomResourceDefinitionContext;
import io.fabric8.openshift.api.model.Route;
import io.fabric8.openshift.api.model.RouteList;
import java.net.MalformedURLException;
import java.net.URL;
import java.text.MessageFormat;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import lombok.NonNull;
import org.assertj.core.util.Lists;
import org.assertj.core.util.Strings;
import org.jboss.intersmash.IntersmashConfig;
import org.jboss.intersmash.application.openshift.KeycloakOperatorApplication;
import org.jboss.intersmash.provision.openshift.operator.OperatorProvisioner;
import org.jboss.intersmash.util.tls.CertificatesUtils;
import org.keycloak.k8s.v2alpha1.Keycloak;
import org.keycloak.k8s.v2alpha1.KeycloakOperatorKeycloakList;
import org.keycloak.k8s.v2alpha1.KeycloakOperatorRealmImportList;
import org.keycloak.k8s.v2alpha1.KeycloakRealmImport;
import org.keycloak.k8s.v2alpha1.KeycloakRealmImportStatus;
import org.keycloak.k8s.v2alpha1.KeycloakSpec;
import org.keycloak.k8s.v2alpha1.KeycloakStatus;
import org.keycloak.k8s.v2alpha1.keycloakspec.Http;
import org.slf4j.event.Level;

/* loaded from: input_file:org/jboss/intersmash/provision/openshift/KeycloakOperatorProvisioner.class */
public class KeycloakOperatorProvisioner extends OperatorProvisioner<KeycloakOperatorApplication> {
    private static final String KEYCLOAK_RESOURCE = "keycloaks.k8s.keycloak.org";
    private static final String KEYCLOAK_REALM_IMPORT_RESOURCE = "keycloakrealmimports.k8s.keycloak.org";
    private static NonNamespaceOperation<Keycloak, KeycloakOperatorKeycloakList, Resource<Keycloak>> KEYCLOAK_CUSTOM_RESOURCE_CLIENT;
    private static NonNamespaceOperation<KeycloakRealmImport, KeycloakOperatorRealmImportList, Resource<KeycloakRealmImport>> KEYCLOAK_REALM_IMPORT_CUSTOM_RESOURCE_CLIENT;
    private static final String OPERATOR_ID = IntersmashConfig.keycloakOperatorPackageManifest();
    protected FailFastCheck ffCheck;

    public NonNamespaceOperation<Keycloak, KeycloakOperatorKeycloakList, Resource<Keycloak>> keycloakClient() {
        if (KEYCLOAK_CUSTOM_RESOURCE_CLIENT == null) {
            CustomResourceDefinitionContext fromCrd = CustomResourceDefinitionContext.fromCrd((CustomResourceDefinition) ((Resource) OpenShifts.admin().apiextensions().v1().customResourceDefinitions().withName(KEYCLOAK_RESOURCE)).get());
            if (!getCustomResourceDefinitions().contains(KEYCLOAK_RESOURCE)) {
                throw new RuntimeException(String.format("[%s] custom resource is not provided by [%s] operator.", KEYCLOAK_RESOURCE, OPERATOR_ID));
            }
            KEYCLOAK_CUSTOM_RESOURCE_CLIENT = (NonNamespaceOperation) OpenShifts.master().newHasMetadataOperation(fromCrd, Keycloak.class, KeycloakOperatorKeycloakList.class).inNamespace(OpenShiftConfig.namespace());
        }
        return KEYCLOAK_CUSTOM_RESOURCE_CLIENT;
    }

    public NonNamespaceOperation<KeycloakRealmImport, KeycloakOperatorRealmImportList, Resource<KeycloakRealmImport>> keycloakRealmImportClient() {
        if (KEYCLOAK_REALM_IMPORT_CUSTOM_RESOURCE_CLIENT == null) {
            CustomResourceDefinitionContext fromCrd = CustomResourceDefinitionContext.fromCrd((CustomResourceDefinition) ((Resource) OpenShifts.admin().apiextensions().v1().customResourceDefinitions().withName(KEYCLOAK_REALM_IMPORT_RESOURCE)).get());
            if (!getCustomResourceDefinitions().contains(KEYCLOAK_REALM_IMPORT_RESOURCE)) {
                throw new RuntimeException(String.format("[%s] custom resource is not provided by [%s] operator.", KEYCLOAK_REALM_IMPORT_RESOURCE, OPERATOR_ID));
            }
            KEYCLOAK_REALM_IMPORT_CUSTOM_RESOURCE_CLIENT = (NonNamespaceOperation) OpenShifts.master().newHasMetadataOperation(fromCrd, KeycloakRealmImport.class, KeycloakOperatorRealmImportList.class).inNamespace(OpenShiftConfig.namespace());
        }
        return KEYCLOAK_REALM_IMPORT_CUSTOM_RESOURCE_CLIENT;
    }

    public KeycloakOperatorProvisioner(@NonNull KeycloakOperatorApplication keycloakOperatorApplication) {
        super(keycloakOperatorApplication, OPERATOR_ID);
        this.ffCheck = () -> {
            return false;
        };
        if (keycloakOperatorApplication == null) {
            throw new NullPointerException("application is marked non-null but is null");
        }
    }

    public static String getOperatorId() {
        return OPERATOR_ID;
    }

    protected String getOperatorCatalogSource() {
        return IntersmashConfig.keycloakOperatorCatalogSource();
    }

    protected String getOperatorIndexImage() {
        return IntersmashConfig.keycloakOperatorIndexImage();
    }

    protected String getOperatorChannel() {
        return IntersmashConfig.keycloakOperatorChannel();
    }

    public void deploy() {
        this.ffCheck = FailFastUtils.getFailFastCheck(EventHelper.timeOfLastEventBMOrTestNamespaceOrEpoch(), new String[]{((KeycloakOperatorApplication) getApplication()).getName()});
        subscribe();
        if (!Strings.isNullOrEmpty(IntersmashConfig.keycloakImageURL())) {
            ((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).setImage(IntersmashConfig.keycloakImageURL());
        }
        if (((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHttp() == null || ((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHttp().getTlsSecret() == null) {
            if (((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHostname() == null || com.google.common.base.Strings.isNullOrEmpty(((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHostname().getHostname())) {
                throw new IllegalStateException("A .spec.hostname.hostname must be set when configuring a Keycloak resource .spec.http");
            }
            CertificatesUtils.CertificateAndKey generateSelfSignedCertificateAndKey = CertificatesUtils.generateSelfSignedCertificateAndKey(((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHostname().getHostname().replaceFirst("[.].*$", ""), ((KeycloakOperatorApplication) getApplication()).getKeycloak().getMetadata().getName() + "-tls-secret");
            if (((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHttp() == null) {
                Http http = new Http();
                http.setTlsSecret(generateSelfSignedCertificateAndKey.tlsSecret.getMetadata().getName());
                ((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).setHttp(http);
            } else {
                ((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getHttp().setTlsSecret(generateSelfSignedCertificateAndKey.tlsSecret.getMetadata().getName());
            }
        }
        if (((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getDb() != null) {
            new SimpleWaiter(() -> {
                return OpenShiftProvisioner.openShift.getService(((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getDb().getHost()) != null;
            }).level(Level.DEBUG).waitFor();
        }
        keycloakClient().createOrReplace(((KeycloakOperatorApplication) getApplication()).getKeycloak());
        if (((KeycloakOperatorApplication) getApplication()).getKeycloakRealmImports().size() > 0) {
            ((KeycloakOperatorApplication) getApplication()).getKeycloakRealmImports().stream().forEach(keycloakRealmImport -> {
                ((Resource) keycloakRealmImportClient().resource(keycloakRealmImport)).create();
            });
        }
        waitFor(((KeycloakOperatorApplication) getApplication()).getKeycloak());
        waitForKeycloakResourceReadiness();
        URL url = getURL();
        if (((KeycloakSpec) ((KeycloakOperatorApplication) getApplication()).getKeycloak().getSpec()).getInstances().longValue() <= 0 || url == null) {
            return;
        }
        WaitersUtil.routeIsUp(url.toExternalForm()).level(Level.DEBUG).waitFor();
    }

    public void waitFor(Keycloak keycloak) {
        Long instances = ((KeycloakSpec) keycloak.getSpec()).getInstances();
        if (instances.longValue() > 0) {
            OpenShiftWaiters.get(OpenShiftProvisioner.openShift, this.ffCheck).areExactlyNPodsReady(instances.intValue(), "controller-revision-hash", getStatefulSet().getStatus().getUpdateRevision()).waitFor();
        }
    }

    public void waitFor(KeycloakRealmImport keycloakRealmImport) {
        new SimpleWaiter(() -> {
            Resource resource = (Resource) keycloakRealmImportClient().withName(keycloakRealmImport.getMetadata().getName());
            if (!Objects.nonNull(resource) || !Objects.nonNull(resource.get()) || !Objects.nonNull(((KeycloakRealmImport) resource.get()).getStatus())) {
                return false;
            }
            KeycloakRealmImport keycloakRealmImport2 = (KeycloakRealmImport) resource.get();
            return ((KeycloakRealmImportStatus) keycloakRealmImport2.getStatus()).getConditions().stream().filter(conditions -> {
                return conditions.getStatus() != null && "Done".equalsIgnoreCase(conditions.getType()) && com.google.common.base.Strings.isNullOrEmpty(conditions.getMessage());
            }).count() == 1 && ((KeycloakRealmImportStatus) keycloakRealmImport2.getStatus()).getConditions().stream().filter(conditions2 -> {
                return conditions2.getStatus() == null && "HasErrors".equalsIgnoreCase(conditions2.getType()) && com.google.common.base.Strings.isNullOrEmpty(conditions2.getMessage());
            }).count() == 1;
        }).reason("Wait for KeycloakRealmImport resource to be imported").level(Level.DEBUG).waitFor();
    }

    private void waitForKeycloakResourceReadiness() {
        new SimpleWaiter(() -> {
            return ((KeycloakStatus) ((Keycloak) keycloak().get()).getStatus()).getConditions().stream().anyMatch(conditions -> {
                return "Ready".equalsIgnoreCase(conditions.getType()) && conditions.getStatus() != null;
            });
        }).reason("Wait for Keycloak resource to be ready").level(Level.DEBUG).waitFor();
        if (((KeycloakOperatorApplication) getApplication()).getKeycloakRealmImports().size() > 0) {
            new SimpleWaiter(() -> {
                return keycloakRealmImports().stream().allMatch(keycloakRealmImport -> {
                    return ((KeycloakRealmImportStatus) keycloakRealmImport.getStatus()).getConditions().stream().anyMatch(conditions -> {
                        return "Done".equalsIgnoreCase(conditions.getType()) && conditions.getStatus() != null;
                    });
                });
            }).reason("Wait for KeycloakRealmImports to be done.").level(Level.DEBUG).waitFor();
        }
    }

    public Resource<Keycloak> keycloak() {
        return (Resource) keycloakClient().withName(((KeycloakOperatorApplication) getApplication()).getKeycloak().getMetadata().getName());
    }

    public List<KeycloakRealmImport> keycloakRealmImports() {
        return (List) ((KeycloakOperatorRealmImportList) keycloakRealmImportClient().list()).getItems().stream().filter(keycloakRealmImport -> {
            return ((KeycloakOperatorApplication) getApplication()).getKeycloakRealmImports().stream().map(keycloakRealmImport -> {
                return keycloakRealmImport.getMetadata().getName();
            }).anyMatch(str -> {
                return str.equalsIgnoreCase(keycloakRealmImport.getMetadata().getName());
            });
        }).collect(Collectors.toList());
    }

    private StatefulSet getStatefulSet() {
        String name = ((KeycloakOperatorApplication) getApplication()).getKeycloak().getMetadata().getName();
        new SimpleWaiter(() -> {
            return Objects.nonNull(OpenShiftProvisioner.openShift.getStatefulSet(name));
        }).reason(MessageFormat.format("Waiting for StatefulSet \"{0}\" to be created for Keycloak \"{1}\".", name, ((KeycloakOperatorApplication) getApplication()).getKeycloak().getMetadata().getName())).level(Level.DEBUG).timeout(60000L).waitFor();
        return OpenShiftProvisioner.openShift.getStatefulSet(name);
    }

    public void undeploy() {
        keycloakRealmImports().forEach(keycloakRealmImport -> {
            ((GracePeriodConfigurable) ((Resource) keycloakRealmImportClient().withName(keycloakRealmImport.getMetadata().getName())).withPropagationPolicy(DeletionPropagation.FOREGROUND)).delete();
        });
        new SimpleWaiter(() -> {
            return ((KeycloakOperatorRealmImportList) keycloakRealmImportClient().list()).getItems().size() == 0;
        }).reason("Wait for all keycloakRealmImports instances to be deleted.").level(Level.DEBUG).waitFor();
        ((GracePeriodConfigurable) keycloak().withPropagationPolicy(DeletionPropagation.FOREGROUND)).delete();
        new SimpleWaiter(() -> {
            return ((KeycloakOperatorKeycloakList) keycloakClient().list()).getItems().size() == 0;
        }).reason("Wait for Keycloak instances to be deleted.").level(Level.DEBUG).waitFor();
        OpenShiftWaiters.get(OpenShiftProvisioner.openShift, () -> {
            return false;
        }).areExactlyNPodsReady(0, "app", ((KeycloakOperatorApplication) getApplication()).getKeycloak().getKind().toLowerCase()).level(Level.DEBUG).waitFor();
        unsubscribe();
    }

    public void scale(int i, boolean z) {
        String updateRevision = getStatefulSet().getStatus().getUpdateRevision();
        Keycloak keycloak = (Keycloak) keycloak().get();
        Long instances = ((KeycloakSpec) keycloak.getSpec()).getInstances();
        ((KeycloakSpec) keycloak.getSpec()).setInstances(Long.valueOf(Integer.toUnsignedLong(i)));
        keycloak().replace(keycloak);
        if (z) {
            OpenShiftWaiters.get(OpenShiftProvisioner.openShift, this.ffCheck).areExactlyNPodsReady(i, "controller-revision-hash", updateRevision).level(Level.DEBUG).waitFor();
        }
        new SimpleWaiter(() -> {
            return ((KeycloakStatus) ((Keycloak) keycloak().get()).getStatus()).getConditions().stream().anyMatch(conditions -> {
                return "Ready".equalsIgnoreCase(conditions.getType()) && conditions.getStatus() != null;
            });
        }).reason("Wait for Keycloak resource to be ready").level(Level.DEBUG).waitFor();
        if (instances.longValue() != 0 || i <= 0) {
            return;
        }
        WaitersUtil.routeIsUp(getURL().toExternalForm()).level(Level.DEBUG).waitFor();
    }

    public List<Pod> getPods() {
        StatefulSet statefulSet = OpenShiftProvisioner.openShift.getStatefulSet(((KeycloakOperatorApplication) getApplication()).getKeycloak().getMetadata().getName());
        return Objects.nonNull(statefulSet) ? OpenShiftProvisioner.openShift.getLabeledPods("controller-revision-hash", statefulSet.getStatus().getUpdateRevision()) : Lists.emptyList();
    }

    public URL getURL() {
        String host = ((Route) ((RouteList) OpenShiftProvisioner.openShift.routes().list()).getItems().stream().filter(route -> {
            return route.getMetadata().getName().startsWith(((Keycloak) keycloak().get()).getMetadata().getName()) && route.getMetadata().getLabels().entrySet().stream().filter(entry -> {
                return ((String) entry.getKey()).equalsIgnoreCase("app.kubernetes.io/instance") && ((String) entry.getValue()).equalsIgnoreCase((String) ((Keycloak) keycloak().get()).getMetadata().getLabels().get("app"));
            }).count() == 1;
        }).findFirst().orElseThrow(() -> {
            return new RuntimeException(String.format("No route for Keycloak %s!", ((Keycloak) keycloak().get()).getMetadata().getName()));
        })).getSpec().getHost();
        try {
            if (Strings.isNullOrEmpty(host)) {
                return null;
            }
            return new URL(String.format("https://%s", host));
        } catch (MalformedURLException e) {
            throw new RuntimeException(String.format("Keycloak operator External URL \"%s\" is malformed.", host), e);
        }
    }
}
