package io.fabric8.boot.commands;

import com.google.common.base.Strings;
import io.fabric8.api.Constants;
import io.fabric8.api.ContainerOptions;
import io.fabric8.api.CreateEnsembleOptions;
import io.fabric8.api.FabricService;
import io.fabric8.api.RuntimeProperties;
import io.fabric8.api.ServiceProxy;
import io.fabric8.api.ZkDefs;
import io.fabric8.api.ZooKeeperClusterBootstrap;
import io.fabric8.api.ZooKeeperClusterService;
import io.fabric8.boot.commands.support.ResolverPolicyEnum;
import io.fabric8.utils.OsgiUtils;
import io.fabric8.utils.PasswordEncoder;
import io.fabric8.utils.Ports;
import io.fabric8.utils.shell.ShellUtils;
import java.io.IOException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import java.util.Arrays;
import java.util.Dictionary;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.security.auth.Subject;
import org.apache.felix.gogo.commands.Argument;
import org.apache.felix.gogo.commands.Command;
import org.apache.felix.gogo.commands.Option;
import org.apache.felix.utils.properties.Properties;
import org.apache.karaf.shell.console.AbstractAction;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceReference;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;

@Command(name = CreateCommand.FUNCTION_VALUE, scope = "fabric", description = "Creates a new fabric ensemble (ZooKeeper ensemble)", detailedDescription = "classpath:create.txt")
/* loaded from: input_file:fabric-boot-commands-1.2.0.redhat-630317.jar:io/fabric8/boot/commands/CreateAction.class */
class CreateAction extends AbstractAction {
    private static final String GIT_REMOTE_USER = "gitRemoteUser";
    private static final String GIT_REMOTE_PASSWORD = "gitRemotePassword";

    @Option(name = "--clean", description = "Clean local zookeeper cluster and configurations")
    private boolean clean;

    @Option(name = "--no-import", description = "Disable the import of the sample registry data")
    private boolean noImport;

    @Option(name = "--import-dir", description = "Directory of files to import into the newly created ensemble")
    private String importDir;

    @Option(name = "-f", aliases = {"--force"}, multiValued = false, description = "Forces re-creating fabric")
    private boolean force;

    @Option(name = "-g", aliases = {"--global-resolver"}, description = "The global resolver policy, which becomes the default resolver policy applied to all new containers created in this fabric. Possible values are: localip, localhostname, publicip, publichostname, manualip. Default is localhostname.")
    String globalResolver;

    @Option(name = "-r", aliases = {"--resolver"}, description = "The local resolver policy. Possible values are: localip, localhostname, publicip, publichostname, manualip. Default is localhostname.")
    String resolver;

    @Option(name = "-m", aliases = {"--manual-ip"}, description = "An address to use, when using the manualip resolver.")
    String manualIp;

    @Option(name = "-b", aliases = {"--bind-address"}, description = "The default bind address.")
    String bindAddress;

    @Option(name = "-n", aliases = {"--non-managed"}, multiValued = false, description = "Flag to keep the container non managed")
    private boolean nonManaged;

    @Option(name = "--zookeeper-password", multiValued = false, description = "The ensemble password to use (one will be generated if not given)")
    private String zookeeperPassword;

    @Option(name = "--new-user", multiValued = false, description = "The username of a new user. The option refers to karaf user (ssh, http, jmx).")
    private String newUser;

    @Option(name = "--new-user-password", multiValued = false, description = "The password of the new user. The option refers to karaf user (ssh, http, jmx).")
    private String newUserPassword;

    @Option(name = "--external-git-url", multiValued = false, description = "Specify an external git URL.")
    private String externalGitUrl;

    @Option(name = "--external-git-user", multiValued = false, description = "Specify an external git user.")
    private String externalGitUser;

    @Option(name = "--external-git-password", multiValued = false, description = "Specify an external git password.")
    private String externalGitPassword;

    @Argument(required = false, multiValued = true, description = "List of containers. Empty list assumes current container only.")
    private List<String> containers;
    private static final String ROLE_DELIMITER = ",";
    private final BundleContext bundleContext;
    private final ConfigurationAdmin configAdmin;
    private final ZooKeeperClusterBootstrap bootstrap;
    private final RuntimeProperties runtimeProperties;

    @Option(name = "-v", aliases = {"--verbose"}, description = "Flag to enable verbose output of files being imported")
    boolean verbose = false;

    @Option(name = "--wait-for-provisioning", multiValued = false, description = "Flag to wait for the initial container provisioning")
    private boolean waitForProvisioning = false;

    @Option(name = "--bootstrap-timeout", multiValued = false, description = "How long to wait (milliseconds) for the initial fabric bootstrap")
    private long bootstrapTimeout = CreateEnsembleOptions.DEFAULT_MIGRATION_TIMEOUT;

    @Option(name = "-t", aliases = {"--time"}, description = "How long to wait (milliseconds) for the ensemble to start up before trying to import the default data")
    long ensembleStartupTime = 2000;

    @Option(name = "-p", aliases = {"--profile"}, multiValued = true, description = "Chooses the profile of the container. To specify multiple profiles, use this flag multiple times.")
    private Set<String> profiles = null;

    @Option(name = "-v", aliases = {"--version"}, multiValued = false, description = "Chooses the default version.")
    private String version = ContainerOptions.DEFAULT_VERSION;

    @Option(name = "--min-port", multiValued = false, description = "The minimum port of the allowed port range")
    private int minimumPort = 0;

    @Option(name = "--max-port", multiValued = false, description = "The maximum port of the allowed port range")
    private int maximumPort = Ports.MAX_PORT_NUMBER;

    @Option(name = "--zookeeper-ticktime", multiValued = false, description = "The length of a single tick, which is the basic time unit used by ZooKeeper, as measured in milliseconds. It is used to regulate heartbeats, and timeouts. For example, the minimum session timeout will be two ticks")
    private int zooKeeperTickTime = CreateEnsembleOptions.DEFAULT_TICKTIME;

    @Option(name = "--zookeeper-init-limit", multiValued = false, description = "The amount of time, in ticks (see tickTime), to allow followers to connect and sync to a leader")
    private int zooKeeperInitLimit = 10;

    @Option(name = "--zookeeper-sync-limit", multiValued = false, description = "The amount of time, in ticks (see tickTime), to allow followers to sync with ZooKeeper")
    private int zooKeeperSyncLimit = 5;

    @Option(name = "--zookeeper-data-dir", multiValued = false, description = "The location where ZooKeeper will store the in-memory database snapshots and, unless specified otherwise, the transaction log of updates to the database.")
    private String zooKeeperDataDir = CreateEnsembleOptions.DEFAULT_DATA_DIR;

    @Option(name = "--zookeeper-snap-retain-count", multiValued = false, description = "Number of snapshots to be retained after purge in Zookeeper")
    private int zookeeperSnapRetainCount = 3;

    @Option(name = "--zookeeper-purge-interval", multiValued = false, description = "Zookeeper snapshots purge interval in hours")
    private int zookeeperPurgeInterval = 0;

    @Option(name = "--zookeeper-server-port", multiValued = false, description = "The main port for ZooKeeper server")
    private int zooKeeperServerPort = -1;

    @Option(name = "--generate-zookeeper-password", multiValued = false, description = "Flag to enable automatic generation of password")
    private boolean generateZookeeperPassword = false;

    @Option(name = "--new-user-role", multiValued = false, description = "The role of the new user. The option refers to karaf user (ssh, http, jmx).")
    private String newUserRole = "";

    /* JADX INFO: Access modifiers changed from: package-private */
    public CreateAction(BundleContext bundleContext, ConfigurationAdmin configurationAdmin, ZooKeeperClusterBootstrap zooKeeperClusterBootstrap, RuntimeProperties runtimeProperties) {
        this.bundleContext = bundleContext;
        this.configAdmin = configurationAdmin;
        this.bootstrap = zooKeeperClusterBootstrap;
        this.runtimeProperties = runtimeProperties;
        this.importDir = runtimeProperties.getHomePath().resolve("fabric").resolve("import").toFile().getAbsolutePath();
    }

    /* JADX WARN: Type inference failed for: r0v31, types: [io.fabric8.api.CreateEnsembleOptions$Builder] */
    protected Object doExecute() throws Exception {
        boolean hasRole = hasRole("admin", "superuser", "administrator");
        if (!hasRole) {
            System.out.println("The fabric:create command can be executed only by admin user");
            return null;
        }
        Properties properties = new Properties(this.runtimeProperties.getConfPath().resolve("users.properties").toFile());
        if (!hasRole && !usersPropertiesFileContainsRole(properties, "admin", "superuser", "administrator")) {
            System.out.println("The etc/user.properties file must contain at least one admin user, if no other admin exists");
            return null;
        }
        ServiceReference serviceReference = this.bundleContext.getServiceReference(FabricService.class);
        FabricService fabricService = serviceReference != null ? (FabricService) this.bundleContext.getService(serviceReference) : null;
        if (!this.force && fabricService != null && fabricService.getCurrentContainer().isEnsembleServer()) {
            System.out.println("Current container " + fabricService.getCurrentContainerName() + " is already in the current fabric ensemble. Cannot create fabric.");
            System.out.println("You can use the --force option, if you want to force re-create the fabric.");
            return null;
        }
        Configuration configuration = this.configAdmin.getConfiguration("io.fabric8.bootstrap.configuration", (String) null);
        Dictionary properties2 = configuration.getProperties();
        if (properties2 == null) {
            properties2 = new Hashtable();
        }
        String runtimeIdentity = this.runtimeProperties.getRuntimeIdentity();
        CreateEnsembleOptions.Builder clean = CreateEnsembleOptions.builder().zooKeeperServerTickTime(this.zooKeeperTickTime).zooKeeperServerInitLimit(this.zooKeeperInitLimit).zooKeeperServerSyncLimit(this.zooKeeperSyncLimit).zooKeeperServerDataDir(this.zooKeeperDataDir).zookeeperSnapRetainCount(this.zookeeperSnapRetainCount).zookeeperPurgeInterval(this.zookeeperPurgeInterval).fromRuntimeProperties(this.runtimeProperties).bootstrapTimeout(this.bootstrapTimeout).waitForProvision(this.waitForProvisioning).autoImportEnabled(!this.noImport).clean(this.clean);
        clean.version(this.version);
        if (this.containers == null || this.containers.isEmpty()) {
            this.containers = Arrays.asList(runtimeIdentity);
        }
        if (!this.noImport && this.importDir != null) {
            clean.autoImportEnabled(true);
            clean.importPath(this.importDir);
        }
        if (this.globalResolver != null) {
            if (!isInEnum(this.globalResolver, ResolverPolicyEnum.class)) {
                System.out.println("The globalResolver value must be one of the following: localip, localhostname, publicip, publichostname, manualip");
                return null;
            }
            clean.globalResolver(this.globalResolver);
            properties2.put(ZkDefs.GLOBAL_RESOLVER_PROPERTY, this.globalResolver);
        }
        if (this.resolver != null) {
            if (!isInEnum(this.resolver, ResolverPolicyEnum.class)) {
                System.out.println("The resolver value must be one of the following: localip, localhostname, publicip, publichostname, manualip");
                return null;
            }
            clean.resolver(this.resolver);
            properties2.put(ZkDefs.LOCAL_RESOLVER_PROPERTY, this.resolver);
        }
        if (this.manualIp != null) {
            clean.manualIp(this.manualIp);
            properties2.put(ZkDefs.MANUAL_IP, this.manualIp);
        }
        if (this.bindAddress != null) {
            if (this.bindAddress.contains(":")) {
                String[] split = this.bindAddress.split(":");
                clean.bindAddress(split[0]);
                clean.zooKeeperServerPort(Integer.parseInt(split[1]));
                properties2.put(ZkDefs.BIND_ADDRESS, split[0]);
            } else {
                clean.bindAddress(this.bindAddress);
                properties2.put(ZkDefs.BIND_ADDRESS, this.bindAddress);
            }
        }
        if (this.zooKeeperServerPort > 0) {
            clean.setZooKeeperServerPort(this.zooKeeperServerPort);
            clean.setZooKeeperServerConnectionPort(this.zooKeeperServerPort);
        } else {
            int mapPortToRange = Ports.mapPortToRange(Ports.DEFAULT_ZOOKEEPER_SERVER_PORT, this.minimumPort, this.maximumPort);
            clean.setZooKeeperServerPort(mapPortToRange);
            clean.setZooKeeperServerConnectionPort(mapPortToRange);
        }
        if (this.externalGitUrl != null) {
            clean.dataStoreProperty(Constants.GIT_REMOTE_URL, this.externalGitUrl);
        }
        if (this.externalGitUser != null) {
            clean.dataStoreProperty(GIT_REMOTE_USER, this.externalGitUser);
        }
        if (this.externalGitPassword != null) {
            clean.dataStoreProperty(GIT_REMOTE_PASSWORD, this.externalGitPassword);
        }
        if (this.externalGitUrl != null || this.externalGitUser != null || this.externalGitPassword != null) {
            Configuration configuration2 = this.configAdmin.getConfiguration(Constants.DATASTORE_PID);
            Dictionary properties3 = configuration2.getProperties();
            Map<String, String> dataStoreProperties = clean.getDataStoreProperties();
            for (String str : dataStoreProperties.keySet()) {
                properties3.put(str, dataStoreProperties.get(str));
            }
            configuration2.update(properties3);
        }
        if (this.profiles != null && this.profiles.size() > 0) {
            clean.profiles(this.profiles);
        }
        if (this.nonManaged) {
            clean.agentEnabled(false);
        } else {
            clean.agentEnabled(true);
        }
        clean.minimumPort(this.minimumPort);
        clean.maximumPort(this.maximumPort);
        properties2.put(ZkDefs.MINIMUM_PORT, String.valueOf(this.minimumPort));
        properties2.put(ZkDefs.MAXIMUM_PORT, String.valueOf(this.maximumPort));
        this.newUser = this.newUser != null ? this.newUser : ShellUtils.retrieveFabricUser(this.session);
        this.newUserPassword = this.newUserPassword != null ? this.newUserPassword : ShellUtils.retrieveFabricUserPassword(this.session);
        if (properties.isEmpty()) {
            String[] promptForNewUser = promptForNewUser(this.newUser, this.newUserPassword);
            this.newUser = promptForNewUser[0];
            this.newUserPassword = promptForNewUser[1];
        } else {
            if (this.newUser == null || this.newUserPassword == null) {
                this.newUser = "" + properties.keySet().iterator().next();
                this.newUserPassword = "" + properties.get(this.newUser);
                if (this.newUserPassword.contains(",")) {
                    this.newUserPassword = this.newUserPassword.substring(0, this.newUserPassword.indexOf(","));
                }
            }
            String str2 = properties.get(this.newUser);
            if (str2 != null && str2.contains(",")) {
                String[] split2 = str2.split(",");
                String str3 = "";
                if (newUserIsAdmin(split2)) {
                    this.newUserRole = "_g_:admin";
                    str3 = this.newUserRole;
                }
                for (int i = 1; i < split2.length; i++) {
                    if (split2[i].trim().startsWith("_g_:")) {
                        String str4 = properties.get(split2[i].trim());
                        if (str4 != null) {
                            String[] split3 = str4.split(",");
                            for (int i2 = 1; i2 < split3.length; i2++) {
                                if (!split3[i2].trim().equals(str3)) {
                                    if (this.newUserRole.isEmpty()) {
                                        this.newUserRole = split3[i2].trim();
                                    } else {
                                        this.newUserRole += "," + split3[i2].trim();
                                    }
                                }
                            }
                        }
                    } else if (!split2[i].trim().equals(str3)) {
                        if (this.newUserRole.isEmpty()) {
                            this.newUserRole = split2[i].trim();
                        } else {
                            this.newUserRole += "," + split2[i].trim();
                        }
                    }
                }
            }
        }
        if (Strings.isNullOrEmpty(this.newUser)) {
            System.out.println("No user specified. Cannot create a new fabric ensemble.");
            return null;
        }
        StringBuilder sb = new StringBuilder();
        if (this.session != null) {
            ShellUtils.storeFabricCredentials(this.session, this.newUser, this.newUserPassword);
        }
        if (!this.generateZookeeperPassword) {
            if (this.zookeeperPassword == null) {
                this.zookeeperPassword = PasswordEncoder.decode(this.runtimeProperties.getProperty("zookeeper.password", PasswordEncoder.encode(this.newUserPassword)));
                clean.zookeeperPassword(this.zookeeperPassword);
            } else {
                clean.zookeeperPassword(this.zookeeperPassword);
            }
        }
        OsgiUtils.updateCmConfigurationAndWait(this.bundleContext, configuration, properties2, this.bootstrapTimeout, TimeUnit.MILLISECONDS);
        CreateEnsembleOptions build = clean.users(properties).withUser(this.newUser, this.newUserPassword, this.newUserRole.isEmpty() ? "_g_:admin" : this.newUserRole).build();
        if (this.containers.size() == 1 && this.containers.contains(runtimeIdentity)) {
            this.bootstrap.create(build);
        } else {
            ServiceProxy createServiceProxy = ServiceProxy.createServiceProxy(this.bundleContext, ZooKeeperClusterService.class);
            try {
                ((ZooKeeperClusterService) createServiceProxy.getService()).createCluster(this.containers, build);
                createServiceProxy.close();
            } catch (Throwable th) {
                createServiceProxy.close();
                throw th;
            }
        }
        ShellUtils.storeZookeeperPassword(this.session, build.getZookeeperPassword());
        if (this.zookeeperPassword == null && !this.generateZookeeperPassword) {
            sb.append("Zookeeper password: (reusing users ").append(this.newUser).append(" password:").append(build.getZookeeperPassword()).append(")\n");
            sb.append("(You can use the --zookeeper-password / --generate-zookeeper-password option to specify one.)\n");
        } else if (this.generateZookeeperPassword) {
            sb.append("Generated zookeeper password:").append(build.getZookeeperPassword());
        }
        System.out.println(sb.toString());
        if (this.nonManaged || this.waitForProvisioning) {
            return null;
        }
        System.out.println("It may take a couple of seconds for the container to provision...");
        System.out.println("You can use the --wait-for-provisioning option, if you want this command to block until the container is provisioned.");
        return null;
    }

    private String[] promptForNewUser(String str, String str2) throws IOException {
        String[] strArr = new String[2];
        if (str == null || str2 == null) {
            System.out.println("No user found in etc/users.properties or specified as an option. Please specify one ...");
        }
        do {
            if (str != null && !str.isEmpty()) {
                break;
            }
            str = ShellUtils.readLine(this.session, "New user name: ", false);
        } while (str != null);
        if (str != null && str2 == null) {
            String str3 = null;
            String str4 = null;
            while (true) {
                if (str3 != null && str3.equals(str4)) {
                    break;
                }
                str3 = ShellUtils.readLine(this.session, "Password for " + str + ": ", true);
                str4 = ShellUtils.readLine(this.session, "Verify password for " + str + ": ", true);
                if (str3 == null || str4 == null) {
                    break;
                }
                if (str3 == null || !str3.equals(str4)) {
                    System.out.println("Passwords did not match. Please try again!");
                } else {
                    str2 = str3;
                }
            }
        }
        strArr[0] = str;
        strArr[1] = str2;
        return strArr;
    }

    private boolean hasRole(String... strArr) {
        Subject subject;
        AccessControlContext context = AccessController.getContext();
        if (context == null || (subject = Subject.getSubject(context)) == null) {
            return false;
        }
        return currentUserHasRole(subject.getPrincipals(), strArr);
    }

    private boolean currentUserHasRole(Set<Principal> set, String... strArr) {
        boolean z = false;
        for (Principal principal : set) {
            for (String str : strArr) {
                if (principal.getName().equalsIgnoreCase(str)) {
                    z = true;
                }
            }
        }
        return z;
    }

    private boolean newUserIsAdmin(String... strArr) {
        boolean z = false;
        for (String str : strArr) {
            if (str.equalsIgnoreCase("admin")) {
                z = true;
            }
        }
        return z;
    }

    private boolean usersPropertiesFileContainsRole(Properties properties, String... strArr) {
        boolean z = false;
        Iterator<String> it = properties.keySet().iterator();
        while (it.hasNext()) {
            String[] split = properties.get(it.next()).split(",");
            for (int i = 1; i < split.length; i++) {
                if (split[i].trim().startsWith("_g_:")) {
                    String str = properties.get(split[i].trim());
                    if (str != null) {
                        String[] split2 = str.split(",");
                        for (int i2 = 1; i2 < split2.length; i2++) {
                            for (String str2 : strArr) {
                                if (split2[i2].trim().equalsIgnoreCase(str2)) {
                                    z = true;
                                }
                            }
                        }
                    }
                } else {
                    for (String str3 : strArr) {
                        if (split[i].trim().equalsIgnoreCase(str3)) {
                            z = true;
                        }
                    }
                }
            }
        }
        return z;
    }

    private <E extends Enum<E>> boolean isInEnum(String str, Class<E> cls) {
        for (E e : cls.getEnumConstants()) {
            if (((ResolverPolicyEnum) e).getResolver().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public String getBindAddress() {
        return this.bindAddress;
    }

    public void setBindAddress(String str) {
        this.bindAddress = str;
    }

    public boolean isClean() {
        return this.clean;
    }

    public void setClean(boolean z) {
        this.clean = z;
    }

    public boolean isNoImport() {
        return this.noImport;
    }

    public void setNoImport(boolean z) {
        this.noImport = z;
    }

    public String getImportDir() {
        return this.importDir;
    }

    public void setImportDir(String str) {
        this.importDir = str;
    }

    public boolean isVerbose() {
        return this.verbose;
    }

    public void setVerbose(boolean z) {
        this.verbose = z;
    }

    public long getEnsembleStartupTime() {
        return this.ensembleStartupTime;
    }

    public void setEnsembleStartupTime(long j) {
        this.ensembleStartupTime = j;
    }

    public List<String> getContainers() {
        return this.containers;
    }

    public void setContainers(List<String> list) {
        this.containers = list;
    }

    public int getMinimumPort() {
        return this.minimumPort;
    }

    public void setMinimumPort(int i) {
        this.minimumPort = i;
    }

    public int getMaximumPort() {
        return this.maximumPort;
    }

    public void setMaximumPort(int i) {
        this.maximumPort = i;
    }

    public String getZookeeperPassword() {
        return this.zookeeperPassword;
    }

    public void setZookeeperPassword(String str) {
        this.zookeeperPassword = str;
    }

    public String getNewUser() {
        return this.newUser;
    }

    public void setNewUser(String str) {
        this.newUser = str;
    }

    public String getNewUserPassword() {
        return this.newUserPassword;
    }

    public void setNewUserPassword(String str) {
        this.newUserPassword = str;
    }

    public String getNewUserRole() {
        return this.newUserRole;
    }

    public void setNewUserRole(String str) {
        this.newUserRole = str;
    }

    public Set<String> getProfiles() {
        return this.profiles;
    }

    public void setProfiles(Set<String> set) {
        this.profiles = set;
    }

    public boolean isNonManaged() {
        return this.nonManaged;
    }

    public void setNonManaged(boolean z) {
        this.nonManaged = z;
    }

    public String getGlobalResolver() {
        return this.globalResolver;
    }

    public void setGlobalResolver(String str) {
        this.globalResolver = str;
    }

    public String getResolver() {
        return this.resolver;
    }

    public void setResolver(String str) {
        this.resolver = str;
    }

    public String getManualIp() {
        return this.manualIp;
    }

    public void setManualIp(String str) {
        this.manualIp = str;
    }

    public boolean isGenerateZookeeperPassword() {
        return this.generateZookeeperPassword;
    }

    public void setGenerateZookeeperPassword(boolean z) {
        this.generateZookeeperPassword = z;
    }
}
