package org.apache.brooklyn.container.location.kubernetes;

import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.base.Throwables;
import com.google.common.collect.Iterables;
import com.google.common.io.BaseEncoding;
import io.fabric8.kubernetes.api.model.AuthInfo;
import io.fabric8.kubernetes.api.model.Cluster;
import io.fabric8.kubernetes.api.model.Config;
import io.fabric8.kubernetes.api.model.Context;
import io.fabric8.kubernetes.api.model.NamedAuthInfo;
import io.fabric8.kubernetes.api.model.NamedCluster;
import io.fabric8.kubernetes.api.model.NamedContext;
import io.fabric8.kubernetes.client.ConfigBuilder;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.internal.KubeConfigUtils;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import org.apache.brooklyn.util.core.config.ConfigBag;
import org.apache.brooklyn.util.exceptions.Exceptions;
import org.apache.brooklyn.util.text.Strings;
import org.apache.brooklyn.util.time.Duration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.class */
public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
    private static final Logger LOG = LoggerFactory.getLogger(KubernetesClientRegistryImpl.class);
    public static final KubernetesClientRegistryImpl INSTANCE = new KubernetesClientRegistryImpl();

    @Override // org.apache.brooklyn.container.location.kubernetes.KubernetesClientRegistry
    public KubernetesClient getKubernetesClient(ConfigBag configBag) {
        ConfigBuilder configBuilder = new ConfigBuilder();
        String str = (String) configBag.get(KubernetesLocationConfig.KUBECONFIG);
        if (Strings.isNonBlank(str)) {
            try {
                Path path = Paths.get(str, new String[0]);
                Path parent = path.normalize().getParent();
                Config parseConfig = KubeConfigUtils.parseConfig(path.toFile());
                String str2 = (String) Optional.fromNullable(configBag.get(KubernetesLocationConfig.KUBECONFIG_CONTEXT)).or(parseConfig.getCurrentContext());
                Optional tryFind = Iterables.tryFind(parseConfig.getContexts(), namedContext -> {
                    return namedContext.getName().equals(str2);
                });
                if (!tryFind.isPresent()) {
                    throw new IllegalStateException(String.format("Context %s not found", str2));
                }
                Context context = ((NamedContext) tryFind.get()).getContext();
                LOG.debug("Context {} additional properties: {}", str2, context.getAdditionalProperties());
                configBuilder.withNamespace(context.getNamespace());
                String user = context.getUser();
                Optional tryFind2 = Iterables.tryFind(parseConfig.getUsers(), namedAuthInfo -> {
                    return namedAuthInfo.getName().equals(user);
                });
                if (!tryFind2.isPresent()) {
                    throw new IllegalStateException(String.format("Auth info %s not found", user));
                }
                AuthInfo user2 = ((NamedAuthInfo) tryFind2.get()).getUser();
                LOG.debug("Auth info {} additional properties: {}", user, user2.getAdditionalProperties());
                configBuilder.withUsername(user2.getUsername());
                configBuilder.withPassword(user2.getPassword());
                if (user2.getToken() != null) {
                    configBuilder.withOauthToken(user2.getToken());
                } else if (user2.getAuthProvider() != null) {
                    configBuilder.withOauthToken((String) user2.getAuthProvider().getConfig().get("id-token"));
                }
                configBuilder.withClientCertFile(getRelativeFile(user2.getClientCertificate(), parent));
                configBuilder.withClientCertData(user2.getClientCertificateData());
                configBuilder.withClientKeyFile(getRelativeFile(user2.getClientKey(), parent));
                configBuilder.withClientKeyData(user2.getClientKeyData());
                String cluster = context.getCluster();
                Optional tryFind3 = Iterables.tryFind(parseConfig.getClusters(), namedCluster -> {
                    return namedCluster.getName().equals(cluster);
                });
                if (!tryFind3.isPresent()) {
                    throw new IllegalStateException(String.format("Cluster %s not found", cluster));
                }
                Cluster cluster2 = ((NamedCluster) tryFind3.get()).getCluster();
                configBuilder.withMasterUrl(cluster2.getServer());
                configBuilder.withCaCertFile(getRelativeFile(cluster2.getCertificateAuthority(), parent));
                configBuilder.withCaCertData(cluster2.getCertificateAuthorityData());
                configBuilder.withApiVersion((String) Optional.fromNullable(cluster2.getApiVersion()).or("v1"));
                configBuilder.withTrustCerts(Boolean.TRUE.equals(cluster2.getInsecureSkipTlsVerify()));
                LOG.debug("Cluster {} server: {}", cluster, cluster2.getServer());
                LOG.debug("Cluster {} additional properties: {}", cluster, cluster2.getAdditionalProperties());
            } catch (IOException e) {
                Exceptions.propagate(e);
            }
        } else {
            String str3 = (String) Preconditions.checkNotNull(configBag.get(KubernetesLocationConfig.MASTER_URL), "master url must not be null");
            Boolean bool = (Boolean) configBag.get(KubernetesLocationConfig.TRUST_CERTS);
            try {
                URL url = new URL(str3);
                configBuilder.withMasterUrl(str3).withTrustCerts((bool != null ? bool : Boolean.FALSE).booleanValue());
                if (url.getProtocol().equals("https")) {
                    KubernetesCerts kubernetesCerts = new KubernetesCerts(configBag);
                    if (kubernetesCerts.caCertData.isPresent()) {
                        configBuilder.withCaCertData(toBase64Encoding((String) kubernetesCerts.caCertData.get()));
                    }
                    if (kubernetesCerts.clientCertData.isPresent()) {
                        configBuilder.withClientCertData(toBase64Encoding((String) kubernetesCerts.clientCertData.get()));
                    }
                    if (kubernetesCerts.clientKeyData.isPresent()) {
                        configBuilder.withClientKeyData(toBase64Encoding((String) kubernetesCerts.clientKeyData.get()));
                    }
                    if (kubernetesCerts.clientKeyAlgo.isPresent()) {
                        configBuilder.withClientKeyAlgo((String) kubernetesCerts.clientKeyAlgo.get());
                    }
                    if (kubernetesCerts.clientKeyPassphrase.isPresent()) {
                        configBuilder.withClientKeyPassphrase((String) kubernetesCerts.clientKeyPassphrase.get());
                    }
                }
                String str4 = (String) configBag.get(KubernetesLocationConfig.ACCESS_IDENTITY);
                if (Strings.isNonBlank(str4)) {
                    configBuilder.withUsername(str4);
                }
                String str5 = (String) configBag.get(KubernetesLocationConfig.ACCESS_CREDENTIAL);
                if (Strings.isNonBlank(str5)) {
                    configBuilder.withPassword(str5);
                }
                String str6 = (String) configBag.get(KubernetesLocationConfig.OAUTH_TOKEN);
                if (Strings.isNonBlank(str6)) {
                    configBuilder.withOauthToken(str6);
                }
            } catch (MalformedURLException e2) {
                throw Throwables.propagate(e2);
            }
        }
        Duration duration = (Duration) configBag.get(KubernetesLocationConfig.CLIENT_TIMEOUT);
        if (!duration.isPositive()) {
            throw new IllegalArgumentException("Kubernetes client timeout should be a positive duration: " + duration.toString());
        }
        configBuilder.withConnectionTimeout((int) duration.toMilliseconds());
        configBuilder.withRequestTimeout((int) duration.toMilliseconds());
        Duration duration2 = (Duration) configBag.get(KubernetesLocationConfig.ACTION_TIMEOUT);
        if (!duration2.isPositive()) {
            throw new IllegalArgumentException("Kubernetes action timeout should be a positive duration: " + duration2.toString());
        }
        configBuilder.withRollingTimeout(duration2.toMilliseconds());
        configBuilder.withScaleTimeout(duration2.toMilliseconds());
        return new DefaultKubernetesClient(configBuilder.build());
    }

    protected String toBase64Encoding(String str) {
        return BaseEncoding.base64().encode(str.getBytes());
    }

    protected String getRelativeFile(String str, Path path) {
        if (Strings.isBlank(str)) {
            return null;
        }
        Path path2 = Paths.get(str, new String[0]);
        if (!Files.exists(path2, new LinkOption[0])) {
            path2 = path.resolve(str);
        }
        return path2.toString();
    }
}
