package org.testcontainers.solace;

import com.github.dockerjava.api.command.InspectContainerResponse;
import com.github.dockerjava.api.model.Ulimit;
import java.io.IOException;
import java.time.Duration;
import java.util.ArrayList;
import java.util.List;
import org.testcontainers.containers.Container;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.wait.strategy.Wait;
import org.testcontainers.images.builder.Transferable;
import org.testcontainers.shaded.org.apache.commons.lang3.tuple.Pair;
import org.testcontainers.shaded.org.awaitility.Awaitility;
import org.testcontainers.utility.DockerImageName;
import org.testcontainers.utility.MountableFile;

/* loaded from: input_file:org/testcontainers/solace/SolaceContainer.class */
public class SolaceContainer extends GenericContainer<SolaceContainer> {
    private static final String DEFAULT_VPN = "default";
    private static final String DEFAULT_USERNAME = "default";
    private static final String SOLACE_READY_MESSAGE = ".*Running pre-startup checks:.*";
    private static final String SOLACE_ACTIVE_MESSAGE = "Primary Virtual Router is now active";
    private static final String TMP_SCRIPT_LOCATION = "/tmp/script.cli";
    private String username;
    private String password;
    private String vpn;
    private final List<Pair<String, Service>> topicsConfiguration;
    private boolean withClientCert;
    private static final DockerImageName DEFAULT_IMAGE_NAME = DockerImageName.parse("solace/solace-pubsub-standard");
    private static final Long SHM_SIZE = Long.valueOf((long) Math.pow(1024.0d, 3.0d));

    public SolaceContainer(String str) {
        this(DockerImageName.parse(str));
    }

    public SolaceContainer(DockerImageName dockerImageName) {
        super(dockerImageName);
        this.username = "root";
        this.password = "password";
        this.vpn = "default";
        this.topicsConfiguration = new ArrayList();
        dockerImageName.assertCompatibleWith(new DockerImageName[]{DEFAULT_IMAGE_NAME});
        withCreateContainerCmdModifier(createContainerCmd -> {
            createContainerCmd.getHostConfig().withShmSize(SHM_SIZE).withUlimits(new Ulimit[]{new Ulimit("nofile", 2448L, 6592L)});
        });
        this.waitStrategy = Wait.forLogMessage(SOLACE_READY_MESSAGE, 1).withStartupTimeout(Duration.ofSeconds(60L));
        withExposedPorts(new Integer[]{8080});
        withEnv("username_admin_globalaccesslevel", "admin");
        withEnv("username_admin_password", "admin");
    }

    protected void configure() {
        withCopyToContainer(createConfigurationScript(), TMP_SCRIPT_LOCATION);
    }

    protected void containerIsStarted(InspectContainerResponse inspectContainerResponse) {
        if (this.withClientCert) {
            executeCommand("cp", "/tmp/solace.pem", "/usr/sw/jail/certs/solace.pem");
            executeCommand("cp", "/tmp/rootCA.crt", "/usr/sw/jail/certs/rootCA.crt");
        }
        executeCommand("cp", TMP_SCRIPT_LOCATION, "/usr/sw/jail/cliscripts/script.cli");
        waitOnCommandResult(SOLACE_ACTIVE_MESSAGE, "grep", "-R", SOLACE_ACTIVE_MESSAGE, "/usr/sw/jail/logs/system.log");
        executeCommand("/usr/sw/loads/currentload/bin/cli", "-A", "-es", "script.cli");
    }

    private Transferable createConfigurationScript() {
        StringBuilder sb = new StringBuilder();
        updateConfigScript(sb, "enable");
        updateConfigScript(sb, "configure");
        if (!this.vpn.equals("default")) {
            updateConfigScript(sb, "create message-vpn " + this.vpn);
            updateConfigScript(sb, "no shutdown");
            updateConfigScript(sb, "exit");
        }
        if (this.username.equals("default")) {
            throw new RuntimeException("Cannot override password for default client");
        }
        updateConfigScript(sb, "create client-username " + this.username + " message-vpn " + this.vpn);
        updateConfigScript(sb, "password " + this.password);
        updateConfigScript(sb, "no shutdown");
        updateConfigScript(sb, "exit");
        if (this.withClientCert) {
            updateConfigScript(sb, "authentication");
            updateConfigScript(sb, "create client-certificate-authority RootCA");
            updateConfigScript(sb, "certificate file rootCA.crt");
            updateConfigScript(sb, "show client-certificate-authority ca-name *");
            updateConfigScript(sb, "end");
            updateConfigScript(sb, "configure");
            updateConfigScript(sb, "ssl");
            updateConfigScript(sb, "server-certificate solace.pem");
            updateConfigScript(sb, "cipher-suite msg-backbone name AES128-SHA");
            updateConfigScript(sb, "exit");
            updateConfigScript(sb, "message-vpn " + this.vpn);
            updateConfigScript(sb, "authentication client-certificate");
            updateConfigScript(sb, "allow-api-provided-username");
            updateConfigScript(sb, "no shutdown");
            updateConfigScript(sb, "end");
        } else {
            updateConfigScript(sb, "message-vpn " + this.vpn);
            updateConfigScript(sb, "authentication basic auth-type internal");
            updateConfigScript(sb, "no shutdown");
            updateConfigScript(sb, "end");
        }
        if (!this.topicsConfiguration.isEmpty()) {
            updateConfigScript(sb, "configure");
            updateConfigScript(sb, "acl-profile default message-vpn " + this.vpn);
            updateConfigScript(sb, "subscribe-topic default-action disallow");
            updateConfigScript(sb, "publish-topic default-action disallow");
            updateConfigScript(sb, "exit");
            updateConfigScript(sb, "message-vpn " + this.vpn);
            updateConfigScript(sb, "service");
            for (Pair<String, Service> pair : this.topicsConfiguration) {
                Service service = (Service) pair.getValue();
                String str = (String) pair.getKey();
                updateConfigScript(sb, service.getName());
                if (service.isSupportSSL()) {
                    if (this.withClientCert) {
                        updateConfigScript(sb, "ssl");
                    } else {
                        updateConfigScript(sb, "plain-text");
                    }
                }
                updateConfigScript(sb, "no shutdown");
                updateConfigScript(sb, "end");
                updateConfigScript(sb, "configure");
                updateConfigScript(sb, "acl-profile default message-vpn " + this.vpn);
                updateConfigScript(sb, String.format("publish-topic exceptions %s list %s", service.getName(), str));
                updateConfigScript(sb, String.format("subscribe-topic exceptions %s list %s", service.getName(), str));
                updateConfigScript(sb, "end");
            }
        }
        return Transferable.of(sb.toString());
    }

    private void executeCommand(String... strArr) {
        try {
            Container.ExecResult execInContainer = execInContainer(strArr);
            if (execInContainer.getExitCode() != 0) {
                logCommandError(execInContainer.getStderr(), strArr);
            }
        } catch (IOException | InterruptedException e) {
            logCommandError(e.getMessage(), strArr);
        }
    }

    private void updateConfigScript(StringBuilder sb, String str) {
        sb.append(str).append("\n");
    }

    private void waitOnCommandResult(String str, String... strArr) {
        Awaitility.await().pollInterval(Duration.ofMillis(500L)).timeout(Duration.ofSeconds(30L)).until(() -> {
            try {
                return Boolean.valueOf(execInContainer(strArr).getStdout().contains(str));
            } catch (IOException | InterruptedException e) {
                logCommandError(e.getMessage(), strArr);
                return true;
            }
        });
    }

    private void logCommandError(String str, String... strArr) {
        logger().error("Could not execute command {}: {}", strArr, str);
    }

    public SolaceContainer withCredentials(String str, String str2) {
        this.username = str;
        this.password = str2;
        return this;
    }

    public SolaceContainer withTopic(String str, Service service) {
        this.topicsConfiguration.add(Pair.of(str, service));
        addExposedPort(service.getPort());
        return this;
    }

    public SolaceContainer withVpn(String str) {
        this.vpn = str;
        return this;
    }

    public SolaceContainer withClientCert(MountableFile mountableFile, MountableFile mountableFile2) {
        this.withClientCert = true;
        return (SolaceContainer) ((SolaceContainer) withCopyFileToContainer(mountableFile, "/tmp/solace.pem")).withCopyFileToContainer(mountableFile2, "/tmp/rootCA.crt");
    }

    public String getVpn() {
        return this.vpn;
    }

    public String getOrigin(Service service) {
        return String.format("%s://%s:%s", service.getProtocol(), getHost(), getMappedPort(service.getPort().intValue()));
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }
}
