package de.gematik.test.tiger.testenvmgr.servers;

import com.github.dockerjava.api.async.ResultCallback;
import com.github.dockerjava.api.command.InspectImageResponse;
import com.github.dockerjava.api.exception.DockerException;
import com.github.dockerjava.api.model.ContainerConfig;
import com.github.dockerjava.api.model.ExposedPort;
import com.github.dockerjava.api.model.Ports;
import com.github.dockerjava.api.model.PullResponseItem;
import de.gematik.test.tiger.common.config.TigerGlobalConfiguration;
import de.gematik.test.tiger.common.util.TigerSerializationUtil;
import de.gematik.test.tiger.testenvmgr.util.TigerEnvironmentStartupException;
import de.gematik.test.tiger.testenvmgr.util.TigerTestEnvException;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.awaitility.Awaitility;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testcontainers.DockerClientFactory;
import org.testcontainers.containers.DockerComposeContainer;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.output.Slf4jLogConsumer;
import org.testcontainers.containers.startupcheck.OneShotStartupCheckStrategy;
import org.testcontainers.utility.Base58;
import org.testcontainers.utility.DockerImageName;
import org.testcontainers.utility.MountableFile;

/* loaded from: input_file:de/gematik/test/tiger/testenvmgr/servers/DockerMgr.class */
public class DockerMgr {
    private static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
    private static final String END_CERT = "-----END CERTIFICATE-----";
    private static final int MOD_ALL_EXEC = 511;
    private static final String CLASSPATH = "classpath:";
    private static final String DOCKER_COMPOSE_PROP_EXPOSE = "expose";
    public static final String TARGET_FOLDER = "target";
    public static final String TIGER_TESTENV_MGR_FOLDER = "tiger-testenv-mgr";
    private final Map<String, GenericContainer<?>> dockerContainers = new HashMap();
    private final Map<String, DockerComposeContainer<?>> composeContainers = new HashMap();
    private static final String ECHO_CERT_CMD = "echo \"%s\" >> /etc/ssl/certs/ca-certificates.crt\n";
    private static final Logger log = LoggerFactory.getLogger(DockerMgr.class);
    private static final String LINE_SEPARATOR = System.getProperty("line.separator");

    public void startContainer(DockerServer dockerServer) {
        String buildImageName = buildImageName(dockerServer);
        DockerImageName parse = DockerImageName.parse(buildImageName);
        pullImage(buildImageName);
        GenericContainer<?> genericContainer = new GenericContainer<>(parse);
        try {
            InspectImageResponse exec = genericContainer.getDockerClient().inspectImageCmd(buildImageName).exec();
            ContainerConfig config = exec.getConfig();
            if (config == null) {
                throw new TigerTestEnvException("Docker image '" + buildImageName + "' has no configuration info!");
            }
            if (dockerServer.getDockerOptions().isProxied()) {
                String[] cmd = config.getCmd();
                String[] entrypoint = config.getEntrypoint();
                if (StringUtils.isNotEmpty(dockerServer.getDockerOptions().getEntryPoint())) {
                    entrypoint = new String[]{dockerServer.getDockerOptions().getEntryPoint()};
                }
                if (entrypoint != null && entrypoint[0].equals("/bin/sh") && entrypoint[1].equals("-c")) {
                    entrypoint = new String[]{"su", config.getUser(), "-c", "'" + entrypoint[2] + "'"};
                }
                File file = Path.of(TARGET_FOLDER, TIGER_TESTENV_MGR_FOLDER).toFile();
                if (!file.exists() && !file.mkdirs()) {
                    throw new TigerTestEnvException("Unable to create temp folder for modified startup script for server " + dockerServer.getServerId());
                }
                String createContainerStartupScript = createContainerStartupScript(dockerServer, exec, cmd, entrypoint);
                String str = config.getWorkingDir() + "/" + createContainerStartupScript;
                genericContainer.withExtraHost("host.docker.internal", "host-gateway");
                genericContainer.withCopyFileToContainer(MountableFile.forHostPath(Path.of(file.getAbsolutePath(), createContainerStartupScript), Integer.valueOf(MOD_ALL_EXEC)), str);
                genericContainer.withCreateContainerCmdModifier(createContainerCmd -> {
                    createContainerCmd.withUser("root").withEntrypoint(new String[]{str});
                });
            }
            genericContainer.setLogConsumers(List.of(new Slf4jLogConsumer(log)));
            log.info("Passing in environment for {}...", dockerServer.getServerId());
            addEnvVarsToContainer(genericContainer, dockerServer.getEnvironmentProperties());
            if (config.getExposedPorts() != null) {
                List list = (List) Arrays.stream(config.getExposedPorts()).map((v0) -> {
                    return v0.getPort();
                }).collect(Collectors.toList());
                log.info("Exposing ports for {}: {}", dockerServer.getServerId(), list);
                genericContainer.setExposedPorts(list);
            }
            if (dockerServer.getDockerOptions().isOneShot()) {
                genericContainer.withStartupCheckStrategy(new OneShotStartupCheckStrategy());
            }
            genericContainer.start();
            retrieveExposedPortsAndStoreInServerConfiguration(dockerServer, genericContainer);
            waitForHealthyStartup(dockerServer, genericContainer);
            genericContainer.getDockerClient().renameContainerCmd(genericContainer.getContainerId()).withName("tiger." + dockerServer.getServerId()).exec();
            this.dockerContainers.put(dockerServer.getServerId(), genericContainer);
        } catch (DockerException e) {
            throw new TigerTestEnvException("Failed to start container for server " + dockerServer.getServerId(), e);
        }
    }

    private static void retrieveExposedPortsAndStoreInServerConfiguration(DockerServer dockerServer, GenericContainer<?> genericContainer) {
        try {
            HashMap hashMap = new HashMap();
            genericContainer.getContainerInfo().getNetworkSettings().getPorts().getBindings().entrySet().stream().filter(entry -> {
                return entry.getValue() != null;
            }).forEach(entry2 -> {
                hashMap.put(Integer.valueOf(((ExposedPort) entry2.getKey()).getPort()), Integer.valueOf(((Ports.Binding[]) entry2.getValue())[0].getHostPortSpec()));
            });
            dockerServer.getDockerOptions().setPorts(hashMap);
        } catch (RuntimeException e) {
            log.warn("Unable to retrieve port bindings! No startup healthcheck can be performed!", e);
        }
    }

    private String buildImageName(DockerServer dockerServer) {
        String dockerSource = dockerServer.getDockerSource();
        if (dockerServer.getTigerTestEnvMgr() != null) {
            dockerSource = dockerServer.getTigerTestEnvMgr().replaceSysPropsInString(dockerServer.getDockerSource());
        }
        if (dockerServer.getConfiguration().getVersion() != null) {
            dockerSource = dockerSource + ":" + dockerServer.getConfiguration().getVersion();
        }
        return dockerSource;
    }

    public void startComposition(DockerComposeServer dockerComposeServer) {
        ArrayList arrayList = new ArrayList();
        DockerComposeContainer<?> dockerComposeContainer = new DockerComposeContainer<>("tiger_" + Base58.randomString(6).toLowerCase(), collectAndProcessComposeYamlFiles(dockerComposeServer.getServerId(), dockerComposeServer.getSource(), arrayList));
        arrayList.stream().filter(str -> {
            return !str.isEmpty();
        }).map(str2 -> {
            return TigerSerializationUtil.yamlToJsonObject(str2).getJSONObject("services");
        }).map((v0) -> {
            return v0.toMap();
        }).flatMap(map -> {
            return map.entrySet().stream();
        }).forEach(entry -> {
            Map map2 = (Map) entry.getValue();
            if (map2.containsKey(DOCKER_COMPOSE_PROP_EXPOSE)) {
                ((List) map2.get(DOCKER_COMPOSE_PROP_EXPOSE)).forEach(num -> {
                    log.info("Exposing service {} with port {}", entry.getKey(), num);
                    dockerComposeContainer.withExposedService((String) entry.getKey(), num.intValue());
                });
            } else if (map2.containsKey("ports")) {
                ((List) map2.get("ports")).forEach(str3 -> {
                    if (!str3.contains(":")) {
                        log.warn("Docker compose with ephemeral host ports not supported as of now, please specify manual host port for '{}'", str3);
                        return;
                    }
                    int parseInt = Integer.parseInt(str3.split(":")[0]);
                    log.info("Exposing service {} with port {}", entry.getKey(), Integer.valueOf(parseInt));
                    dockerComposeContainer.withExposedService((String) entry.getKey(), parseInt);
                });
            }
            dockerComposeContainer.withLogConsumer((String) entry.getKey(), new Slf4jLogConsumer(log));
        });
        dockerComposeContainer.withLocalCompose(true).withOptions(new String[]{"--compatibility"}).start();
        arrayList.stream().filter(str3 -> {
            return !str3.isEmpty();
        }).map(str4 -> {
            return TigerSerializationUtil.yamlToJsonObject(str4).getJSONObject("services");
        }).map((v0) -> {
            return v0.toMap();
        }).flatMap(map2 -> {
            return map2.entrySet().stream();
        }).forEach(entry2 -> {
            Map map3 = (Map) entry2.getValue();
            if (map3.containsKey(DOCKER_COMPOSE_PROP_EXPOSE)) {
                ((List) map3.get(DOCKER_COMPOSE_PROP_EXPOSE)).forEach(num -> {
                    log.info("Service {} with port {} exposed via {}", new Object[]{entry2.getKey(), num, dockerComposeContainer.getServicePort((String) entry2.getKey(), num)});
                    log.debug("Inspecting docker container: {}", ((List) DockerClientFactory.instance().client().listContainersCmd().exec()).toString());
                });
            }
            dockerComposeContainer.withLogConsumer((String) entry2.getKey(), new Slf4jLogConsumer(log));
        });
        this.composeContainers.put(dockerComposeServer.getServerId(), dockerComposeContainer);
    }

    private File[] collectAndProcessComposeYamlFiles(String str, List<String> list, List<String> list2) {
        File file = Paths.get(TARGET_FOLDER, TIGER_TESTENV_MGR_FOLDER, str).toFile();
        return (File[]) list.stream().map(str2 -> {
            return saveComposeContentToTempFile(file, str2, readAndProcessComposeFile(str2, list2));
        }).toArray(i -> {
            return new File[i];
        });
    }

    private String readAndProcessComposeFile(String str, List<String> list) {
        try {
            String resolvePlaceholders = TigerGlobalConfiguration.resolvePlaceholders(str.startsWith(CLASSPATH) ? readContentFromClassPath(str.substring(CLASSPATH.length())) : FileUtils.readFileToString(new File(str), StandardCharsets.UTF_8));
            list.add(resolvePlaceholders);
            return resolvePlaceholders;
        } catch (IOException e) {
            throw new TigerTestEnvException("Unable to process compose file " + str, e);
        }
    }

    private String readContentFromClassPath(String str) {
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream(str);
            try {
                if (resourceAsStream == null) {
                    throw new TigerTestEnvException("Missing docker compose file in classpath " + str);
                }
                String iOUtils = IOUtils.toString(resourceAsStream, StandardCharsets.UTF_8);
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                return iOUtils;
            } finally {
            }
        } catch (IOException e) {
            throw new TigerTestEnvException("Unable to read docker compose file from classpath (" + str + ")", e);
        }
    }

    private File saveComposeContentToTempFile(File file, String str, String str2) {
        try {
            if (str.startsWith(CLASSPATH)) {
                str = str.substring(CLASSPATH.length());
            }
            File file2 = Paths.get(file.getAbsolutePath(), new File(str).getName() + "." + UUID.randomUUID() + ".yml").toFile();
            if (!file2.getParentFile().exists() && !file2.getParentFile().mkdirs()) {
                throw new TigerTestEnvException("Unable to create temp folder " + file2.getParentFile().getAbsolutePath());
            }
            FileUtils.writeStringToFile(file2, str2, StandardCharsets.UTF_8);
            return file2;
        } catch (IOException e) {
            throw new TigerTestEnvException("Unable to process compose file " + str, e);
        }
    }

    private void addEnvVarsToContainer(GenericContainer<?> genericContainer, List<String> list) {
        list.stream().filter(str -> {
            return str.contains("=");
        }).map(str2 -> {
            return str2.split("=", 2);
        }).forEach(strArr -> {
            log.info("  * {}={}", strArr[0], strArr[1]);
            genericContainer.addEnv(TigerGlobalConfiguration.resolvePlaceholders(strArr[0]), TigerGlobalConfiguration.resolvePlaceholders(strArr[1]));
        });
    }

    public void pullImage(String str) {
        log.info("Pulling docker image {}...", str);
        final AtomicBoolean atomicBoolean = new AtomicBoolean();
        atomicBoolean.set(false);
        final AtomicReference atomicReference = new AtomicReference();
        final AtomicReference atomicReference2 = new AtomicReference(LocalDateTime.now());
        DockerClientFactory.instance().client().pullImageCmd(str).exec(new ResultCallback.Adapter<PullResponseItem>() { // from class: de.gematik.test.tiger.testenvmgr.servers.DockerMgr.1
            public void onNext(PullResponseItem pullResponseItem) {
                if (DockerMgr.log.isDebugEnabled()) {
                    DockerMgr.log.debug("{} {}", pullResponseItem.getStatus(), Optional.ofNullable(pullResponseItem.getProgressDetail()).map((v0) -> {
                        return v0.getCurrent();
                    }).map((v0) -> {
                        return v0.toString();
                    }).orElse(""));
                    return;
                }
                LocalDateTime now = LocalDateTime.now();
                if (((LocalDateTime) atomicReference2.get()).plusSeconds(2L).isBefore(now)) {
                    atomicReference2.set(now);
                    DockerMgr.log.info("{} {}", pullResponseItem.getStatus(), Optional.ofNullable(pullResponseItem.getProgressDetail()).map((v0) -> {
                        return v0.getCurrent();
                    }).map((v0) -> {
                        return v0.toString();
                    }).orElse(""));
                }
            }

            public void onError(Throwable th) {
                atomicReference.set(th);
            }

            public void onComplete() {
                atomicBoolean.set(true);
            }
        });
        Awaitility.await().pollInterval(Duration.ofMillis(1000L)).atMost(5L, TimeUnit.MINUTES).until(() -> {
            if (atomicReference.get() != null) {
                throw new TigerTestEnvException("Unable to pull image " + str + "!", (Throwable) atomicReference.get());
            }
            return Boolean.valueOf(atomicBoolean.get());
        });
        log.info("Docker image {} is available locally!", str);
    }

    private String createContainerStartupScript(AbstractTigerServer abstractTigerServer, InspectImageResponse inspectImageResponse, String[] strArr, String[] strArr2) {
        String str;
        ContainerConfig config = inspectImageResponse.getConfig();
        if (config == null) {
            throw new TigerTestEnvException("Docker image of server '" + abstractTigerServer.getServerId() + "' has no configuration info!");
        }
        String[] strArr3 = strArr == null ? new String[0] : strArr;
        String[] strArr4 = strArr2 == null ? new String[0] : strArr2;
        try {
            File file = Path.of(TARGET_FOLDER, TIGER_TESTENV_MGR_FOLDER).toFile();
            if (!file.exists() && !file.mkdirs()) {
                throw new TigerTestEnvException("Unable to create script folder " + file.getAbsolutePath());
            }
            String str2 = "__tigerStart_" + abstractTigerServer.getServerId() + ".sh";
            str = "#!/bin/sh -x\nenv\n";
            FileUtils.writeStringToFile(Path.of(file.getAbsolutePath(), str2).toFile(), (abstractTigerServer.getTigerTestEnvMgr().getLocalTigerProxyOptional().isPresent() ? addCertitifcatesToOsTruststoreOfDockerContainer(abstractTigerServer, str) : "#!/bin/sh -x\nenv\n") + getContainerWorkingDirectory(config) + String.join(" ", strArr4).replace("\t", " ") + " " + String.join(" ", strArr3).replace("\t", " ") + "\n", StandardCharsets.UTF_8);
            return str2;
        } catch (IOException e) {
            throw new TigerTestEnvException("Failed to configure start script on container for server " + abstractTigerServer.getServerId(), e);
        }
    }

    @NotNull
    private String addCertitifcatesToOsTruststoreOfDockerContainer(AbstractTigerServer abstractTigerServer, String str) throws IOException {
        return str + String.format("echo \"%s\" >> /etc/ssl/certs/ca-certificates.crt\necho \"%s\" >> /etc/ssl/certs/ca-certificates.crt\necho \"%s\" >> /etc/ssl/certs/ca-certificates.crt\n", getTigerProxyRootCaCertificate(abstractTigerServer), IOUtils.toString((InputStream) Objects.requireNonNull(getClass().getResourceAsStream("/letsencrypt.crt")), StandardCharsets.UTF_8), IOUtils.toString((InputStream) Objects.requireNonNull(getClass().getResourceAsStream("/idp-rise-tu.crt")), StandardCharsets.UTF_8));
    }

    private static String getTigerProxyRootCaCertificate(AbstractTigerServer abstractTigerServer) {
        try {
            return "-----BEGIN CERTIFICATE-----" + LINE_SEPARATOR + new String(Base64.getMimeEncoder(64, "\r\n".getBytes()).encode(abstractTigerServer.getTigerTestEnvMgr().getLocalTigerProxyOrFail().buildTruststore().getCertificate("caCert").getEncoded())) + LINE_SEPARATOR + "-----END CERTIFICATE-----";
        } catch (GeneralSecurityException e) {
            throw new TigerEnvironmentStartupException("Error while retrieving TigerProxy RootCa", e);
        }
    }

    private String getContainerWorkingDirectory(ContainerConfig containerConfig) {
        String workingDir = containerConfig.getWorkingDir();
        return StringUtils.isBlank(workingDir) ? "" : "cd " + workingDir + "\n";
    }

    private void waitForHealthyStartup(AbstractExternalTigerServer abstractExternalTigerServer, GenericContainer<?> genericContainer) {
        long currentTimeMillis = System.currentTimeMillis();
        long longValue = ((Long) abstractExternalTigerServer.getStartupTimeoutSec().map(num -> {
            return Long.valueOf(num.intValue() * 500);
        }).orElse(5000L)).longValue();
        while (!genericContainer.isHealthy()) {
            try {
                Thread.sleep(500L);
                if (currentTimeMillis + (longValue * 2) < System.currentTimeMillis()) {
                    throw new TigerTestEnvException("Startup of server %s timed out after %d seconds!", new Object[]{abstractExternalTigerServer.getServerId(), Long.valueOf((System.currentTimeMillis() - currentTimeMillis) / 1000)});
                }
            } catch (TigerTestEnvException e) {
                throw e;
            } catch (InterruptedException e2) {
                log.warn("Interruption signaled while waiting for server " + abstractExternalTigerServer.getServerId() + " to start up", e2);
                Thread.currentThread().interrupt();
                return;
            } catch (RuntimeException e3) {
                if (abstractExternalTigerServer.getConfiguration().getDockerOptions() != null && abstractExternalTigerServer.getConfiguration().getDockerOptions().getPorts() != null && !abstractExternalTigerServer.getConfiguration().getDockerOptions().getPorts().isEmpty()) {
                    abstractExternalTigerServer.getConfiguration().setHealthcheckUrl("http://" + TigerGlobalConfiguration.readString("tiger.docker.host", "localhost") + ":" + abstractExternalTigerServer.getConfiguration().getDockerOptions().getPorts().values().iterator().next());
                    abstractExternalTigerServer.waitForServerUp();
                    return;
                }
                log.warn("No healthcheck and no port bindings configured in docker image - waiting {}s", Long.valueOf(longValue / 500));
                try {
                    Thread.sleep(longValue * 2);
                } catch (InterruptedException e4) {
                    log.warn("Interrupted while waiting for startup of server " + abstractExternalTigerServer.getServerId(), e4);
                    Thread.currentThread().interrupt();
                }
                log.warn("Status UNCLEAR for {} as no healthcheck / port bindings were configured in the docker image, we assume it works and continue setup!", abstractExternalTigerServer.getServerId());
                return;
            }
        }
        log.info("HealthCheck OK ({}) for {}", Integer.valueOf(genericContainer.isHealthy() ? 1 : 0), abstractExternalTigerServer.getServerId());
    }

    public void stopContainer(AbstractTigerServer abstractTigerServer) {
        GenericContainer<?> genericContainer = this.dockerContainers.get(abstractTigerServer.getServerId());
        if (genericContainer == null || genericContainer.getDockerClient() == null) {
            return;
        }
        try {
            genericContainer.stop();
        } catch (RuntimeException e) {
            if (log.isDebugEnabled()) {
                log.warn("Failed to stop container, relying on test container's implicit stop...", e);
            } else {
                log.warn("Failed to stop container, relying on test container's implicit stop...");
            }
        }
        this.dockerContainers.remove(abstractTigerServer.getServerId());
    }

    public void stopComposeContainer(AbstractTigerServer abstractTigerServer) {
        DockerComposeContainer<?> dockerComposeContainer = this.composeContainers.get(abstractTigerServer.getServerId());
        if (dockerComposeContainer != null) {
            try {
                dockerComposeContainer.stop();
            } catch (RuntimeException e) {
                if (log.isDebugEnabled()) {
                    log.warn("Failed to stop compose container, relying on test container's implicit stop...", e);
                } else {
                    log.warn("Failed to stop compose container, relying on test container's implicit stop...");
                }
            }
            this.composeContainers.remove(abstractTigerServer.getServerId());
        }
    }

    public void pauseContainer(DockerServer dockerServer) {
        GenericContainer<?> genericContainer = this.dockerContainers.get(dockerServer.getServerId());
        genericContainer.getDockerClient().pauseContainerCmd(genericContainer.getContainerId()).exec();
    }

    public void unpauseContainer(DockerServer dockerServer) {
        GenericContainer<?> genericContainer = this.dockerContainers.get(dockerServer.getServerId());
        genericContainer.getDockerClient().unpauseContainerCmd(genericContainer.getContainerId()).exec();
    }

    public Map<String, GenericContainer<?>> getDockerContainers() {
        return this.dockerContainers;
    }

    public Map<String, DockerComposeContainer<?>> getComposeContainers() {
        return this.composeContainers;
    }
}
