package software.tnb.jms.amq.resource.openshift;

import com.google.auto.service.AutoService;
import cz.xtf.core.openshift.helpers.ResourceParsers;
import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.client.dsl.EditReplacePatchDeletable;
import io.fabric8.kubernetes.client.dsl.FilterWatchListDeletable;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.kubernetes.client.dsl.base.CustomResourceDefinitionContext;
import io.fabric8.openshift.api.model.Route;
import io.fabric8.openshift.api.model.RouteList;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.function.Predicate;
import javax.jms.Connection;
import javax.jms.JMSException;
import org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.tnb.common.deployment.OpenshiftDeployable;
import software.tnb.common.deployment.WithExternalHostname;
import software.tnb.common.deployment.WithInClusterHostname;
import software.tnb.common.deployment.WithName;
import software.tnb.common.deployment.WithOperatorHub;
import software.tnb.common.openshift.OpenshiftClient;
import software.tnb.common.utils.WaitUtils;
import software.tnb.jms.amq.account.AMQBrokerAccount;
import software.tnb.jms.amq.resource.openshift.generated.Acceptor;
import software.tnb.jms.amq.resource.openshift.generated.ActiveMQArtemis;
import software.tnb.jms.amq.resource.openshift.generated.ActiveMQArtemisList;
import software.tnb.jms.amq.resource.openshift.generated.ActiveMQArtemisSpec;
import software.tnb.jms.amq.resource.openshift.generated.DeploymentPlan;
import software.tnb.jms.amq.service.AMQBroker;

@AutoService({AMQBroker.class})
/* loaded from: input_file:software/tnb/jms/amq/resource/openshift/OpenshiftAMQBroker.class */
public class OpenshiftAMQBroker extends AMQBroker implements OpenshiftDeployable, WithInClusterHostname, WithExternalHostname, WithOperatorHub, WithName {
    private static final String SSL_SECRET_NAME = "tnb-ssl-secret";
    private static final Logger LOG = LoggerFactory.getLogger(OpenshiftAMQBroker.class);
    private static final CustomResourceDefinitionContext ARTEMIS_CTX = new CustomResourceDefinitionContext.Builder().withName("ActiveMQArtemis").withGroup("broker.amq.io").withVersion("v1beta1").withPlural("activemqartemises").withScope("Namespaced").build();

    public void create() {
        LOG.debug("Creating AMQ broker");
        createSubscription();
        amqBrokerClient().createOrReplace(new ActiveMQArtemis[]{createBrokerCR()});
    }

    public boolean isDeployed() {
        List labeledPods = OpenshiftClient.get().getLabeledPods("name", "amq-broker-operator");
        return labeledPods.size() == 1 && ResourceParsers.isPodReady((Pod) labeledPods.get(0)) && ((ActiveMQArtemisList) amqBrokerClient().list()).getItems().size() > 0;
    }

    public Predicate<Pod> podSelector() {
        return pod -> {
            return OpenshiftClient.get().hasLabels(pod, Map.of("ActiveMQArtemis", name()));
        };
    }

    public String inClusterHostname() {
        return String.format("%s.%s-hdls-svc.%s.svc.cluster.local", ((Pod) servicePod().get()).getMetadata().getName(), name(), OpenshiftClient.get().getNamespace());
    }

    public String externalHostname() {
        List items = ((RouteList) ((FilterWatchListDeletable) OpenshiftClient.get().routes().withLabel("ActiveMQArtemis", name())).list()).getItems();
        if (items.size() != 1) {
            throw new RuntimeException("Expected single route to be present but was " + items.size());
        }
        return ((Route) items.get(0)).getSpec().getHost();
    }

    public void undeploy() {
        ((EditReplacePatchDeletable) ((Resource) amqBrokerClient().withName(name())).withPropagationPolicy(DeletionPropagation.BACKGROUND)).delete();
        WaitUtils.waitFor(() -> {
            return servicePod() == null;
        }, "Waiting until the pod is removed");
        OpenshiftClient.get().deleteSecret(SSL_SECRET_NAME);
        deleteSubscription(() -> {
            return OpenshiftClient.get().getLabeledPods("name", "amq-broker-operator").isEmpty();
        });
    }

    public void openResources() {
        this.client = createConnection();
    }

    public void closeResources() {
        this.validation = null;
        try {
            ((Connection) this.client).close();
        } catch (JMSException e) {
            throw new RuntimeException("Can't close JMS connection");
        }
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    public String brokerUrl() {
        return inClusterHostname();
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    public String mqttUrl() {
        return "tcp://" + brokerUrl() + ":61626";
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    protected String mqttClientUrl() {
        return String.format("ssl://%s:443", externalHostname());
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    public String amqpUrl() {
        return "amqp://" + brokerUrl() + ":61626";
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    public int getPortMapping(int i) {
        return 61626;
    }

    private Connection createConnection() {
        try {
            System.setProperty("org.apache.activemq.ssl.trustStore", materializeTrustStore().toAbsolutePath().toString());
            System.setProperty("org.apache.activemq.ssl.trustStorePassword", ((AMQBrokerAccount) account()).truststorePassword());
            Connection createConnection = new ActiveMQConnectionFactory(String.format("tcp://%s:%s?useTopologyForLoadBalancing=false&sslEnabled=true&verifyHost=false", externalHostname(), 443), ((AMQBrokerAccount) account()).username(), ((AMQBrokerAccount) account()).password()).createConnection();
            createConnection.start();
            return createConnection;
        } catch (IOException e) {
            throw new RuntimeException("Can't materialize jms truststore", e);
        } catch (JMSException e2) {
            throw new RuntimeException("Can't create jms connection", e2);
        }
    }

    private ActiveMQArtemis createBrokerCR() {
        OpenshiftClient.get().secrets().createOrReplace(new Secret[]{((SecretBuilder) new SecretBuilder().editOrNewMetadata().withName(SSL_SECRET_NAME).endMetadata()).withData(Map.of("keyStorePassword", encode(((AMQBrokerAccount) account()).keystorePassword().getBytes()), "trustStorePassword", encode(((AMQBrokerAccount) account()).truststorePassword().getBytes()), "client.ts", encodeResource("client.ts"), "broker.ks", encodeResource("broker.ks"))).build()});
        ActiveMQArtemis activeMQArtemis = new ActiveMQArtemis();
        activeMQArtemis.getMetadata().setName(name());
        DeploymentPlan deploymentPlan = new DeploymentPlan();
        deploymentPlan.setSize(1);
        deploymentPlan.setImage("placeholder");
        deploymentPlan.setRequireLogin(false);
        deploymentPlan.setPersistenceEnabled(false);
        deploymentPlan.setJournalType("nio");
        deploymentPlan.setMessageMigration(true);
        activeMQArtemis.setSpec(new ActiveMQArtemisSpec());
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setDeploymentPlan(deploymentPlan);
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setAdminUser(((AMQBrokerAccount) account()).username());
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setAdminPassword(((AMQBrokerAccount) account()).password());
        Acceptor acceptor = new Acceptor();
        acceptor.setName("all-ssl");
        acceptor.setProtocols("all");
        acceptor.setPort(61636);
        acceptor.setExpose(true);
        acceptor.setSslEnabled(true);
        acceptor.setSslSecret(SSL_SECRET_NAME);
        Acceptor acceptor2 = new Acceptor();
        acceptor2.setName("all-internal");
        acceptor2.setProtocols("all");
        acceptor2.setPort(61626);
        acceptor2.setExpose(false);
        acceptor2.setSslEnabled(false);
        ArrayList arrayList = new ArrayList();
        arrayList.add(acceptor);
        arrayList.add(acceptor2);
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setAcceptors(arrayList);
        return activeMQArtemis;
    }

    private Path materializeTrustStore() throws IOException {
        Path path = Paths.get("target", "tnb-trust-store" + new Date().getTime() + ".ts");
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream("/client.ts");
            try {
                Files.copy(resourceAsStream, path, StandardCopyOption.REPLACE_EXISTING);
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                return path;
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("Unable to create truststore", e);
        }
    }

    private String encode(byte[] bArr) {
        return Base64.getEncoder().encodeToString(bArr);
    }

    private String encodeResource(String str) {
        try {
            return encode(IOUtils.toByteArray(getClass().getResource("/" + str)));
        } catch (IOException e) {
            throw new RuntimeException("Unable to encode resource " + str, e);
        }
    }

    private NonNamespaceOperation<ActiveMQArtemis, ActiveMQArtemisList, Resource<ActiveMQArtemis>> amqBrokerClient() {
        return OpenshiftClient.get().customResources(ARTEMIS_CTX, ActiveMQArtemis.class, ActiveMQArtemisList.class).inNamespace(OpenshiftClient.get().getNamespace());
    }

    public String operatorChannel() {
        return "7.11.x";
    }

    public String operatorName() {
        return "amq-broker-rhel8";
    }

    public String name() {
        return "tnb-amq-broker";
    }
}
