package software.tnb.ldap.resource.openshift;

import com.google.auto.service.AutoService;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPConnectionPool;
import com.unboundid.ldap.sdk.LDAPException;
import io.fabric8.kubernetes.api.model.ContainerFluent;
import io.fabric8.kubernetes.api.model.IntOrString;
import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.PodSpecFluent;
import io.fabric8.kubernetes.api.model.PodTemplateSpecFluent;
import io.fabric8.kubernetes.api.model.Probe;
import io.fabric8.kubernetes.api.model.ProbeBuilder;
import io.fabric8.kubernetes.api.model.Service;
import io.fabric8.kubernetes.api.model.ServiceAccount;
import io.fabric8.kubernetes.api.model.ServiceAccountBuilder;
import io.fabric8.kubernetes.api.model.ServiceBuilder;
import io.fabric8.kubernetes.api.model.ServiceFluent;
import io.fabric8.kubernetes.api.model.TCPSocketActionBuilder;
import io.fabric8.kubernetes.api.model.apps.DeploymentList;
import io.fabric8.kubernetes.client.PortForward;
import io.fabric8.kubernetes.client.dsl.FilterWatchListDeletable;
import io.fabric8.kubernetes.client.dsl.ServiceResource;
import io.fabric8.openshift.api.model.DeploymentConfig;
import io.fabric8.openshift.api.model.DeploymentConfigBuilder;
import io.fabric8.openshift.api.model.DeploymentConfigFluent;
import io.fabric8.openshift.api.model.DeploymentConfigSpecFluent;
import io.fabric8.openshift.client.dsl.DeployableScalableResource;
import java.util.function.Predicate;
import software.tnb.common.config.OpenshiftConfiguration;
import software.tnb.common.deployment.ReusableOpenshiftDeployable;
import software.tnb.common.deployment.WithName;
import software.tnb.common.openshift.OpenshiftClient;
import software.tnb.common.utils.IOUtils;
import software.tnb.common.utils.MapUtils;
import software.tnb.common.utils.NetworkUtils;
import software.tnb.common.utils.WaitUtils;
import software.tnb.ldap.account.LDAPAccount;
import software.tnb.ldap.service.LDAP;

@AutoService({LDAP.class})
/* loaded from: input_file:software/tnb/ldap/resource/openshift/OpenshiftLDAP.class */
public class OpenshiftLDAP extends LDAP implements ReusableOpenshiftDeployable, WithName {
    private PortForward portForward;
    private int localPort;
    private String sccName;
    private String serviceAccountName;

    public void undeploy() {
        ((DeployableScalableResource) OpenshiftClient.get().deploymentConfigs().withName(name())).delete();
        ((FilterWatchListDeletable) OpenshiftClient.get().services().withLabel(OpenshiftConfiguration.openshiftDeploymentLabel(), name())).delete();
        WaitUtils.waitFor(() -> {
            return servicePod() == null;
        }, "Waiting until the pod is removed");
    }

    public void openResources() {
        this.localPort = NetworkUtils.getFreePort();
        this.portForward = (PortForward) ((ServiceResource) OpenshiftClient.get().services().withName(name())).portForward(389, this.localPort);
        LDAPConnection lDAPConnection = new LDAPConnection();
        try {
            lDAPConnection.connect("localhost", this.localPort, 20000);
            lDAPConnection.bind(((LDAPAccount) account()).username(), ((LDAPAccount) account()).password());
            this.client = new LDAPConnectionPool(lDAPConnection, 1);
        } catch (LDAPException e) {
            throw new RuntimeException("Error when connecting to LDAP server: " + e.getMessage());
        }
    }

    public void closeResources() {
        if (this.client != null) {
            ((LDAPConnectionPool) this.client).close();
        }
        if (this.portForward == null || !this.portForward.isAlive()) {
            return;
        }
        IOUtils.closeQuietly(this.portForward);
    }

    public void create() {
        this.sccName = "tnb-ldap-" + OpenshiftClient.get().getNamespace();
        this.serviceAccountName = name() + "-sa";
        OpenshiftClient.get().serviceAccounts().createOrReplace(new ServiceAccount[]{((ServiceAccountBuilder) new ServiceAccountBuilder().withNewMetadata().withName(this.serviceAccountName).endMetadata()).build()});
        OpenshiftClient.get().addUsersToSecurityContext(OpenshiftClient.get().createSecurityContext(this.sccName, "anyuid", new String[]{"SYS_CHROOT"}), new String[]{OpenshiftClient.get().getServiceAccountRef(this.serviceAccountName)});
        Probe build = new ProbeBuilder().withTcpSocket(new TCPSocketActionBuilder().withPort(new IntOrString(389)).build()).withTimeoutSeconds(15).build();
        OpenshiftClient.get().deploymentConfigs().createOrReplace(new DeploymentConfig[]{((DeploymentConfigBuilder) ((DeploymentConfigFluent.SpecNested) ((DeploymentConfigFluent.SpecNested) ((DeploymentConfigSpecFluent.TemplateNested) ((PodTemplateSpecFluent.SpecNested) ((PodSpecFluent.ContainersNested) ((ContainerFluent.SecurityContextNested) ((PodSpecFluent.ContainersNested) ((DeploymentConfigSpecFluent.TemplateNested) ((DeploymentConfigBuilder) new DeploymentConfigBuilder().withNewMetadata().withName(name()).addToLabels(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).addToAnnotations("openshift.io/scc", this.sccName).endMetadata()).editOrNewSpec().addToSelector(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).withReplicas(1).editOrNewTemplate().editOrNewMetadata().addToLabels(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).endMetadata()).editOrNewSpec().withServiceAccount(this.serviceAccountName).addNewContainer().withName(name()).withImage(defaultImage()).addNewPort().withContainerPort(389).withName(name()).endPort()).editOrNewSecurityContext().editOrNewCapabilities().addNewAdd("SYS_CHROOT").endCapabilities()).endSecurityContext()).withEnv(MapUtils.toEnvVars(environmentVariables())).withReadinessProbe(build).withLivenessProbe(build).endContainer()).endSpec()).endTemplate()).addNewTrigger().withType("ConfigChange").endTrigger()).endSpec()).build()});
        OpenshiftClient.get().services().createOrReplace(new Service[]{((ServiceBuilder) ((ServiceFluent.SpecNested) ((ServiceBuilder) new ServiceBuilder().editOrNewMetadata().withName(name()).addToLabels(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).endMetadata()).editOrNewSpec().addToSelector(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).addNewPort().withName(name()).withProtocol("TCP").withPort(389).withTargetPort(new IntOrString(389)).endPort()).endSpec()).build()});
    }

    public boolean isDeployed() {
        return ((DeploymentList) ((FilterWatchListDeletable) OpenshiftClient.get().apps().deployments().withLabel(OpenshiftConfiguration.openshiftDeploymentLabel(), name())).list()).getItems().size() > 0;
    }

    public Predicate<Pod> podSelector() {
        return super.podSelector();
    }

    public void cleanup() {
    }

    public String name() {
        return "ldap";
    }

    @Override // software.tnb.ldap.service.LDAP
    public String url() {
        return String.format("ldap://%s:%d", name(), 389);
    }
}
