package com.hazelcast.kubernetes;

import com.hazelcast.internal.json.Json;
import com.hazelcast.internal.json.JsonArray;
import com.hazelcast.internal.json.JsonObject;
import com.hazelcast.internal.json.JsonValue;
import com.hazelcast.internal.util.StringUtil;
import com.hazelcast.jet.core.metrics.MetricTags;
import com.hazelcast.kubernetes.KubernetesConfig;
import com.hazelcast.logging.ILogger;
import com.hazelcast.logging.Logger;
import com.hazelcast.spi.exception.RestClientException;
import com.hazelcast.spi.utils.RestClient;
import com.hazelcast.spi.utils.RetryUtils;
import io.netty.handler.codec.rtsp.RtspHeaders;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Stream;
import org.springframework.web.servlet.tags.BindTag;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:BOOT-INF/lib/hazelcast-5.0.2.jar:com/hazelcast/kubernetes/KubernetesClient.class */
public class KubernetesClient {
    private static final ILogger LOGGER = Logger.getLogger(KubernetesClient.class);
    private static final List<String> NON_RETRYABLE_KEYWORDS = Arrays.asList("\"reason\":\"Forbidden\"", "\"reason\":\"Unauthorized\"", "Failure in generating SSLSocketFactory");
    private final String namespace;
    private final String kubernetesMaster;
    private final String apiToken;
    private final String caCertificate;
    private final int retries;
    private KubernetesConfig.ExposeExternallyMode exposeExternallyMode;
    private final boolean useNodeNameAsExternalAddress;
    private final String servicePerPodLabelName;
    private final String servicePerPodLabelValue;
    private boolean isNoPublicIpAlreadyLogged;
    private boolean isKnownExceptionAlreadyLogged;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/hazelcast-5.0.2.jar:com/hazelcast/kubernetes/KubernetesClient$Endpoint.class */
    public static final class Endpoint {
        private final EndpointAddress privateAddress;
        private final EndpointAddress publicAddress;
        private final boolean isReady;
        private final Map<String, String> additionalProperties;

        Endpoint(EndpointAddress endpointAddress, boolean z) {
            this.privateAddress = endpointAddress;
            this.publicAddress = null;
            this.isReady = z;
            this.additionalProperties = Collections.emptyMap();
        }

        Endpoint(EndpointAddress endpointAddress, boolean z, Map<String, String> map) {
            this.privateAddress = endpointAddress;
            this.publicAddress = null;
            this.isReady = z;
            this.additionalProperties = map;
        }

        Endpoint(EndpointAddress endpointAddress, EndpointAddress endpointAddress2, boolean z, Map<String, String> map) {
            this.privateAddress = endpointAddress;
            this.publicAddress = endpointAddress2;
            this.isReady = z;
            this.additionalProperties = map;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public EndpointAddress getPublicAddress() {
            return this.publicAddress;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public EndpointAddress getPrivateAddress() {
            return this.privateAddress;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public boolean isReady() {
            return this.isReady;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Map<String, String> getAdditionalProperties() {
            return this.additionalProperties;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/hazelcast-5.0.2.jar:com/hazelcast/kubernetes/KubernetesClient$EndpointAddress.class */
    public static final class EndpointAddress {
        private final String ip;
        private final Integer port;

        EndpointAddress(String str, Integer num) {
            this.ip = str;
            this.port = num;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public String getIp() {
            return this.ip;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Integer getPort() {
            return this.port;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            EndpointAddress endpointAddress = (EndpointAddress) obj;
            if (this.ip != null) {
                if (!this.ip.equals(endpointAddress.ip)) {
                    return false;
                }
            } else if (endpointAddress.ip != null) {
                return false;
            }
            return this.port != null ? this.port.equals(endpointAddress.port) : endpointAddress.port == null;
        }

        public int hashCode() {
            return (31 * (this.ip != null ? this.ip.hashCode() : 0)) + (this.port != null ? this.port.hashCode() : 0);
        }

        public String toString() {
            return String.format("%s:%s", this.ip, this.port);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KubernetesClient(String str, String str2, String str3, String str4, int i, KubernetesConfig.ExposeExternallyMode exposeExternallyMode, boolean z, String str5, String str6) {
        this.namespace = str;
        this.kubernetesMaster = str2;
        this.apiToken = str3;
        this.caCertificate = str4;
        this.retries = i;
        this.exposeExternallyMode = exposeExternallyMode;
        this.useNodeNameAsExternalAddress = z;
        this.servicePerPodLabelName = str5;
        this.servicePerPodLabelValue = str6;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Endpoint> endpoints() {
        try {
            return enrichWithPublicAddresses(parsePodsList(callGet(String.format("%s/api/v1/namespaces/%s/pods", this.kubernetesMaster, this.namespace))));
        } catch (RestClientException e) {
            return handleKnownException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Endpoint> endpointsByServiceLabel(String str, String str2) {
        try {
            return enrichWithPublicAddresses(parseEndpointsList(callGet(String.format("%s/api/v1/namespaces/%s/endpoints?%s", this.kubernetesMaster, this.namespace, String.format("labelSelector=%s=%s", str, str2)))));
        } catch (RestClientException e) {
            return handleKnownException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Endpoint> endpointsByName(String str) {
        try {
            return enrichWithPublicAddresses(parseEndpoints(callGet(String.format("%s/api/v1/namespaces/%s/endpoints/%s", this.kubernetesMaster, this.namespace, str))));
        } catch (RestClientException e) {
            return handleKnownException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<Endpoint> endpointsByPodLabel(String str, String str2) {
        try {
            return enrichWithPublicAddresses(parsePodsList(callGet(String.format("%s/api/v1/namespaces/%s/pods?%s", this.kubernetesMaster, this.namespace, String.format("labelSelector=%s=%s", str, str2)))));
        } catch (RestClientException e) {
            return handleKnownException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String zone(String str) {
        return extractZone(callGet(String.format("%s/api/v1/nodes/%s", this.kubernetesMaster, nodeName(str))));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String nodeName(String str) {
        return extractNodeName(callGet(String.format("%s/api/v1/namespaces/%s/pods/%s", this.kubernetesMaster, this.namespace, str)));
    }

    private static List<Endpoint> parsePodsList(JsonObject jsonObject) {
        ArrayList arrayList = new ArrayList();
        Iterator<JsonValue> it = toJsonArray(jsonObject.get("items")).iterator();
        while (it.hasNext()) {
            JsonValue next = it.next();
            JsonObject asObject = next.asObject().get(BindTag.STATUS_VARIABLE_NAME).asObject();
            String kubernetesClient = toString(asObject.get("podIP"));
            if (kubernetesClient != null) {
                arrayList.add(new Endpoint(new EndpointAddress(kubernetesClient, extractContainerPort(next)), isReady(asObject)));
            }
        }
        return arrayList;
    }

    private static Integer extractContainerPort(JsonValue jsonValue) {
        JsonValue jsonValue2;
        JsonArray jsonArray = toJsonArray(jsonValue.asObject().get("spec").asObject().get("containers"));
        if (jsonArray.size() != 1) {
            return null;
        }
        JsonArray jsonArray2 = toJsonArray(jsonArray.get(0).asObject().get("ports"));
        if (jsonArray2.size() == 1 && (jsonValue2 = jsonArray2.get(0).asObject().get("containerPort")) != null && jsonValue2.isNumber()) {
            return Integer.valueOf(jsonValue2.asInt());
        }
        return null;
    }

    private static boolean isReady(JsonObject jsonObject) {
        Iterator<JsonValue> it = toJsonArray(jsonObject.get("containerStatuses")).iterator();
        while (it.hasNext()) {
            if (!it.next().asObject().get("ready").asBoolean()) {
                return false;
            }
        }
        return true;
    }

    private static List<Endpoint> parseEndpointsList(JsonObject jsonObject) {
        ArrayList arrayList = new ArrayList();
        Iterator<JsonValue> it = toJsonArray(jsonObject.get("items")).iterator();
        while (it.hasNext()) {
            arrayList.addAll(parseEndpoints(it.next()));
        }
        return arrayList;
    }

    private static List<Endpoint> parseEndpoints(JsonValue jsonValue) {
        ArrayList arrayList = new ArrayList();
        Iterator<JsonValue> it = toJsonArray(jsonValue.asObject().get("subsets")).iterator();
        while (it.hasNext()) {
            JsonValue next = it.next();
            Integer extractPort = extractPort(next);
            Iterator<JsonValue> it2 = toJsonArray(next.asObject().get("addresses")).iterator();
            while (it2.hasNext()) {
                arrayList.add(extractEntrypointAddress(it2.next(), extractPort, true));
            }
            Iterator<JsonValue> it3 = toJsonArray(next.asObject().get("notReadyAddresses")).iterator();
            while (it3.hasNext()) {
                arrayList.add(extractEntrypointAddress(it3.next(), extractPort, false));
            }
        }
        return arrayList;
    }

    private static String extractTargetRefName(JsonValue jsonValue) {
        return (String) Optional.of(jsonValue).flatMap(jsonValue2 -> {
            return toJsonArray(jsonValue2.asObject().get("subsets")).values().stream().findFirst();
        }).flatMap(jsonValue3 -> {
            return Stream.concat(toJsonArray(jsonValue3.asObject().get("addresses")).values().stream(), toJsonArray(jsonValue3.asObject().get("notReadyAddresses")).values().stream()).findFirst();
        }).map(jsonValue4 -> {
            return jsonValue4.asObject().get("targetRef");
        }).map(jsonValue5 -> {
            return jsonValue5.asObject().get("name");
        }).map(KubernetesClient::toString).orElse(null);
    }

    private static Integer extractPort(JsonValue jsonValue) {
        JsonArray jsonArray = toJsonArray(jsonValue.asObject().get("ports"));
        if (jsonArray.size() == 1) {
            return Integer.valueOf(jsonArray.get(0).asObject().get(RtspHeaders.Values.PORT).asInt());
        }
        return null;
    }

    private static Endpoint extractEntrypointAddress(JsonValue jsonValue, Integer num, boolean z) {
        String asString = jsonValue.asObject().get("ip").asString();
        Integer extractHazelcastServicePortFrom = extractHazelcastServicePortFrom(jsonValue, num);
        return new Endpoint(new EndpointAddress(asString, extractHazelcastServicePortFrom), z, extractAdditionalPropertiesFrom(jsonValue));
    }

    private static Integer extractHazelcastServicePortFrom(JsonValue jsonValue, Integer num) {
        JsonValue jsonValue2 = jsonValue.asObject().get("hazelcast-service-port");
        return (jsonValue2 == null || !jsonValue2.isNumber()) ? num : Integer.valueOf(jsonValue2.asInt());
    }

    private static Map<String, String> extractAdditionalPropertiesFrom(JsonValue jsonValue) {
        HashSet hashSet = new HashSet(Arrays.asList("ip", "nodeName", "targetRef", "hostname", "hazelcast-service-port"));
        HashMap hashMap = new HashMap();
        Iterator<JsonObject.Member> it = jsonValue.asObject().iterator();
        while (it.hasNext()) {
            JsonObject.Member next = it.next();
            if (!hashSet.contains(next.getName())) {
                hashMap.put(next.getName(), toString(next.getValue()));
            }
        }
        return hashMap;
    }

    private static String extractNodeName(JsonObject jsonObject) {
        return toString(jsonObject.get("spec").asObject().get("nodeName"));
    }

    private static String extractZone(JsonObject jsonObject) {
        JsonObject asObject = jsonObject.get("metadata").asObject().get("labels").asObject();
        Iterator it = Arrays.asList("topology.kubernetes.io/zone", "failure-domain.kubernetes.io/zone", "failure-domain.beta.kubernetes.io/zone").iterator();
        while (it.hasNext()) {
            JsonValue jsonValue = asObject.get((String) it.next());
            if (jsonValue != null) {
                return toString(jsonValue);
            }
        }
        return null;
    }

    private List<Endpoint> enrichWithPublicAddresses(List<Endpoint> list) {
        String externalAddressForNode;
        if (this.exposeExternallyMode == KubernetesConfig.ExposeExternallyMode.DISABLED) {
            return list;
        }
        try {
            String format = String.format("%s/api/v1/namespaces/%s/endpoints", this.kubernetesMaster, this.namespace);
            if (!StringUtil.isNullOrEmptyAfterTrim(this.servicePerPodLabelName) && !StringUtil.isNullOrEmptyAfterTrim(this.servicePerPodLabelValue)) {
                format = format + String.format("?labelSelector=%s=%s", this.servicePerPodLabelName, this.servicePerPodLabelValue);
            }
            JsonObject callGet = callGet(format);
            List<EndpointAddress> privateAddresses = privateAddresses(list);
            Map<EndpointAddress, String> extractServices = extractServices(callGet, privateAddresses);
            Map<EndpointAddress, String> extractNodes = extractNodes(callGet, privateAddresses);
            HashMap hashMap = new HashMap();
            HashMap hashMap2 = new HashMap();
            HashMap hashMap3 = new HashMap();
            for (Map.Entry<EndpointAddress, String> entry : extractServices.entrySet()) {
                EndpointAddress key = entry.getKey();
                JsonObject callGet2 = callGet(String.format("%s/api/v1/namespaces/%s/services/%s", this.kubernetesMaster, this.namespace, entry.getValue()));
                try {
                    String extractLoadBalancerAddress = extractLoadBalancerAddress(callGet2);
                    Integer extractServicePort = extractServicePort(callGet2);
                    hashMap.put(key, extractLoadBalancerAddress);
                    hashMap2.put(key, extractServicePort);
                } catch (Exception e) {
                    Integer extractNodePort = extractNodePort(callGet2);
                    String str = extractNodes.get(key);
                    if (hashMap3.containsKey(str)) {
                        externalAddressForNode = (String) hashMap3.get(str);
                    } else {
                        externalAddressForNode = externalAddressForNode(str);
                        hashMap3.put(str, externalAddressForNode);
                    }
                    hashMap.put(key, externalAddressForNode);
                    hashMap2.put(key, extractNodePort);
                }
            }
            return createEndpoints(list, hashMap, hashMap2);
        } catch (Exception e2) {
            if (this.exposeExternallyMode == KubernetesConfig.ExposeExternallyMode.ENABLED) {
                throw e2;
            }
            LOGGER.finest(e2);
            if (!this.isNoPublicIpAlreadyLogged) {
                LOGGER.warning("Cannot fetch public IPs of Hazelcast Member PODs, you won't be able to use Hazelcast Smart Client from outside of the Kubernetes network");
                this.isNoPublicIpAlreadyLogged = true;
            }
            return list;
        }
    }

    private static List<EndpointAddress> privateAddresses(List<Endpoint> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<Endpoint> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getPrivateAddress());
        }
        return arrayList;
    }

    private static Map<EndpointAddress, String> extractServices(JsonObject jsonObject, List<EndpointAddress> list) {
        HashMap hashMap = new HashMap();
        HashSet hashSet = new HashSet(list);
        Iterator<JsonValue> it = toJsonArray(jsonObject.get("items")).iterator();
        while (it.hasNext()) {
            JsonValue next = it.next();
            String kubernetesClient = toString(next.asObject().get("metadata").asObject().get("name"));
            List<Endpoint> parseEndpoints = parseEndpoints(next);
            if (parseEndpoints.size() == 1) {
                EndpointAddress privateAddress = parseEndpoints.get(0).getPrivateAddress();
                if (list.contains(privateAddress)) {
                    if (!hashMap.containsKey(privateAddress) || kubernetesClient.equals(extractTargetRefName(next))) {
                        hashMap.put(privateAddress, kubernetesClient);
                    }
                    hashSet.remove(privateAddress);
                }
            }
        }
        if (hashSet.isEmpty()) {
            return hashMap;
        }
        throw new KubernetesClientException(String.format("Cannot expose externally, the following Hazelcast member pods do not have corresponding Kubernetes services: %s", hashSet));
    }

    private static Map<EndpointAddress, String> extractNodes(JsonObject jsonObject, List<EndpointAddress> list) {
        HashMap hashMap = new HashMap();
        HashSet hashSet = new HashSet(list);
        Iterator<JsonValue> it = toJsonArray(jsonObject.get("items")).iterator();
        while (it.hasNext()) {
            Iterator<JsonValue> it2 = toJsonArray(it.next().asObject().get("subsets")).iterator();
            while (it2.hasNext()) {
                JsonObject asObject = it2.next().asObject();
                ArrayList arrayList = new ArrayList();
                Iterator<JsonValue> it3 = toJsonArray(asObject.get("ports")).iterator();
                while (it3.hasNext()) {
                    arrayList.add(Integer.valueOf(it3.next().asObject().get(RtspHeaders.Values.PORT).asInt()));
                }
                HashMap hashMap2 = new HashMap();
                hashMap2.putAll(extractNodes(asObject.get("addresses"), arrayList));
                hashMap2.putAll(extractNodes(asObject.get("notReadyAddresses"), arrayList));
                Iterator it4 = hashMap2.entrySet().iterator();
                while (it4.hasNext()) {
                    EndpointAddress endpointAddress = (EndpointAddress) ((Map.Entry) it4.next()).getKey();
                    if (list.contains(endpointAddress)) {
                        hashMap.put(endpointAddress, hashMap2.get(endpointAddress));
                        hashSet.remove(endpointAddress);
                    }
                }
            }
        }
        if (hashSet.isEmpty()) {
            return hashMap;
        }
        throw new KubernetesClientException(String.format("Cannot expose externally, the following Hazelcast member pods do not have corresponding Endpoint.nodeName value assigned: %s", hashSet));
    }

    private static Map<EndpointAddress, String> extractNodes(JsonValue jsonValue, List<Integer> list) {
        HashMap hashMap = new HashMap();
        Iterator<JsonValue> it = toJsonArray(jsonValue).iterator();
        while (it.hasNext()) {
            JsonValue next = it.next();
            String asString = next.asObject().get("ip").asString();
            String kubernetesClient = toString(next.asObject().get("nodeName"));
            Iterator<Integer> it2 = list.iterator();
            while (it2.hasNext()) {
                hashMap.put(new EndpointAddress(asString, it2.next()), kubernetesClient);
            }
        }
        return hashMap;
    }

    private static String extractLoadBalancerAddress(JsonObject jsonObject) {
        JsonObject asObject = jsonObject.get(BindTag.STATUS_VARIABLE_NAME).asObject().get("loadBalancer").asObject().get("ingress").asArray().get(0).asObject();
        JsonValue jsonValue = asObject.get("ip");
        if (jsonValue == null) {
            jsonValue = asObject.get("hostname");
        }
        return jsonValue.asString();
    }

    private static Integer extractServicePort(JsonObject jsonObject) {
        JsonArray jsonArray = toJsonArray(jsonObject.get("spec").asObject().get("ports"));
        if (jsonArray.size() != 1) {
            throw new KubernetesClientException(String.format("Cannot expose externally, service %s needs to have exactly one port defined", jsonObject.get("metadata").asObject().get("name")));
        }
        return Integer.valueOf(jsonArray.get(0).asObject().get(RtspHeaders.Values.PORT).asInt());
    }

    private static Integer extractNodePort(JsonObject jsonObject) {
        JsonArray jsonArray = toJsonArray(jsonObject.get("spec").asObject().get("ports"));
        if (jsonArray.size() != 1) {
            throw new KubernetesClientException(String.format("Cannot expose externally, service %s needs to have exactly one nodePort defined", jsonObject.get("metadata").asObject().get("name")));
        }
        return Integer.valueOf(jsonArray.get(0).asObject().get("nodePort").asInt());
    }

    private String externalAddressForNode(String str) {
        String extractNodePublicIp;
        if (this.useNodeNameAsExternalAddress) {
            LOGGER.info("Using node name instead of public IP for node, must be available from client: " + str);
            extractNodePublicIp = str;
        } else {
            extractNodePublicIp = extractNodePublicIp(callGet(String.format("%s/api/v1/nodes/%s", this.kubernetesMaster, str)));
        }
        return extractNodePublicIp;
    }

    private static String extractNodePublicIp(JsonObject jsonObject) {
        Iterator<JsonValue> it = toJsonArray(jsonObject.get(BindTag.STATUS_VARIABLE_NAME).asObject().get("addresses")).iterator();
        while (it.hasNext()) {
            JsonValue next = it.next();
            if ("ExternalIP".equals(next.asObject().get("type").asString())) {
                return next.asObject().get(MetricTags.ADDRESS).asString();
            }
        }
        throw new KubernetesClientException(String.format("Cannot expose externally, node %s does not have ExternalIP assigned", jsonObject.get("metadata").asObject().get("name")));
    }

    private static List<Endpoint> createEndpoints(List<Endpoint> list, Map<EndpointAddress, String> map, Map<EndpointAddress, Integer> map2) {
        ArrayList arrayList = new ArrayList();
        for (Endpoint endpoint : list) {
            EndpointAddress privateAddress = endpoint.getPrivateAddress();
            arrayList.add(new Endpoint(privateAddress, new EndpointAddress(map.get(privateAddress), map2.get(privateAddress)), endpoint.isReady(), endpoint.getAdditionalProperties()));
        }
        return arrayList;
    }

    private JsonObject callGet(String str) {
        return (JsonObject) RetryUtils.retry(() -> {
            return Json.parse(RestClient.create(str).withHeader("Authorization", String.format("Bearer %s", this.apiToken)).withCaCertificates(this.caCertificate).get().getBody()).asObject();
        }, this.retries, NON_RETRYABLE_KEYWORDS);
    }

    private List<Endpoint> handleKnownException(RestClientException restClientException) {
        if (restClientException.getHttpErrorCode() == 401) {
            if (!this.isKnownExceptionAlreadyLogged) {
                LOGGER.warning("Kubernetes API authorization failure! To use Hazelcast Kubernetes discovery, please check your 'api-token' property. Starting standalone.");
                this.isKnownExceptionAlreadyLogged = true;
            }
        } else {
            if (restClientException.getHttpErrorCode() != 403) {
                throw restClientException;
            }
            if (!this.isKnownExceptionAlreadyLogged) {
                LOGGER.warning("Kubernetes API access is forbidden! Starting standalone. To use Hazelcast Kubernetes discovery, configure the required RBAC. For 'default' service account in 'default' namespace execute: `kubectl apply -f https://raw.githubusercontent.com/hazelcast/hazelcast/master/kubernetes-rbac.yaml`");
                this.isKnownExceptionAlreadyLogged = true;
            }
        }
        LOGGER.finest(restClientException);
        return Collections.emptyList();
    }

    private static JsonArray toJsonArray(JsonValue jsonValue) {
        return (jsonValue == null || jsonValue.isNull()) ? new JsonArray() : jsonValue.asArray();
    }

    private static String toString(JsonValue jsonValue) {
        if (jsonValue == null || jsonValue.isNull()) {
            return null;
        }
        return jsonValue.isString() ? jsonValue.asString() : jsonValue.toString();
    }
}
