package software.tnb.jms.amq.resource.openshift;

import com.google.auto.service.AutoService;
import cz.xtf.core.openshift.OpenShiftWaiters;
import cz.xtf.core.openshift.helpers.ResourceFunctions;
import cz.xtf.core.openshift.helpers.ResourceParsers;
import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.PodList;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.client.dsl.EditReplacePatchDeletable;
import io.fabric8.kubernetes.client.dsl.FilterWatchListDeletable;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.kubernetes.client.dsl.base.CustomResourceDefinitionContext;
import io.fabric8.openshift.api.model.Route;
import io.fabric8.openshift.api.model.RouteList;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Date;
import java.util.List;
import java.util.Map;
import javax.jms.Connection;
import javax.jms.JMSException;
import org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.tnb.common.deployment.OpenshiftDeployable;
import software.tnb.common.deployment.WithExternalHostname;
import software.tnb.common.deployment.WithInClusterHostname;
import software.tnb.common.deployment.WithOperator;
import software.tnb.common.openshift.OpenshiftClient;
import software.tnb.jms.amq.resource.openshift.generated.Acceptor;
import software.tnb.jms.amq.resource.openshift.generated.ActiveMQArtemis;
import software.tnb.jms.amq.resource.openshift.generated.ActiveMQArtemisList;
import software.tnb.jms.amq.resource.openshift.generated.ActiveMQArtemisSpec;
import software.tnb.jms.amq.resource.openshift.generated.DeploymentPlan;
import software.tnb.jms.amq.service.AMQBroker;

@AutoService({AMQBroker.class})
/* loaded from: input_file:software/tnb/jms/amq/resource/openshift/OpenshiftAMQBroker.class */
public class OpenshiftAMQBroker extends AMQBroker implements OpenshiftDeployable, WithInClusterHostname, WithExternalHostname, WithOperator {
    public static final String BROKER_NAME = "tnb-amq-broker";
    private static final String SSL_SECRET_NAME = "tnb-ssl-secret";
    private static final String DEFAULT_CHANNEL = "7.10.x";
    private static final String OPERATOR_NAME = "amq-broker-rhel8";
    private static final String DEFAULT_SOURCE = "redhat-operators";
    private static final String SUBSCRIPTION_NAME = "tnb-amq-broker";
    private static final String SUBSCRIPTION_NAMESPACE = "openshift-marketplace";
    private static final Logger LOG = LoggerFactory.getLogger(OpenshiftAMQBroker.class);
    private static final CustomResourceDefinitionContext ARTEMIS_CTX = new CustomResourceDefinitionContext.Builder().withName("ActiveMQArtemis").withGroup("broker.amq.io").withVersion("v2alpha5").withPlural("activemqartemises").withScope("Namespaced").build();

    public void create() {
        LOG.debug("Creating AMQ broker");
        OpenshiftClient.get().createSubscription(operatorChannel(), OPERATOR_NAME, operatorCatalog(), "tnb-amq-broker", SUBSCRIPTION_NAMESPACE, OpenshiftClient.get().getNamespace(), false);
        OpenshiftClient.get().waitForInstallPlanToComplete("tnb-amq-broker");
        amqBrokerCli().createOrReplace(new ActiveMQArtemis[]{createBrokerCR()});
    }

    public boolean isReady() {
        return ((Boolean) ResourceFunctions.areExactlyNPodsReady(1).apply(OpenshiftClient.get().getLabeledPods("ActiveMQArtemis", "tnb-amq-broker"))).booleanValue();
    }

    public boolean isDeployed() {
        List items = ((PodList) ((FilterWatchListDeletable) OpenshiftClient.get().pods().withLabel("name", "amq-broker-operator")).list()).getItems();
        return items.size() == 1 && ResourceParsers.isPodReady((Pod) items.get(0)) && ((ActiveMQArtemisList) amqBrokerCli().list()).getItems().size() > 0;
    }

    public String inClusterHostname() {
        return String.format("%s.%s-hdls-svc.%s.svc.cluster.local", ((Pod) OpenshiftClient.get().getLabeledPods("ActiveMQArtemis", "tnb-amq-broker").get(0)).getMetadata().getName(), "tnb-amq-broker", OpenshiftClient.get().getNamespace());
    }

    public String externalHostname() {
        List items = ((RouteList) ((FilterWatchListDeletable) OpenshiftClient.get().routes().withLabel("ActiveMQArtemis", "tnb-amq-broker")).list()).getItems();
        if (items.size() != 1) {
            throw new RuntimeException("Expected single route to be present but was " + items.size());
        }
        return ((Route) items.get(0)).getSpec().getHost();
    }

    public void undeploy() {
        ((EditReplacePatchDeletable) ((Resource) amqBrokerCli().withName("tnb-amq-broker")).withPropagationPolicy(DeletionPropagation.BACKGROUND)).delete();
        OpenShiftWaiters.get(OpenshiftClient.get(), () -> {
            return false;
        }).areExactlyNPodsRunning(0, "ActiveMQArtemis", "tnb-amq-broker").timeout(120000L).waitFor();
        OpenshiftClient.get().deleteSecret(SSL_SECRET_NAME);
        OpenshiftClient.get().deleteSubscription("tnb-amq-broker");
        OpenShiftWaiters.get(OpenshiftClient.get(), () -> {
            return false;
        }).areExactlyNPodsRunning(0, "name", "amq-broker-operator").timeout(120000L).waitFor();
    }

    public void openResources() {
        this.connection = createConnection();
    }

    public void closeResources() {
        try {
            this.connection.close();
        } catch (JMSException e) {
            throw new RuntimeException("Can't close JMS connection");
        }
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    public String brokerUrl() {
        return inClusterHostname();
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    protected String mqttUrl() {
        return String.format("ssl://%s:443", externalHostname());
    }

    @Override // software.tnb.jms.amq.service.AMQBroker
    public int getPortMapping(int i) {
        return 61626;
    }

    private Connection createConnection() {
        try {
            System.setProperty("org.apache.activemq.ssl.trustStore", materializeTrustStore().toAbsolutePath().toString());
            System.setProperty("org.apache.activemq.ssl.trustStorePassword", account().truststorePassword());
            Connection createConnection = new ActiveMQConnectionFactory(String.format("tcp://%s:%s?useTopologyForLoadBalancing=false&sslEnabled=true&verifyHost=false", externalHostname(), 443), account().username(), account().password()).createConnection();
            createConnection.start();
            return createConnection;
        } catch (JMSException e) {
            throw new RuntimeException("Can't create jms connection", e);
        } catch (IOException e2) {
            throw new RuntimeException("Can't materialize jms truststore", e2);
        }
    }

    private ActiveMQArtemis createBrokerCR() {
        OpenshiftClient.get().secrets().createOrReplace(new Secret[]{((SecretBuilder) new SecretBuilder().editOrNewMetadata().withName(SSL_SECRET_NAME).endMetadata()).withData(Map.of("keyStorePassword", encode(account().keystorePassword().getBytes()), "trustStorePassword", encode(account().truststorePassword().getBytes()), "client.ts", encodeResource("broker.ts"), "broker.ks", encodeResource("broker.ks"))).build()});
        ActiveMQArtemis activeMQArtemis = new ActiveMQArtemis();
        activeMQArtemis.getMetadata().setName("tnb-amq-broker");
        DeploymentPlan deploymentPlan = new DeploymentPlan();
        deploymentPlan.setSize(1);
        deploymentPlan.setImage("placeholder");
        deploymentPlan.setRequireLogin(false);
        deploymentPlan.setPersistenceEnabled(false);
        deploymentPlan.setJournalType("nio");
        deploymentPlan.setMessageMigration(true);
        activeMQArtemis.setSpec(new ActiveMQArtemisSpec());
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setDeploymentPlan(deploymentPlan);
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setAdminUser(account().username());
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setAdminPassword(account().password());
        Acceptor acceptor = new Acceptor();
        acceptor.setName("all-ssl");
        acceptor.setProtocols("all");
        acceptor.setPort(61636);
        acceptor.setExpose(true);
        acceptor.setSslEnabled(true);
        acceptor.setSslSecret(SSL_SECRET_NAME);
        Acceptor acceptor2 = new Acceptor();
        acceptor2.setName("all-internal");
        acceptor2.setProtocols("all");
        acceptor2.setPort(61626);
        acceptor2.setExpose(false);
        acceptor2.setSslEnabled(false);
        ArrayList arrayList = new ArrayList();
        arrayList.add(acceptor);
        arrayList.add(acceptor2);
        ((ActiveMQArtemisSpec) activeMQArtemis.getSpec()).setAcceptors(arrayList);
        return activeMQArtemis;
    }

    private Path materializeTrustStore() throws IOException {
        Path path = Paths.get("target", "tnb-trust-store" + new Date().getTime() + ".ts");
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream("/client.ts");
            try {
                Files.copy(resourceAsStream, path, StandardCopyOption.REPLACE_EXISTING);
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                return path;
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("Unable to create truststore", e);
        }
    }

    private String encode(byte[] bArr) {
        return Base64.getEncoder().encodeToString(bArr);
    }

    private String encodeResource(String str) {
        try {
            return encode(IOUtils.toByteArray(getClass().getResource("/" + str)));
        } catch (IOException e) {
            throw new RuntimeException("Unable to encode resource " + str, e);
        }
    }

    private NonNamespaceOperation<ActiveMQArtemis, ActiveMQArtemisList, Resource<ActiveMQArtemis>> amqBrokerCli() {
        return OpenshiftClient.get().customResources(ARTEMIS_CTX, ActiveMQArtemis.class, ActiveMQArtemisList.class).inNamespace(OpenshiftClient.get().getNamespace());
    }

    public String defaultOperatorCatalog() {
        return DEFAULT_SOURCE;
    }

    public String defaultOperatorChannel() {
        return DEFAULT_CHANNEL;
    }
}
