package org.infinispan.cli.commands.kubernetes;

import io.fabric8.kubernetes.api.model.Container;
import io.fabric8.kubernetes.api.model.ContainerPort;
import io.fabric8.kubernetes.api.model.GenericKubernetesResource;
import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.PodList;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.LocalPortForward;
import io.fabric8.kubernetes.client.dsl.FilterWatchListDeletable;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import io.fabric8.kubernetes.client.dsl.PodResource;
import java.net.InetAddress;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.PosixFilePermissions;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Map;
import org.aesh.command.CommandDefinition;
import org.aesh.command.CommandResult;
import org.aesh.command.impl.completer.FileOptionCompleter;
import org.aesh.command.option.Argument;
import org.aesh.command.option.Option;
import org.aesh.io.Resource;
import org.aesh.readline.terminal.formatting.Color;
import org.aesh.readline.terminal.formatting.TerminalColor;
import org.aesh.readline.terminal.formatting.TerminalString;
import org.infinispan.cli.commands.CLI;
import org.infinispan.cli.commands.CliCommand;
import org.infinispan.cli.impl.ContextAwareCommandInvocation;
import org.infinispan.cli.impl.DefaultShell;
import org.infinispan.cli.impl.KubernetesContext;
import org.infinispan.cli.logging.Messages;
import org.infinispan.commons.util.Util;

@CommandDefinition(name = "shell", description = "Initiates an interactive shell with a service.")
/* loaded from: input_file:org/infinispan/cli/commands/kubernetes/Shell.class */
public class Shell extends CliCommand {

    @Option(shortName = 'n', description = "Specifies the namespace where the cluster is running. Uses the default namespace if you do not specify one.")
    String namespace;

    @Option(shortName = 'p', name = "pod-name", description = "Specifies to which pod you connect.")
    String podName;

    @Option(shortName = 'u', name = "username", description = "The username to use when connecting")
    String username;

    @Option(completer = FileOptionCompleter.class, shortName = 'k', name = "keystore", description = "A keystore containing a client certificate to authenticate with the server")
    Resource keystore;

    @Option(shortName = 'w', name = "keystore-password", description = "The password for the keystore")
    String keystorePassword;

    @Option(shortName = 'h', hasValue = false, overrideRequired = true)
    protected boolean help;

    @Argument(description = "Specifies the name of the service to connect to. Defaults to 'infinispan'", defaultValue = {Kube.DEFAULT_CLUSTER_NAME})
    String name;

    @Override // org.infinispan.cli.commands.CliCommand
    public boolean isHelp() {
        return this.help;
    }

    @Override // org.infinispan.cli.commands.CliCommand
    public CommandResult exec(ContextAwareCommandInvocation contextAwareCommandInvocation) {
        byte[] bytes;
        String str;
        KubernetesClient client = KubernetesContext.getClient(contextAwareCommandInvocation);
        this.namespace = Kube.getNamespaceOrDefault(client, this.namespace);
        GenericKubernetesResource genericKubernetesResource = (GenericKubernetesResource) ((io.fabric8.kubernetes.client.dsl.Resource) ((NonNamespaceOperation) client.genericKubernetesResources(Kube.INFINISPAN_CLUSTER_CRD).inNamespace(this.namespace)).withName(this.name)).get();
        if (genericKubernetesResource == null) {
            throw Messages.MSG.noSuchService(this.name, this.namespace);
        }
        String str2 = (String) Kube.getProperty(genericKubernetesResource, "spec", "security", "endpointSecretName");
        String str3 = (String) Kube.getProperty(genericKubernetesResource, "spec", "security", "endpointEncryption", "certSecretName");
        Pod pod = this.podName == null ? (Pod) ((PodList) ((FilterWatchListDeletable) ((NonNamespaceOperation) client.pods().inNamespace(this.namespace)).withLabel("infinispan_cr", this.name)).list()).getItems().stream().filter(pod2 -> {
            return "running".equalsIgnoreCase(pod2.getStatus().getPhase());
        }).findFirst().orElse(null) : (Pod) ((PodResource) ((NonNamespaceOperation) client.pods().inNamespace(this.namespace)).withName(this.podName)).get();
        if (pod == null) {
            throw Messages.MSG.noRunningPodsInService(this.name);
        }
        try {
            LocalPortForward localPortForward = (LocalPortForward) ((PodResource) ((NonNamespaceOperation) client.pods().inNamespace(this.namespace)).withName(pod.getMetadata().getName())).portForward(((ContainerPort) ((Container) pod.getSpec().getContainers().get(0)).getPorts().stream().filter(containerPort -> {
                return Kube.DEFAULT_CLUSTER_NAME.equals(containerPort.getName());
            }).findFirst().get()).getContainerPort().intValue());
            try {
                StringBuilder sb = new StringBuilder();
                ArrayList arrayList = new ArrayList();
                if (str3 != null) {
                    sb.append("https://");
                    Secret secret = Kube.getSecret(client, this.namespace, str3);
                    if (secret.getData().containsKey("keystore.p12")) {
                        bytes = Base64.getDecoder().decode((String) secret.getData().get("keystore.p12"));
                        str = ".p12";
                        String str4 = new String(Base64.getDecoder().decode((String) secret.getData().get("password")));
                        arrayList.add("-s");
                        arrayList.add(str4);
                    } else {
                        bytes = new String(Base64.getDecoder().decode((String) secret.getData().get("tls.crt"))).getBytes(StandardCharsets.UTF_8);
                        str = ".pem";
                    }
                    Path createTempFile = Files.createTempFile("clitrust", str, PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rw-------")));
                    Files.write(createTempFile, bytes, new OpenOption[0]);
                    arrayList.add("-t");
                    arrayList.add(createTempFile.toString());
                    arrayList.add("--hostname-verifier");
                    arrayList.add(".*");
                    if (this.keystore != null) {
                        arrayList.add("-k");
                        arrayList.add(this.keystore.getAbsolutePath());
                        arrayList.add("-w");
                        arrayList.add(this.keystorePassword);
                    }
                } else {
                    sb.append("http://");
                }
                if (str2 != null) {
                    Map<String, String> decodeOpaqueSecrets = Kube.decodeOpaqueSecrets(Kube.getSecret(client, this.namespace, str2));
                    if (this.username != null) {
                        sb.append(this.username);
                        if (decodeOpaqueSecrets.containsKey(this.username)) {
                            sb.append(':');
                            sb.append(decodeOpaqueSecrets.get(this.username));
                        }
                        sb.append('@');
                    } else {
                        if (decodeOpaqueSecrets.size() != 1) {
                            throw Messages.MSG.usernameRequired();
                        }
                        Map.Entry<String, String> next = decodeOpaqueSecrets.entrySet().iterator().next();
                        sb.append(next.getKey());
                        sb.append(':');
                        sb.append(next.getValue());
                        sb.append('@');
                    }
                }
                InetAddress localAddress = localPortForward.getLocalAddress();
                if (localAddress.getAddress().length == 4) {
                    sb.append(localAddress.getHostAddress());
                } else {
                    sb.append('[').append(localAddress.getHostAddress()).append(']');
                }
                sb.append(':');
                sb.append(localPortForward.getLocalPort());
                arrayList.add("-c");
                arrayList.add(sb.toString());
                Messages.CLI.debugf("cli %s", arrayList);
                CLI.main(new DefaultShell(), (String[]) arrayList.toArray(new String[0]), System.getProperties(), false);
                CommandResult commandResult = CommandResult.SUCCESS;
                if (localPortForward != null) {
                    localPortForward.close();
                }
                return commandResult;
            } finally {
            }
        } catch (Throwable th) {
            contextAwareCommandInvocation.getShell().writeln(new TerminalString(Util.getRootCause(th).getLocalizedMessage(), new TerminalColor(Color.RED, Color.DEFAULT, Color.Intensity.BRIGHT)).toString());
            return CommandResult.FAILURE;
        }
    }
}
