package io.quarkus.vault.deployment;

import io.quarkus.deployment.IsDockerWorking;
import io.quarkus.deployment.IsNormal;
import io.quarkus.deployment.annotations.BuildProducer;
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.builditem.CuratedApplicationShutdownBuildItem;
import io.quarkus.deployment.builditem.DevServicesConfigResultBuildItem;
import io.quarkus.deployment.builditem.LaunchModeBuildItem;
import io.quarkus.deployment.console.ConsoleInstalledBuildItem;
import io.quarkus.deployment.console.StartupLogCompressor;
import io.quarkus.deployment.dev.devservices.GlobalDevServicesConfig;
import io.quarkus.deployment.logging.LoggingSetupBuildItem;
import io.quarkus.runtime.configuration.ConfigUtils;
import io.quarkus.vault.runtime.config.DevServicesConfig;
import io.quarkus.vault.runtime.config.VaultBuildTimeConfig;
import java.io.Closeable;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.OptionalInt;
import org.apache.commons.lang3.RandomStringUtils;
import org.jboss.logging.Logger;
import org.testcontainers.utility.DockerImageName;
import org.testcontainers.vault.VaultContainer;

/* loaded from: input_file:io/quarkus/vault/deployment/DevServicesVaultProcessor.class */
public class DevServicesVaultProcessor {
    private static final String VAULT_IMAGE = "vault:1.7.1";
    private static final int VAULT_EXPOSED_PORT = 8200;
    private static final String CONFIG_PREFIX = "quarkus.vault.";
    private static final String URL_CONFIG_KEY = "quarkus.vault.url";
    private static final String AUTH_CONFIG_PREFIX = "quarkus.vault.authentication.";
    private static final String CLIENT_TOKEN_CONFIG_KEY = "quarkus.vault.authentication.client-token";
    private static volatile List<Closeable> closeables;
    private static volatile DevServicesConfig capturedDevServicesConfiguration;
    private final IsDockerWorking isDockerWorking = new IsDockerWorking(true);
    private static final Logger log = Logger.getLogger(DevServicesVaultProcessor.class);
    private static volatile boolean first = true;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/quarkus/vault/deployment/DevServicesVaultProcessor$FixedPortVaultContainer.class */
    public static class FixedPortVaultContainer extends VaultContainer<FixedPortVaultContainer> {
        OptionalInt fixedExposedPort;

        public FixedPortVaultContainer(DockerImageName dockerImageName, OptionalInt optionalInt) {
            super(dockerImageName);
            this.fixedExposedPort = optionalInt;
        }

        protected void configure() {
            super.configure();
            if (this.fixedExposedPort.isPresent()) {
                addFixedExposedPort(this.fixedExposedPort.getAsInt(), DevServicesVaultProcessor.VAULT_EXPOSED_PORT);
            } else {
                addExposedPort(Integer.valueOf(DevServicesVaultProcessor.VAULT_EXPOSED_PORT));
            }
        }

        public int getPort() {
            return this.fixedExposedPort.isPresent() ? this.fixedExposedPort.getAsInt() : super.getMappedPort(DevServicesVaultProcessor.VAULT_EXPOSED_PORT).intValue();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/quarkus/vault/deployment/DevServicesVaultProcessor$StartResult.class */
    public static class StartResult {
        private final String url;
        private final String clientToken;
        private final Closeable closeable;

        public StartResult(String str, String str2, Closeable closeable) {
            this.url = str;
            this.clientToken = str2;
            this.closeable = closeable;
        }
    }

    @BuildStep(onlyIfNot = {IsNormal.class}, onlyIf = {GlobalDevServicesConfig.Enabled.class})
    public void startVaultContainers(BuildProducer<DevServicesConfigResultBuildItem> buildProducer, VaultBuildTimeConfig vaultBuildTimeConfig, Optional<ConsoleInstalledBuildItem> optional, LaunchModeBuildItem launchModeBuildItem, CuratedApplicationShutdownBuildItem curatedApplicationShutdownBuildItem, LoggingSetupBuildItem loggingSetupBuildItem) {
        DevServicesConfig devServicesConfig = vaultBuildTimeConfig.devservices;
        if (closeables != null) {
            if (!(!devServicesConfig.equals(capturedDevServicesConfiguration))) {
                return;
            }
            Iterator<Closeable> it = closeables.iterator();
            while (it.hasNext()) {
                try {
                    it.next().close();
                } catch (Throwable th) {
                    log.error("Failed to stop Vault container", th);
                }
            }
            closeables = null;
            capturedDevServicesConfiguration = null;
        }
        capturedDevServicesConfiguration = devServicesConfig;
        StartupLogCompressor startupLogCompressor = new StartupLogCompressor((launchModeBuildItem.isTest() ? "(test) " : "") + "Vault Dev Services Starting:", optional, loggingSetupBuildItem);
        try {
            StartResult startContainer = startContainer(devServicesConfig);
            startupLogCompressor.close();
            if (startContainer == null) {
                return;
            }
            HashMap hashMap = new HashMap();
            hashMap.put(URL_CONFIG_KEY, startContainer.url);
            hashMap.put(CLIENT_TOKEN_CONFIG_KEY, startContainer.clientToken);
            closeables = Collections.singletonList(startContainer.closeable);
            if (first) {
                first = false;
                curatedApplicationShutdownBuildItem.addCloseTask(new Runnable() { // from class: io.quarkus.vault.deployment.DevServicesVaultProcessor.1
                    @Override // java.lang.Runnable
                    public void run() {
                        if (DevServicesVaultProcessor.closeables != null) {
                            Iterator<Closeable> it2 = DevServicesVaultProcessor.closeables.iterator();
                            while (it2.hasNext()) {
                                try {
                                    it2.next().close();
                                } catch (Throwable th2) {
                                    DevServicesVaultProcessor.log.error("Failed to stop Vault container", th2);
                                }
                            }
                        }
                        DevServicesVaultProcessor.first = true;
                        DevServicesVaultProcessor.closeables = null;
                        DevServicesVaultProcessor.capturedDevServicesConfiguration = null;
                    }
                }, true);
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                buildProducer.produce(new DevServicesConfigResultBuildItem((String) entry.getKey(), (String) entry.getValue()));
            }
        } catch (Throwable th2) {
            startupLogCompressor.closeAndDumpCaptured();
            throw new RuntimeException(th2);
        }
    }

    private StartResult startContainer(DevServicesConfig devServicesConfig) {
        if (!devServicesConfig.enabled) {
            log.debug("Not starting devservices for Vault as it has been disabled in the config");
            return null;
        }
        if (!this.isDockerWorking.getAsBoolean()) {
            log.warn("Please configure Vault URL or get a working docker instance");
            return null;
        }
        if (!(!ConfigUtils.isPropertyPresent(URL_CONFIG_KEY))) {
            log.debug("Not starting devservices for default Vault client as url has been provided");
            return null;
        }
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(10);
        final FixedPortVaultContainer fixedPortVaultContainer = (FixedPortVaultContainer) new FixedPortVaultContainer(DockerImageName.parse((String) devServicesConfig.imageName.orElse(VAULT_IMAGE)).asCompatibleSubstituteFor(VAULT_IMAGE), devServicesConfig.port).withVaultToken(randomAlphanumeric);
        if (devServicesConfig.transitEnabled) {
            fixedPortVaultContainer.withInitCommand(new String[]{"secrets enable transit"});
        }
        if (devServicesConfig.pkiEnabled) {
            fixedPortVaultContainer.withInitCommand(new String[]{"secrets enable pki"});
        }
        fixedPortVaultContainer.start();
        return new StartResult("http://" + fixedPortVaultContainer.getHost() + ":" + fixedPortVaultContainer.getPort(), randomAlphanumeric, new Closeable() { // from class: io.quarkus.vault.deployment.DevServicesVaultProcessor.2
            @Override // java.io.Closeable, java.lang.AutoCloseable
            public void close() {
                fixedPortVaultContainer.close();
            }
        });
    }
}
