package io.quarkus.vault.deployment;

import io.quarkus.deployment.IsDockerWorking;
import io.quarkus.deployment.IsNormal;
import io.quarkus.deployment.annotations.BuildProducer;
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.builditem.CuratedApplicationShutdownBuildItem;
import io.quarkus.deployment.builditem.DevServicesConfigResultBuildItem;
import io.quarkus.deployment.builditem.LaunchModeBuildItem;
import io.quarkus.deployment.console.ConsoleInstalledBuildItem;
import io.quarkus.deployment.console.StartupLogCompressor;
import io.quarkus.deployment.dev.devservices.GlobalDevServicesConfig;
import io.quarkus.deployment.logging.LoggingSetupBuildItem;
import io.quarkus.devservices.common.ContainerLocator;
import io.quarkus.runtime.configuration.ConfigUtils;
import io.quarkus.vault.runtime.config.DevServicesConfig;
import io.quarkus.vault.runtime.config.VaultBuildTimeConfig;
import java.io.Closeable;
import java.time.Duration;
import java.util.Objects;
import java.util.Optional;
import java.util.OptionalInt;
import org.jboss.logging.Logger;
import org.testcontainers.containers.Network;
import org.testcontainers.utility.DockerImageName;
import org.testcontainers.vault.VaultContainer;

/* loaded from: input_file:io/quarkus/vault/deployment/DevServicesVaultProcessor.class */
public class DevServicesVaultProcessor {
    private static final String VAULT_IMAGE = "vault:1.7.1";
    private static final String DEV_SERVICE_TOKEN = "root";
    private static final String CONFIG_PREFIX = "quarkus.vault.";
    private static final String URL_CONFIG_KEY = "quarkus.vault.url";
    private static final String AUTH_CONFIG_PREFIX = "quarkus.vault.authentication.";
    private static final String CLIENT_TOKEN_CONFIG_KEY = "quarkus.vault.authentication.client-token";
    private static volatile Closeable closeable;
    private static volatile DevServicesConfig capturedDevServicesConfiguration;
    private final IsDockerWorking isDockerWorking = new IsDockerWorking(true);
    private static final Logger log = Logger.getLogger(DevServicesVaultProcessor.class);
    private static final String DEV_SERVICE_LABEL = "quarkus-dev-service-vault";
    private static final int VAULT_EXPOSED_PORT = 8200;
    private static final ContainerLocator vaultContainerLocator = new ContainerLocator(DEV_SERVICE_LABEL, VAULT_EXPOSED_PORT);
    private static volatile boolean first = true;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/quarkus/vault/deployment/DevServicesVaultProcessor$ConfiguredVaultContainer.class */
    public static class ConfiguredVaultContainer extends VaultContainer<ConfiguredVaultContainer> {
        OptionalInt fixedExposedPort;

        public ConfiguredVaultContainer(DockerImageName dockerImageName, OptionalInt optionalInt, String str) {
            super(dockerImageName);
            this.fixedExposedPort = optionalInt;
            withNetwork(Network.SHARED);
            if (str != null) {
                withLabel(DevServicesVaultProcessor.DEV_SERVICE_LABEL, str);
            }
        }

        protected void configure() {
            super.configure();
            if (this.fixedExposedPort.isPresent()) {
                addFixedExposedPort(this.fixedExposedPort.getAsInt(), DevServicesVaultProcessor.VAULT_EXPOSED_PORT);
            } else {
                addExposedPort(Integer.valueOf(DevServicesVaultProcessor.VAULT_EXPOSED_PORT));
            }
        }

        public int getPort() {
            return this.fixedExposedPort.isPresent() ? this.fixedExposedPort.getAsInt() : super.getMappedPort(DevServicesVaultProcessor.VAULT_EXPOSED_PORT).intValue();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/quarkus/vault/deployment/DevServicesVaultProcessor$VaultInstance.class */
    public static class VaultInstance {
        private final String url;
        private final String clientToken;
        private final Closeable closeable;

        public VaultInstance(String str, int i, String str2, Closeable closeable) {
            this("http://" + str + ":" + i, str2, closeable);
        }

        public VaultInstance(String str, String str2, Closeable closeable) {
            this.url = str;
            this.clientToken = str2;
            this.closeable = closeable;
        }

        public boolean isOwner() {
            return this.closeable != null;
        }

        public Closeable getCloseable() {
            return this.closeable;
        }
    }

    @BuildStep(onlyIfNot = {IsNormal.class}, onlyIf = {GlobalDevServicesConfig.Enabled.class})
    public void startVaultContainers(BuildProducer<DevServicesConfigResultBuildItem> buildProducer, VaultBuildTimeConfig vaultBuildTimeConfig, Optional<ConsoleInstalledBuildItem> optional, LaunchModeBuildItem launchModeBuildItem, CuratedApplicationShutdownBuildItem curatedApplicationShutdownBuildItem, LoggingSetupBuildItem loggingSetupBuildItem, GlobalDevServicesConfig globalDevServicesConfig) {
        DevServicesConfig devServicesConfig = vaultBuildTimeConfig.devservices;
        if (closeable != null) {
            if (!(!devServicesConfig.equals(capturedDevServicesConfiguration))) {
                return;
            }
            try {
                closeable.close();
            } catch (Throwable th) {
                log.error("Failed to stop Vault container", th);
            }
            closeable = null;
            capturedDevServicesConfiguration = null;
        }
        capturedDevServicesConfiguration = devServicesConfig;
        StartupLogCompressor startupLogCompressor = new StartupLogCompressor((launchModeBuildItem.isTest() ? "(test) " : "") + "Vault Dev Services Starting:", optional, loggingSetupBuildItem);
        try {
            VaultInstance startContainer = startContainer(devServicesConfig, launchModeBuildItem, globalDevServicesConfig.timeout);
            if (startContainer != null) {
                closeable = startContainer.getCloseable();
                buildProducer.produce(new DevServicesConfigResultBuildItem(URL_CONFIG_KEY, startContainer.url));
                buildProducer.produce(new DevServicesConfigResultBuildItem(CLIENT_TOKEN_CONFIG_KEY, startContainer.clientToken));
                if (startContainer.isOwner()) {
                    log.info("Dev Services for Vault started.");
                    log.infof("Other Quarkus applications in dev mode will find the instance automatically. For Quarkus applications in production mode, you can connect to this by starting your application with -D%s=%s -D%s=%s", new Object[]{URL_CONFIG_KEY, startContainer.url, CLIENT_TOKEN_CONFIG_KEY, startContainer.clientToken});
                }
            }
            startupLogCompressor.close();
            if (first) {
                first = false;
                curatedApplicationShutdownBuildItem.addCloseTask(new Runnable() { // from class: io.quarkus.vault.deployment.DevServicesVaultProcessor.1
                    @Override // java.lang.Runnable
                    public void run() {
                        if (DevServicesVaultProcessor.closeable != null) {
                            try {
                                DevServicesVaultProcessor.closeable.close();
                            } catch (Throwable th2) {
                                DevServicesVaultProcessor.log.error("Failed to stop Vault container", th2);
                            }
                            DevServicesVaultProcessor.closeable = null;
                            DevServicesVaultProcessor.log.info("Dev Services for Vault shut down.");
                        }
                        DevServicesVaultProcessor.first = true;
                        DevServicesVaultProcessor.capturedDevServicesConfiguration = null;
                    }
                }, true);
            }
        } catch (Throwable th2) {
            startupLogCompressor.closeAndDumpCaptured();
            throw new RuntimeException(th2);
        }
    }

    private VaultInstance startContainer(DevServicesConfig devServicesConfig, LaunchModeBuildItem launchModeBuildItem, Optional<Duration> optional) {
        if (!devServicesConfig.enabled) {
            log.debug("Not starting devservices for Vault as it has been disabled in the config");
            return null;
        }
        if (!(!ConfigUtils.isPropertyPresent(URL_CONFIG_KEY))) {
            log.debug("Not starting devservices for default Vault client as url has been provided");
            return null;
        }
        if (!this.isDockerWorking.getAsBoolean()) {
            log.warn("Please configure Vault URL or get a working docker instance");
            return null;
        }
        ConfiguredVaultContainer configuredVaultContainer = (ConfiguredVaultContainer) new ConfiguredVaultContainer(DockerImageName.parse((String) devServicesConfig.imageName.orElse(VAULT_IMAGE)).asCompatibleSubstituteFor(VAULT_IMAGE), devServicesConfig.port, devServicesConfig.serviceName).withVaultToken(DEV_SERVICE_TOKEN);
        configuredVaultContainer.withNetwork(Network.SHARED);
        if (devServicesConfig.transitEnabled) {
            configuredVaultContainer.withInitCommand(new String[]{"secrets enable transit"});
        }
        if (devServicesConfig.pkiEnabled) {
            configuredVaultContainer.withInitCommand(new String[]{"secrets enable pki"});
        }
        devServicesConfig.initCommands.ifPresent(list -> {
            Objects.requireNonNull(configuredVaultContainer);
            list.forEach(str -> {
            });
        });
        return (VaultInstance) vaultContainerLocator.locateContainer(devServicesConfig.serviceName, devServicesConfig.shared, launchModeBuildItem.getLaunchMode()).map(containerAddress -> {
            return new VaultInstance(containerAddress.getHost(), containerAddress.getPort(), DEV_SERVICE_TOKEN, null);
        }).orElseGet(() -> {
            Objects.requireNonNull(configuredVaultContainer);
            optional.ifPresent(configuredVaultContainer::withStartupTimeout);
            configuredVaultContainer.start();
            String host = configuredVaultContainer.getHost();
            int port = configuredVaultContainer.getPort();
            Objects.requireNonNull(configuredVaultContainer);
            return new VaultInstance(host, port, DEV_SERVICE_TOKEN, configuredVaultContainer::close);
        });
    }
}
