package org.kuali.common.devops.ci;

import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Region;
import com.amazonaws.services.ec2.model.Image;
import com.amazonaws.services.ec2.model.Instance;
import com.amazonaws.services.ec2.model.InstanceType;
import com.amazonaws.services.ec2.model.Tag;
import com.amazonaws.services.ec2.model.VolumeType;
import com.google.common.base.Joiner;
import com.google.common.base.Optional;
import com.google.common.base.Stopwatch;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.junit.Test;
import org.kuali.common.aws.ec2.api.EC2Service;
import org.kuali.common.aws.ec2.impl.DefaultEC2Service;
import org.kuali.common.aws.ec2.model.CreateAMIRequest;
import org.kuali.common.aws.ec2.model.Distro;
import org.kuali.common.aws.ec2.model.EC2ServiceContext;
import org.kuali.common.aws.ec2.model.ImmutableTag;
import org.kuali.common.aws.ec2.model.LaunchInstanceContext;
import org.kuali.common.aws.ec2.model.Regions;
import org.kuali.common.aws.ec2.model.RootVolume;
import org.kuali.common.aws.ec2.model.security.KualiSecurityGroup;
import org.kuali.common.aws.model.AWS;
import org.kuali.common.core.ssh.KeyPair;
import org.kuali.common.core.ssh.KeyPairs;
import org.kuali.common.core.ssh.PublicKey;
import org.kuali.common.core.system.VirtualSystem;
import org.kuali.common.devops.aws.EncryptedAWSCredentials;
import org.kuali.common.devops.aws.EncryptedKeyPairs;
import org.kuali.common.devops.aws.NamedSecurityGroups;
import org.kuali.common.devops.aws.Tags;
import org.kuali.common.devops.ci.model.BasicLaunchRequest;
import org.kuali.common.devops.ci.model.Constants;
import org.kuali.common.devops.ci.model.JenkinsContext;
import org.kuali.common.devops.project.KualiDevOpsProjectConstants;
import org.kuali.common.util.FormatUtils;
import org.kuali.common.util.base.Exceptions;
import org.kuali.common.util.base.Precondition;
import org.kuali.common.util.channel.api.SecureChannel;
import org.kuali.common.util.channel.model.RemoteFile;
import org.kuali.common.util.encrypt.Encryption;
import org.kuali.common.util.encrypt.Encryptor;
import org.kuali.common.util.log.Loggers;
import org.kuali.common.util.project.model.ProjectIdentifier;
import org.kuali.common.util.wait.DefaultWaitService;
import org.slf4j.Logger;

/* loaded from: input_file:org/kuali/common/devops/ci/CreateBuildSlaveAMI.class */
public class CreateBuildSlaveAMI {
    private final Stopwatch sw = Stopwatch.createStarted();
    private final List<KualiSecurityGroup> securityGroups = ImmutableList.of(NamedSecurityGroups.CI.getGroup(), NamedSecurityGroups.CI_BUILD_SLAVE.getGroup());
    private final int minimumAmisToKeep = 7;
    private final Encryptor encryptor = Encryption.getDefaultEncryptor();
    private static final int DEFAULT_ROOT_VOLUME_SIZE = 256;
    private static final Logger logger = Loggers.newLogger();
    private static final SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
    private static final String today = format.format(new Date());
    private static final String buildNumber = getBuildNumber();
    public static final String CI_SLAVE_STARTS_WITH_TOKEN = "ci.slave";
    public static final Tag name = new ImmutableTag("Name", String.format("%s.%s-build-%s", CI_SLAVE_STARTS_WITH_TOKEN, today, buildNumber));
    public static final KeyPair DEVOPS_KEYPAIR = KeyPairs.decryptedCopy(Encryption.getDefaultEncryptor(), EncryptedKeyPairs.ENCRYPTED_KEY_PAIR_DEVOPS.getPair());
    public static final Map<String, JenkinsContext> CONTEXTS = SpinUpJenkinsMaster.getJenkinsContexts(Tags.Name.SLAVE_TEMPLATE);
    public static final Set<String> US_REGIONS = ImmutableSet.of(Regions.US_EAST_1.getName(), Regions.US_WEST_1.getName(), Regions.US_WEST_2.getName());

    /* loaded from: input_file:org/kuali/common/devops/ci/CreateBuildSlaveAMI$ImageTagsComparator.class */
    public static class ImageTagsComparator implements Comparator<Image> {
        @Override // java.util.Comparator
        public int compare(Image image, Image image2) {
            Precondition.checkNotNull(image.getTags(), "one.tags");
            Precondition.checkNotNull(image2.getTags(), "two.tags");
            return CreateBuildSlaveAMI.findRequiredTag(image.getTags(), CreateBuildSlaveAMI.name.getKey(), CreateBuildSlaveAMI.CI_SLAVE_STARTS_WITH_TOKEN).getValue().compareTo(CreateBuildSlaveAMI.findRequiredTag(image2.getTags(), CreateBuildSlaveAMI.name.getKey(), CreateBuildSlaveAMI.CI_SLAVE_STARTS_WITH_TOKEN).getValue());
        }
    }

    @Test
    public void test() throws Exception {
        VirtualSystem build = VirtualSystem.build();
        logger.info(String.format("build slave ami process :: starting", new Object[0]));
        boolean z = !StringUtils.equalsIgnoreCase(build.getProperties().getProperty("ec2.quiet"), "false");
        JenkinsContext jenkinsContext = SpinUpJenkinsMaster.getJenkinsContext(build, CONTEXTS);
        BasicLaunchRequest basicLaunchRequest = getBasicLaunchRequest(jenkinsContext);
        ProjectIdentifier projectIdentifier = KualiDevOpsProjectConstants.KUALI_DEVOPS_PID;
        EC2Service eC2Service = getEC2Service(EncryptedAWSCredentials.ENCRYPTED_AWS_CREDENTIALS_FOUNDATION, jenkinsContext.getRegion());
        List<Tag> slaveTags = getSlaveTags(jenkinsContext);
        Instance launchAndWait = launchAndWait(eC2Service, jenkinsContext, basicLaunchRequest, this.securityGroups, slaveTags, jenkinsContext.getRegion().getName());
        configureInstance(eC2Service, launchAndWait, slaveTags, projectIdentifier, z, DEVOPS_KEYPAIR.getPrivateKey(), jenkinsContext.getDnsPrefix(), getJenkinsMaster(jenkinsContext), jenkinsContext);
        createAndPropagateAMI(launchAndWait, eC2Service, basicLaunchRequest, jenkinsContext.getStack().getTag());
        logger.info(String.format("build slave ami process :: complete - [%s]", FormatUtils.getTime(this.sw)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getJenkinsMaster(JenkinsContext jenkinsContext) {
        return Joiner.on('.').join(jenkinsContext.getDnsPrefix(), Constants.DOMAIN, new Object[0]);
    }

    protected void configureInstance(EC2Service eC2Service, Instance instance, List<Tag> list, ProjectIdentifier projectIdentifier, boolean z, String str, String str2, String str3, JenkinsContext jenkinsContext) throws Exception {
        eC2Service.tag(instance.getInstanceId(), list);
        logger.info(String.format("public dns: %s", instance.getPublicDnsName()));
        String publicDnsName = instance.getPublicDnsName();
        SpinUpJenkinsMaster.verifySSH(Constants.UBUNTU, publicDnsName, str);
        SpinUpJenkinsMaster.bootstrap(publicDnsName, str);
        SecureChannel openSecureChannel = SpinUpJenkinsMaster.openSecureChannel(Constants.ROOT, publicDnsName, str, z);
        String publishProject = SpinUpJenkinsMaster.publishProject(openSecureChannel, projectIdentifier, Constants.ROOT, publicDnsName, z);
        String decrypt = this.encryptor.decrypt(Constants.AES_PASSPHRASE_ENCRYPTED);
        String str4 = z ? "-q" : "";
        setupEssentials(openSecureChannel, publishProject, projectIdentifier, Constants.DISTRO, Constants.DISTRO_VERSION, decrypt, str2, str4);
        String value = jenkinsContext.getStack().getTag().getValue();
        String resource = SpinUpJenkinsMaster.getResource(publishProject, projectIdentifier, Constants.DISTRO, Constants.DISTRO_VERSION, "jenkins/configurecommon");
        String resource2 = SpinUpJenkinsMaster.getResource(publishProject, projectIdentifier, Constants.DISTRO, Constants.DISTRO_VERSION, "jenkins/configureslave");
        SpinUpJenkinsMaster.exec(openSecureChannel, resource, str4, str3, value, decrypt);
        SpinUpJenkinsMaster.exec(openSecureChannel, resource2, str4, str3);
        logger.info(String.format("oracle xe ->  %s", "https://svn.kuali.org/repos/foundation/tags/kuali-puppet-oracle-0.0.1-beta/bootstrap.sh"));
        SpinUpJenkinsMaster.exec(openSecureChannel, "curl", "-sSL", "https://svn.kuali.org/repos/foundation/tags/kuali-puppet-oracle-0.0.1-beta/bootstrap.sh", "|", "bash", "-s", decrypt);
        cacheBinaries(openSecureChannel, publishProject, projectIdentifier);
        openSecureChannel.close();
        eC2Service.stopInstance(instance.getInstanceId());
    }

    private String createAndPropagateAMI(Instance instance, EC2Service eC2Service, BasicLaunchRequest basicLaunchRequest, Tag tag) {
        String format2 = String.format("automated ec2 slave ami - %s", today);
        ImmutableTag immutableTag = new ImmutableTag(name.getKey(), name.getValue() + "-" + tag.getValue());
        CreateAMIRequest.Builder builder = CreateAMIRequest.builder();
        builder.withInstanceId(instance.getInstanceId());
        builder.withName(immutableTag);
        builder.withRootVolume(basicLaunchRequest.getRootVolume());
        builder.withTimeoutMillis(basicLaunchRequest.getTimeoutMillis());
        builder.withDescription(format2).build();
        Image createAmi = eC2Service.createAmi(builder.build());
        eC2Service.tag(createAmi.getImageId(), tag);
        info("created %s - %s", createAmi.getImageId(), FormatUtils.getTime(this.sw));
        info("terminating instance [%s]", instance.getInstanceId());
        eC2Service.terminateInstance(instance.getInstanceId());
        cleanupAmis(eC2Service, tag, 7);
        return createAmi.getImageId();
    }

    protected void copyAmi(String str, Set<String> set, String str2, Tag tag) {
        for (String str3 : set) {
            if (!str3.equals(str)) {
                DefaultEC2Service defaultEC2Service = new DefaultEC2Service(AWS.decryptedCopy(this.encryptor, EncryptedAWSCredentials.ENCRYPTED_AWS_CREDENTIALS_FOUNDATION), str3);
                defaultEC2Service.tag(defaultEC2Service.copyAmi(str, str2), tag);
                cleanupAmis(defaultEC2Service, tag, 7);
            }
        }
    }

    protected void cacheBinaries(SecureChannel secureChannel, String str, ProjectIdentifier projectIdentifier) {
        RemoteFile remoteExecutableJar = SpinUpJenkinsMaster.getRemoteExecutableJar(projectIdentifier.getArtifactId());
        logger.info(String.format("caching released kuali binaries", new Object[0]));
        List asList = Arrays.asList("-jar", remoteExecutableJar.getAbsolutePath());
        logger.info(String.format("%s %s", "java", Joiner.on(' ').join(asList)));
        SpinUpJenkinsMaster.exec(secureChannel, "java", (List<String>) asList);
    }

    protected static void setupEssentials(SecureChannel secureChannel, String str, ProjectIdentifier projectIdentifier, Distro distro, String str2, String str3, String str4, String str5) {
        String resource = SpinUpJenkinsMaster.getResource(str, projectIdentifier, distro, str2, "common/configurebasics");
        String resource2 = SpinUpJenkinsMaster.getResource(str, projectIdentifier, distro, str2, "common/installjava");
        String resource3 = SpinUpJenkinsMaster.getResource(str, projectIdentifier, distro, str2, "common/installs3fs");
        SpinUpJenkinsMaster.exec(secureChannel, resource, str5);
        SpinUpJenkinsMaster.exec(secureChannel, resource2, str5, "jdk6", System.getProperty("jdk6.version", Constants.JDK6_VERSION), str3);
        SpinUpJenkinsMaster.exec(secureChannel, resource2, str5, "jdk7", System.getProperty("jdk7.version", Constants.JDK7_VERSION), str3);
        SpinUpJenkinsMaster.exec(secureChannel, resource2, str5, "jdk8", System.getProperty("jdk8.version", Constants.JDK8_VERSION), str3);
        SpinUpJenkinsMaster.exec(secureChannel, resource3, str5, System.getProperty("s3fs.version", Constants.S3FS_VERSION), str3);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static BasicLaunchRequest getBasicLaunchRequest(JenkinsContext jenkinsContext) {
        BasicLaunchRequest.Builder builder = BasicLaunchRequest.builder();
        builder.setTimeoutMillis(FormatUtils.getMillisAsInt("2h"));
        builder.setAmi(SpinUpJenkinsMaster.getDefaultAMI(jenkinsContext.getRegion()));
        builder.setRootVolume(RootVolume.build(DEFAULT_ROOT_VOLUME_SIZE, true, VolumeType.Gp2));
        return getBasicLaunchRequest(builder.m39build());
    }

    protected static BasicLaunchRequest getBasicLaunchRequest(BasicLaunchRequest basicLaunchRequest) {
        Properties properties = VirtualSystem.build().getProperties();
        String property = properties.getProperty("ec2.ami", basicLaunchRequest.getAmi());
        return BasicLaunchRequest.builder().withAmi(property).withRootVolume(RootVolume.build(Integer.parseInt(properties.getProperty("ec2.size", basicLaunchRequest.getRootVolume().getSizeInGigabytes().get() + "")), ((Boolean) basicLaunchRequest.getRootVolume().getDeleteOnTermination().get()).booleanValue(), VolumeType.fromValue(properties.getProperty("ec2.rootVolumeType", basicLaunchRequest.getRootVolume().getType().get() + "")))).withTimeoutMillis(FormatUtils.getMillisAsInt(properties.getProperty("ec2.timeout", basicLaunchRequest.getTimeoutMillis() + ""))).withType(InstanceType.fromValue(properties.getProperty("ec2.type", basicLaunchRequest.getType().toString()))).m39build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void cleanupAmis(EC2Service eC2Service, Tag tag, int i) {
        List<Image> filteredImages = getFilteredImages(eC2Service.getMyImages(), tag, Tags.Name.SLAVE.getTag().getKey(), CI_SLAVE_STARTS_WITH_TOKEN);
        Collections.sort(filteredImages, new ImageTagsComparator());
        Collections.reverse(filteredImages);
        info("cleaning up AMI's in region -> %s", eC2Service.getRegion());
        for (Image image : filteredImages) {
            logger.debug(String.format("slave ami   -> %s = [%s]", findRequiredTag(image.getTags(), name.getKey(), CI_SLAVE_STARTS_WITH_TOKEN).getValue(), image.getImageId()));
        }
        ArrayList<Image> newArrayList = Lists.newArrayList();
        for (int i2 = i; i2 < filteredImages.size(); i2++) {
            newArrayList.add(filteredImages.get(i2));
        }
        Collections.sort(newArrayList, new ImageTagsComparator());
        logger.info(String.format("slave ami's ->  total -> %s", Integer.valueOf(filteredImages.size())));
        logger.info(String.format("slave ami's -> retain -> %s", Integer.valueOf(i)));
        logger.info(String.format("slave ami's -> delete -> %s", Integer.valueOf(newArrayList.size())));
        for (Image image2 : newArrayList) {
            logger.info(String.format("slave ami   -> delete -> %s - [%s]", image2.getImageId(), findRequiredTag(image2.getTags(), name.getKey(), CI_SLAVE_STARTS_WITH_TOKEN).getValue()));
            eC2Service.purgeAmi(image2.getImageId());
        }
    }

    protected static Tag findRequiredTag(List<Tag> list, String str, String str2) {
        String value;
        Precondition.checkNotBlank(str2, "prefix");
        Precondition.checkNotBlank(str, "tagKey");
        for (Tag tag : list) {
            if (str.equals(tag.getKey()) && (value = tag.getValue()) != null && value.startsWith(str2)) {
                return tag;
            }
        }
        throw Exceptions.illegalState("Unable to locate tag %s", new Object[]{str});
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static List<Image> getFilteredImages(List<Image> list, Tag tag, String str, String str2) {
        ArrayList newArrayList = Lists.newArrayList();
        for (Image image : list) {
            List tags = image.getTags();
            if (matches((List<Tag>) tags, str, str2) && exactMatch(tag, tags)) {
                newArrayList.add(image);
            }
        }
        return newArrayList;
    }

    protected static boolean exactMatch(Tag tag, List<Tag> list) {
        Precondition.checkNotNull(list, "tags");
        Precondition.checkNotNull(tag, "tag");
        for (Tag tag2 : list) {
            boolean equals = tag.getKey().equals(tag2.getKey());
            boolean equals2 = tag.getValue().equals(tag2.getValue());
            if (equals && equals2) {
                return true;
            }
        }
        return false;
    }

    protected static boolean matches(List<Tag> list, String str, String str2) {
        Precondition.checkNotNull(list, "tags");
        Precondition.checkNotBlank(str, "key");
        Precondition.checkNotBlank(str2, "prefix");
        Iterator<Tag> it = list.iterator();
        while (it.hasNext()) {
            if (matches(it.next(), str, str2)) {
                return true;
            }
        }
        return false;
    }

    protected static boolean matches(Tag tag, String str, String str2) {
        String value;
        return str.equals(tag.getKey()) && (value = tag.getValue()) != null && value.startsWith(str2);
    }

    protected static List<Tag> getSlaveTags(JenkinsContext jenkinsContext) {
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(jenkinsContext.getName().getTag());
        newArrayList.addAll(getCommonTags(jenkinsContext.getStack().getTag()));
        return ImmutableList.copyOf(newArrayList);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static List<Tag> getCommonTags(Tag tag) {
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(Tags.Team.DEVOPS.getTag());
        newArrayList.add(Tags.Vendor.JENKINS.getTag());
        newArrayList.add(Tags.Project.SHARED.getTag());
        newArrayList.add(tag);
        return ImmutableList.copyOf(newArrayList);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Instance launchAndWait(EC2Service eC2Service, JenkinsContext jenkinsContext, BasicLaunchRequest basicLaunchRequest, List<KualiSecurityGroup> list, List<Tag> list2, String str) {
        String property = System.getProperty("instance");
        if (StringUtils.isNotBlank(property)) {
            logger.info(String.format("use existing instance -> %s", property));
            return eC2Service.getInstance(property);
        }
        logger.info(String.format("launch instance -> [%s zone:%s] %s %s %sgb", str, jenkinsContext.getAvailabilityZone(), basicLaunchRequest.getAmi(), basicLaunchRequest.getType().toString(), basicLaunchRequest.getRootVolume().getSizeInGigabytes().get()));
        LaunchInstanceContext.Builder builder = LaunchInstanceContext.builder(basicLaunchRequest.getAmi(), PublicKey.builder().withName(DEVOPS_KEYPAIR.getName()).withValue(DEVOPS_KEYPAIR.getPublicKey()).build());
        builder.withTimeoutMillis(basicLaunchRequest.getTimeoutMillis()).withType(basicLaunchRequest.getType());
        builder.withRootVolume(basicLaunchRequest.getRootVolume()).withSecurityGroups(list).withTags(list2);
        builder.withAvailabilityZone(Optional.of(jenkinsContext.getAvailabilityZone()));
        builder.withEbsOptimized(true);
        LaunchInstanceContext build = builder.build();
        boolean isEbsOptimized = build.isEbsOptimized();
        VolumeType volumeType = (VolumeType) ((RootVolume) build.getRootVolume().get()).getType().get();
        logger.info(String.format("ebs optimized   -> %s", Boolean.valueOf(isEbsOptimized)));
        logger.info(String.format("volume type     -> %s", volumeType));
        return eC2Service.launchInstance(build);
    }

    protected static Map<String, EC2Service> getServiceMap(AWSCredentials aWSCredentials, Set<String> set) {
        HashMap newHashMap = Maps.newHashMap();
        for (String str : set) {
            newHashMap.put(str, new DefaultEC2Service(aWSCredentials, str));
        }
        return newHashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static EC2Service getEC2Service(AWSCredentials aWSCredentials, Region region) {
        AWSCredentials decryptedCopy = AWS.decryptedCopy(Encryption.getDefaultEncryptor(), aWSCredentials);
        return new DefaultEC2Service(new EC2ServiceContext.Builder(decryptedCopy).withRegion(region.getName()).build(), new DefaultWaitService());
    }

    protected static void info(String str, Object... objArr) {
        if (objArr == null) {
            logger.info(str);
        } else {
            logger.info(String.format(str, objArr));
        }
    }

    protected static String getBuildNumber() {
        Optional fromNullable = Optional.fromNullable(System.getenv("BUILD_NUMBER"));
        return fromNullable.isPresent() ? org.apache.commons.lang.StringUtils.leftPad(Long.parseLong((String) fromNullable.get()) + "", 4, "0") : (System.currentTimeMillis() / 60000) + "";
    }
}
