package io.jenkins.plugins.step;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.EnvVars;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.Run;
import hudson.security.ACL;
import hudson.util.ArgumentListBuilder;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import jenkins.model.Jenkins;
import org.jenkinsci.plugins.plaincredentials.FileCredentials;
import org.jenkinsci.plugins.workflow.steps.BodyExecutionCallback;
import org.jenkinsci.plugins.workflow.steps.EnvironmentExpander;
import org.jenkinsci.plugins.workflow.steps.Step;
import org.jenkinsci.plugins.workflow.steps.StepContext;
import org.jenkinsci.plugins.workflow.steps.StepDescriptor;
import org.jenkinsci.plugins.workflow.steps.StepExecution;
import org.json.JSONObject;
import org.kohsuke.stapler.DataBoundConstructor;

/* loaded from: input_file:io/jenkins/plugins/step/WithGCPStep.class */
public class WithGCPStep extends Step {
    private final String credentialsId;

    @Extension
    /* loaded from: input_file:io/jenkins/plugins/step/WithGCPStep$Descriptor.class */
    public static class Descriptor extends StepDescriptor {
        public Set<? extends Class<?>> getRequiredContext() {
            return Set.of(EnvVars.class, Run.class, Launcher.class, FilePath.class);
        }

        public String getFunctionName() {
            return "withGCP";
        }

        @NonNull
        public String getDisplayName() {
            return "Set GCP credentials for nested block";
        }

        public boolean takesImplicitBlockArgument() {
            return true;
        }
    }

    /* loaded from: input_file:io/jenkins/plugins/step/WithGCPStep$WithGCPExecution.class */
    private static class WithGCPExecution extends StepExecution {
        private final String credentialsId;

        /* loaded from: input_file:io/jenkins/plugins/step/WithGCPStep$WithGCPExecution$ExpanderImpl.class */
        private static class ExpanderImpl extends EnvironmentExpander {
            private final Map<String, String> envVars;

            private ExpanderImpl(Map<String, String> map) {
                this.envVars = map;
            }

            public void expand(@NonNull EnvVars envVars) {
                envVars.overrideAll(this.envVars);
            }
        }

        WithGCPExecution(StepContext stepContext, String str) {
            super(stepContext);
            this.credentialsId = str;
        }

        public boolean start() throws Exception {
            StepContext context = getContext();
            FileCredentials fileCredentials = getFileCredentials();
            if (fileCredentials == null) {
                throw new IllegalArgumentException("Couldn't find credentials file with id " + this.credentialsId);
            }
            Launcher launcher = (Launcher) context.get(Launcher.class);
            FilePath filePath = (FilePath) context.get(FilePath.class);
            filePath.mkdirs();
            FilePath tempFile = getTempFile(fileCredentials, filePath);
            ArgumentListBuilder argumentListBuilder = new ArgumentListBuilder();
            argumentListBuilder.add(new String[]{"gcloud", "auth", "activate-service-account", "--key-file=" + tempFile});
            if (launcher.launch().cmds(argumentListBuilder).pwd(filePath).quiet(true).join() != 0) {
                tempFile.delete();
                throw new IllegalArgumentException("Failed to authenticate to GCP using credentials file with id " + this.credentialsId);
            }
            EnvVars envVars = (EnvVars) context.get(EnvVars.class);
            envVars.put("GOOGLE_APPLICATION_CREDENTIALS", this.credentialsId);
            String extractProjectId = extractProjectId(tempFile);
            if (extractProjectId != null) {
                envVars.put("CLOUDSDK_CORE_PROJECT", extractProjectId);
            }
            context.newBodyInvoker().withContext(EnvironmentExpander.merge((EnvironmentExpander) context.get(EnvironmentExpander.class), new ExpanderImpl(envVars))).withCallback(BodyExecutionCallback.wrap(context)).start();
            tempFile.delete();
            return false;
        }

        private static FilePath getTempFile(FileCredentials fileCredentials, FilePath filePath) throws IOException {
            try {
                FilePath createTempFile = filePath.createTempFile(UUID.randomUUID().toString(), ".json");
                createTempFile.copyFrom(fileCredentials.getContent());
                return createTempFile;
            } catch (InterruptedException e) {
                throw new RuntimeException(e);
            }
        }

        private FileCredentials getFileCredentials() {
            return (FileCredentials) CredentialsProvider.lookupCredentialsInItemGroup(FileCredentials.class, Jenkins.get(), ACL.SYSTEM2, List.of()).stream().filter(fileCredentials -> {
                return this.credentialsId.equals(fileCredentials.getId());
            }).findFirst().orElse(null);
        }

        private static String extractProjectId(FilePath filePath) {
            try {
                return new JSONObject(filePath.readToString()).getString("project_id");
            } catch (IOException | InterruptedException e) {
                return null;
            }
        }
    }

    @DataBoundConstructor
    public WithGCPStep(String str) {
        this.credentialsId = str;
    }

    public String getCredentialsId() {
        return this.credentialsId;
    }

    public StepExecution start(StepContext stepContext) {
        return new WithGCPExecution(stepContext, this.credentialsId);
    }
}
