package com.microsoft.jenkins.containeragents.aci;

import com.azure.resourcemanager.AzureResourceManager;
import com.azure.resourcemanager.containerinstance.models.ContainerGroup;
import com.azure.resourcemanager.resources.models.Deployment;
import com.azure.resourcemanager.resources.models.DeploymentMode;
import com.azure.resourcemanager.resources.models.Deployments;
import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.microsoft.jenkins.containeragents.PodEnvVar;
import com.microsoft.jenkins.containeragents.aci.AciCleanTask;
import com.microsoft.jenkins.containeragents.aci.volumes.AzureFileVolume;
import com.microsoft.jenkins.containeragents.util.AzureContainerUtils;
import com.microsoft.jenkins.containeragents.util.Constants;
import com.microsoft.jenkins.containeragents.util.DockerRegistryUtils;
import hudson.EnvVars;
import hudson.security.ACL;
import hudson.slaves.SlaveComputer;
import java.io.InputStream;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeoutException;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.time.StopWatch;
import org.jenkinsci.main.modules.instance_identity.InstanceIdentity;
import org.jenkinsci.plugins.docker.commons.credentials.DockerRegistryEndpoint;

/* loaded from: input_file:WEB-INF/lib/azure-container-agents.jar:com/microsoft/jenkins/containeragents/aci/AciService.class */
public final class AciService {
    private static final Logger LOGGER = Logger.getLogger(AciService.class.getName());
    private static final String DEPLOY_TEMPLATE_FILENAME = "/com/microsoft/jenkins/containeragents/aci/deployTemplate.json";

    public static void createDeployment(AciCloud aciCloud, AciContainerTemplate aciContainerTemplate, AciAgent aciAgent, StopWatch stopWatch) throws Exception {
        ContainerGroup containerGroup;
        String deploymentName = getDeploymentName(aciContainerTemplate);
        InputStream resourceAsStream = AciService.class.getResourceAsStream(DEPLOY_TEMPLATE_FILENAME);
        Throwable th = null;
        try {
            AzureResourceManager azureClient = aciCloud.getAzureClient();
            ObjectMapper objectMapper = new ObjectMapper();
            JsonNode readTree = objectMapper.readTree(resourceAsStream);
            ObjectNode createObjectNode = objectMapper.createObjectNode();
            ObjectNode objectNode = readTree.get("variables");
            objectNode.put("containerName", aciAgent.getNodeName());
            objectNode.put("containerImage", aciContainerTemplate.getImage());
            objectNode.put("osType", aciContainerTemplate.getOsType());
            objectNode.put("ipType", mapIpType(aciContainerTemplate.isUsePrivateIpAddress()));
            objectNode.put("cpu", aciContainerTemplate.getCpu());
            objectNode.put("memory", aciContainerTemplate.getMemory());
            objectNode.put("jenkinsInstance", Jenkins.get().getLegacyInstanceId());
            addLogAnalytics(readTree, createObjectNode, objectMapper, aciCloud);
            addCommandNode(readTree, aciContainerTemplate.getCommand(), aciAgent);
            for (AciPort aciPort : aciContainerTemplate.getPorts()) {
                if (!StringUtils.isBlank(aciPort.getPort())) {
                    addPortNode(readTree, objectMapper, aciPort.getPort());
                }
            }
            if (aciContainerTemplate.getLaunchMethodType().equals(Constants.LAUNCH_METHOD_SSH)) {
                addPortNode(readTree, objectMapper, String.valueOf(aciContainerTemplate.getSshPort()));
            }
            addEnvNode(readTree, objectMapper, aciContainerTemplate.getEnvVars());
            Iterator<DockerRegistryEndpoint> it = aciContainerTemplate.getPrivateRegistryCredentials().iterator();
            while (it.hasNext()) {
                addImageRegistryCredentialNode(readTree, objectMapper, it.next());
            }
            for (AzureFileVolume azureFileVolume : aciContainerTemplate.getVolumes()) {
                if (!StringUtils.isBlank(azureFileVolume.getMountPath()) && !StringUtils.isBlank(azureFileVolume.getShareName()) && !StringUtils.isBlank(azureFileVolume.getCredentialsId())) {
                    addAzureFileVolumeNode(readTree, objectMapper, azureFileVolume);
                }
            }
            AciCleanTask.DeploymentRegistrar.getInstance().registerDeployment(aciCloud.getName(), aciCloud.getResourceGroup(), deploymentName);
            ((Deployment.DefinitionStages.WithTemplate) ((Deployment.DefinitionStages.Blank) azureClient.deployments().define(deploymentName)).withExistingResourceGroup(aciCloud.getResourceGroup())).withTemplate(readTree.toString()).withParameters(createObjectNode.toString()).withMode(DeploymentMode.INCREMENTAL).beginCreate();
            aciAgent.setDeployName(deploymentName);
            LOGGER.log(Level.INFO, "Waiting for deployment {0}", deploymentName);
            while (!AzureContainerUtils.isTimeout(aciContainerTemplate.getTimeout(), stopWatch.getTime())) {
                Deployment deployment = (Deployment) azureClient.deployments().getByResourceGroup(aciCloud.getResourceGroup(), deploymentName);
                if (deployment.provisioningState().equalsIgnoreCase("succeeded")) {
                    LOGGER.log(Level.INFO, "Deployment {0} succeed", deploymentName);
                    if (resourceAsStream != null) {
                        if (0 == 0) {
                            resourceAsStream.close();
                            return;
                        }
                        try {
                            resourceAsStream.close();
                            return;
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                            return;
                        }
                    }
                    return;
                }
                if (deployment.provisioningState().equalsIgnoreCase("Failed")) {
                    throw new Exception(String.format("Deployment %s status: Failed", deploymentName));
                }
                if (AzureContainerUtils.isHalfTimePassed(aciContainerTemplate.getTimeout(), stopWatch.getTime()) && (containerGroup = (ContainerGroup) azureClient.containerGroups().getByResourceGroup(aciCloud.getResourceGroup(), aciAgent.getNodeName())) != null) {
                    LOGGER.log(Level.INFO, "Logs from container {0}: {1}", new Object[]{aciAgent.getNodeName(), containerGroup.getLogContent(aciAgent.getNodeName())});
                }
                Thread.sleep(10000L);
            }
            throw new TimeoutException("Deployment timeout");
        } catch (Throwable th3) {
            if (resourceAsStream != null) {
                if (0 != 0) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    resourceAsStream.close();
                }
            }
            throw th3;
        }
    }

    private static String mapIpType(boolean z) {
        return z ? "Private" : "Public";
    }

    private static void addPortNode(JsonNode jsonNode, ObjectMapper objectMapper, String str) {
        JsonNode jsonNode2 = jsonNode.get("resources").get(0).get("properties");
        ArrayNode arrayNode = jsonNode2.get("containers").get(0).get("properties").get("ports");
        ArrayNode arrayNode2 = jsonNode2.get("ipAddress").get("ports");
        ObjectNode createObjectNode = objectMapper.createObjectNode();
        createObjectNode.put("port", str);
        arrayNode.add(createObjectNode);
        ObjectNode createObjectNode2 = objectMapper.createObjectNode();
        createObjectNode2.put("protocol", "tcp");
        createObjectNode2.put("port", str);
        arrayNode2.add(createObjectNode2);
    }

    private static void addCommandNode(JsonNode jsonNode, String[] strArr) {
        ArrayNode arrayNode = jsonNode.get("resources").get(0).get("properties").get("containers").get(0).get("properties").get("command");
        for (String str : strArr) {
            arrayNode.add(str);
        }
    }

    private static void addCommandNode(JsonNode jsonNode, String str, AciAgent aciAgent) {
        if (StringUtils.isBlank(str)) {
            return;
        }
        addCommandNode(jsonNode, StringUtils.split(commandReplace(str, aciAgent), ' '));
    }

    private static void addLogAnalytics(JsonNode jsonNode, ObjectNode objectNode, ObjectMapper objectMapper, AciCloud aciCloud) {
        StandardUsernamePasswordCredentials firstOrNull;
        if (StringUtils.isBlank(aciCloud.getLogAnalyticsCredentialsId()) || (firstOrNull = CredentialsMatchers.firstOrNull(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM, Collections.emptyList()), CredentialsMatchers.withId(aciCloud.getLogAnalyticsCredentialsId()))) == null) {
            return;
        }
        defineParameter(jsonNode, "workspaceKey", "secureString", objectMapper);
        putParameter(objectNode, "workspaceKey", firstOrNull.getPassword().getPlainText(), objectMapper);
        ObjectNode createObjectNode = objectMapper.createObjectNode();
        ObjectNode createObjectNode2 = objectMapper.createObjectNode();
        createObjectNode2.put("workspaceId", firstOrNull.getUsername());
        createObjectNode2.put("logType", "ContainerInstanceLogs");
        createObjectNode2.put("workspaceKey", "[parameters('workspaceKey')]");
        createObjectNode.set("logAnalytics", createObjectNode2);
        jsonNode.get("resources").get(0).get("properties").set("diagnostics", createObjectNode);
    }

    private static void putParameter(ObjectNode objectNode, String str, String str2, ObjectMapper objectMapper) {
        ObjectNode createObjectNode = objectMapper.createObjectNode();
        createObjectNode.put("value", str2);
        objectNode.set(str, createObjectNode);
    }

    private static void defineParameter(JsonNode jsonNode, String str, String str2, ObjectMapper objectMapper) {
        ObjectNode createObjectNode = objectMapper.createObjectNode();
        createObjectNode.put("type", str2);
        jsonNode.get("parameters").set(str, createObjectNode);
    }

    private static void addImageRegistryCredentialNode(JsonNode jsonNode, ObjectMapper objectMapper, DockerRegistryEndpoint dockerRegistryEndpoint) {
        StandardUsernamePasswordCredentials firstOrNull;
        if (StringUtils.isBlank(dockerRegistryEndpoint.getCredentialsId()) || (firstOrNull = CredentialsMatchers.firstOrNull(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM, Collections.emptyList()), CredentialsMatchers.withId(dockerRegistryEndpoint.getCredentialsId()))) == null) {
            return;
        }
        ArrayNode arrayNode = jsonNode.get("resources").get(0).get("properties").get("imageRegistryCredentials");
        ObjectNode createObjectNode = objectMapper.createObjectNode();
        createObjectNode.put("server", StringUtils.isBlank(dockerRegistryEndpoint.getUrl()) ? "index.docker.io" : DockerRegistryUtils.formatUrlToWithoutProtocol(dockerRegistryEndpoint.getUrl()));
        createObjectNode.put("username", firstOrNull.getUsername());
        createObjectNode.put("password", firstOrNull.getPassword().getPlainText());
        arrayNode.add(createObjectNode);
    }

    private static void addEnvNode(JsonNode jsonNode, ObjectMapper objectMapper, List<PodEnvVar> list) {
        ArrayNode arrayNode = jsonNode.get("resources").get(0).get("properties").get("containers").get(0).get("properties").get("environmentVariables");
        for (PodEnvVar podEnvVar : list) {
            if (!StringUtils.isBlank(podEnvVar.getKey())) {
                ObjectNode createObjectNode = objectMapper.createObjectNode();
                createObjectNode.put("name", podEnvVar.getKey());
                createObjectNode.put("value", podEnvVar.getValue());
                arrayNode.add(createObjectNode);
            }
        }
    }

    private static void addAzureFileVolumeNode(JsonNode jsonNode, ObjectMapper objectMapper, AzureFileVolume azureFileVolume) {
        ArrayNode arrayNode = jsonNode.get("resources").get(0).get("properties").get("containers").get(0).get("properties").get("volumeMounts");
        ArrayNode arrayNode2 = jsonNode.get("resources").get(0).get("properties").get("volumes");
        ObjectNode createObjectNode = objectMapper.createObjectNode();
        String generateName = AzureContainerUtils.generateName("volume", 3);
        createObjectNode.put("name", generateName);
        createObjectNode.put("mountPath", azureFileVolume.getMountPath());
        arrayNode.add(createObjectNode);
        ObjectNode createObjectNode2 = objectMapper.createObjectNode();
        createObjectNode2.put("shareName", azureFileVolume.getShareName());
        createObjectNode2.put("storageAccountName", azureFileVolume.getStorageAccountName());
        createObjectNode2.put("storageAccountKey", azureFileVolume.getStorageAccountKey());
        ObjectNode createObjectNode3 = objectMapper.createObjectNode();
        createObjectNode3.put("name", generateName);
        createObjectNode3.set("azureFile", createObjectNode2);
        arrayNode2.add(createObjectNode3);
    }

    private static String commandReplace(String str, AciAgent aciAgent) {
        String rootUrl = Jenkins.get().getRootUrl();
        String nodeName = aciAgent.getNodeName();
        SlaveComputer computer = aciAgent.getComputer();
        if (computer == null) {
            throw new IllegalStateException("Agent must be online at this point");
        }
        return new EnvVars(buildCommand(str, rootUrl, nodeName, computer.getJnlpMac())).expand(str);
    }

    private static Map<String, String> buildCommand(String str, String str2, String str3, String str4) {
        HashMap hashMap = new HashMap();
        if (str.contains("${rootUrl}")) {
            hashMap.put("rootUrl", str2);
        }
        if (str.contains("${nodeName}")) {
            hashMap.put("nodeName", str3);
        }
        if (str.contains("${secret}")) {
            hashMap.put("secret", str4);
        }
        if (str.contains("${instanceIdentity}")) {
            hashMap.put("instanceIdentity", Base64.getEncoder().encodeToString(InstanceIdentity.get().getPublic().getEncoded()));
        }
        return hashMap;
    }

    private static String getDeploymentName(AciContainerTemplate aciContainerTemplate) {
        return AzureContainerUtils.generateName(aciContainerTemplate.getName(), 8);
    }

    public static void deleteAciContainerGroup(String str, String str2, String str3, String str4) {
        try {
            AzureResourceManager azureClient = AzureContainerUtils.getAzureClient(str);
            azureClient.containerGroups().deleteByResourceGroup(str2, str3);
            LOGGER.log(Level.INFO, "Delete ACI Container Group: {0} successfully", str3);
            if (str4 != null) {
                try {
                    Deployments deployments = azureClient.deployments();
                    Deployment deployment = (Deployment) deployments.getByResourceGroup(str2, str4);
                    if (deployment != null) {
                        String provisioningState = deployment.provisioningState();
                        LOGGER.fine(() -> {
                            return String.format("Checking deployment: %s, provisioning state: %s", str4, provisioningState);
                        });
                        if (provisioningState.equalsIgnoreCase("succeeded")) {
                            deployments.deleteByResourceGroup(str2, str4);
                            LOGGER.log(Level.INFO, "Delete ACI deployment: {0} successfully", str4);
                        }
                    } else {
                        LOGGER.fine(() -> {
                            return String.format("Skipped deployment: %s as we couldn't find it", str4);
                        });
                    }
                } catch (Exception e) {
                    LOGGER.log(Level.WARNING, String.format("Delete ACI deployment: %s failed", str4), (Throwable) e);
                }
            }
        } catch (Exception e2) {
            LOGGER.log(Level.WARNING, String.format("Delete ACI Container Group: %s failed", str3), (Throwable) e2);
        }
    }

    private AciService() {
    }
}
