package org.jenkinsci.plugins.nomad;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.google.common.base.Strings;
import hudson.Extension;
import hudson.model.Computer;
import hudson.model.Descriptor;
import hudson.model.Label;
import hudson.model.Node;
import hudson.security.ACL;
import hudson.slaves.AbstractCloudImpl;
import hudson.slaves.Cloud;
import hudson.slaves.NodeProvisioner;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import hudson.util.Secret;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.model.Jenkins;
import jenkins.slaves.JnlpAgentReceiver;
import okhttp3.HttpUrl;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.plugins.nomad.Api.JobInfo;
import org.jenkinsci.plugins.nomad.Api.JobSummary;
import org.jenkinsci.plugins.plaincredentials.StringCredentials;
import org.json.JSONObject;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;

/* loaded from: input_file:WEB-INF/lib/nomad.jar:org/jenkinsci/plugins/nomad/NomadCloud.class */
public class NomadCloud extends AbstractCloudImpl {
    private static final Logger LOGGER = Logger.getLogger(NomadCloud.class.getName());
    private final String nomadUrl;
    private final String nomadACLCredentialsId;
    private final boolean prune;
    private final boolean tlsEnabled;
    private final String clientCertificate;
    private final Secret clientPassword;
    private final String serverCertificate;
    private final Secret serverPassword;
    private final int workerTimeout;
    private final List<NomadWorkerTemplate> templates;
    private transient NomadApi nomad;
    private transient int pending;
    private transient String jenkinsUrl;
    private transient String jenkinsTunnel;
    private transient String workerUrl;

    @Extension
    /* loaded from: input_file:WEB-INF/lib/nomad.jar:org/jenkinsci/plugins/nomad/NomadCloud$DescriptorImpl.class */
    public static final class DescriptorImpl extends Descriptor<Cloud> {
        public DescriptorImpl() {
            load();
        }

        public String getDisplayName() {
            return "Nomad";
        }

        @POST
        public FormValidation doTestConnection(@QueryParameter String str, @QueryParameter boolean z, @QueryParameter String str2, @QueryParameter String str3, @QueryParameter String str4, @QueryParameter String str5, @QueryParameter String str6) {
            ((Jenkins) Objects.requireNonNull(Jenkins.get())).checkPermission(Jenkins.ADMINISTER);
            return new NomadApi(new NomadCloud("check-connection-" + UUID.randomUUID(), str, z, str2, Secret.fromString(str3), str4, Secret.fromString(str5), 1, str6, false, null)).checkConnection();
        }

        @POST
        public FormValidation doCheckName(@QueryParameter String str) {
            ((Jenkins) Objects.requireNonNull(Jenkins.get())).checkPermission(Jenkins.ADMINISTER);
            return Strings.isNullOrEmpty(str) ? FormValidation.error("Name must be set") : FormValidation.ok();
        }

        public ListBoxModel doFillNomadACLCredentialsIdItems(@QueryParameter("nomadACLCredentialsId") String str) {
            return !Jenkins.get().hasPermission(Jenkins.ADMINISTER) ? new StandardListBoxModel().includeCurrentValue(str) : new StandardListBoxModel().withEmptySelection().withMatching(CredentialsMatchers.always(), CredentialsProvider.lookupCredentials(StringCredentials.class, Jenkins.get(), ACL.SYSTEM, Collections.emptyList()));
        }
    }

    /* loaded from: input_file:WEB-INF/lib/nomad.jar:org/jenkinsci/plugins/nomad/NomadCloud$ProvisioningCallback.class */
    private class ProvisioningCallback implements Callable<Node> {
        String workerName;
        NomadWorkerTemplate template;
        NomadCloud cloud;

        public ProvisioningCallback(String str, NomadWorkerTemplate nomadWorkerTemplate, NomadCloud nomadCloud) {
            this.workerName = str;
            this.template = nomadWorkerTemplate;
            this.cloud = nomadCloud;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public Node call() throws Exception {
            NomadWorker nomadWorker = new NomadWorker(this.workerName, NomadCloud.this.name, this.template.getLabels(), this.template.getNumExecutors(), this.template.getIdleTerminationInMinutes(), this.template.isReusable(), this.template.getRemoteFs());
            Jenkins.get().addNode(nomadWorker);
            String mac = JnlpAgentReceiver.SLAVE_SECRET.mac(this.workerName);
            NomadCloud.LOGGER.log(Level.INFO, "Asking Nomad to schedule new Jenkins worker");
            JSONObject jSONObject = new JSONObject(NomadCloud.this.nomad.startWorker(this.workerName, mac, this.template)).getJSONObject("Job");
            String optString = jSONObject.optString("Namespace");
            if (!optString.equals(HttpUrl.FRAGMENT_ENCODE_SET)) {
                nomadWorker.setNamespace(optString);
            }
            nomadWorker.setRegion(jSONObject.optString("Region"));
            Callable callable = () -> {
                try {
                    NomadCloud.LOGGER.log(Level.INFO, "Worker scheduled, waiting for connection");
                    ((Computer) Objects.requireNonNull(nomadWorker.toComputer())).waitUntilOnline();
                    return true;
                } catch (InterruptedException e) {
                    NomadCloud.LOGGER.log(Level.SEVERE, "Waiting for connection was interrupted");
                    return false;
                }
            };
            ExecutorService newCachedThreadPool = Executors.newCachedThreadPool();
            Future submit = newCachedThreadPool.submit(callable);
            try {
                try {
                    submit.get(this.cloud.workerTimeout, TimeUnit.MINUTES);
                    NomadCloud.LOGGER.log(Level.INFO, "Connection established");
                    submit.cancel(true);
                    newCachedThreadPool.shutdown();
                    NomadCloud.this.pending -= this.template.getNumExecutors();
                    return nomadWorker;
                } catch (Exception e) {
                    NomadCloud.LOGGER.log(Level.SEVERE, "Worker computer did not come online within " + NomadCloud.this.workerTimeout + " minutes, terminating worker" + nomadWorker);
                    nomadWorker.terminate();
                    throw new RuntimeException("Timed out waiting for agent to start up. Timeout: " + NomadCloud.this.workerTimeout + " minutes.");
                }
            } catch (Throwable th) {
                submit.cancel(true);
                newCachedThreadPool.shutdown();
                NomadCloud.this.pending -= this.template.getNumExecutors();
                throw th;
            }
        }
    }

    @DataBoundConstructor
    public NomadCloud(String str, String str2, boolean z, String str3, Secret secret, String str4, Secret secret2, int i, String str5, boolean z2, List<NomadWorkerTemplate> list) {
        super(str, (String) null);
        this.pending = 0;
        this.nomadACLCredentialsId = str5;
        this.nomadUrl = str2;
        this.workerTimeout = i;
        this.tlsEnabled = z;
        this.clientCertificate = str3;
        this.clientPassword = secret;
        this.serverCertificate = str4;
        this.serverPassword = secret2;
        this.prune = z2;
        this.templates = (List) Optional.ofNullable(list).orElse(new ArrayList());
        readResolve();
    }

    private static String secretFor(String str) {
        List filter = CredentialsMatchers.filter(CredentialsProvider.lookupCredentials(StringCredentials.class, Jenkins.get(), ACL.SYSTEM, Collections.emptyList()), CredentialsMatchers.withId(StringUtils.trimToEmpty(str)));
        if (filter.size() > 0) {
            return ((StringCredentials) filter.get(0)).getSecret().getPlainText();
        }
        return null;
    }

    private Object readResolve() {
        this.nomad = new NomadApi(this);
        MigrationHelper.migrate(this);
        return this;
    }

    public Collection<NodeProvisioner.PlannedNode> provision(Label label, int i) {
        ArrayList arrayList = new ArrayList();
        NomadWorkerTemplate template = getTemplate(label);
        if (template != null) {
            if (this.prune) {
                pruneOrphanedWorkers(template);
            }
            while (i > 0) {
                try {
                    LOGGER.log(Level.INFO, "Excess workload of " + i + ", provisioning new Jenkins worker on Nomad cluster");
                    String createWorkerName = template.createWorkerName();
                    arrayList.add(new NodeProvisioner.PlannedNode(createWorkerName, NomadComputer.threadPoolForRemoting.submit(new ProvisioningCallback(createWorkerName, template, this)), template.getNumExecutors()));
                    i -= template.getNumExecutors();
                    this.pending += template.getNumExecutors();
                } catch (Exception e) {
                    LOGGER.log(Level.SEVERE, "Unable to schedule new Jenkins worker on Nomad cluster, message: " + e.getMessage());
                }
            }
            return arrayList;
        }
        return Collections.emptyList();
    }

    private void pruneOrphanedWorkers(NomadWorkerTemplate nomadWorkerTemplate) {
        for (JobInfo jobInfo : this.nomad.getRunningWorkers(nomadWorkerTemplate.getPrefix())) {
            if (jobInfo.getStatus().equalsIgnoreCase("running")) {
                LOGGER.log(Level.FINE, "Found worker: " + jobInfo.getName() + " - " + jobInfo.getID());
                if (Jenkins.get().getNode(jobInfo.getName()) == null) {
                    JobSummary jobSummary = jobInfo.getJobSummary();
                    String namespace = jobInfo.getJobSummary().getNamespace();
                    String string = this.nomad.getRunningWorker(jobSummary.getJobID(), namespace).getString("Region");
                    this.nomad.stopWorker(jobInfo.getID(), namespace, string);
                    LOGGER.log(Level.FINE, "Found Orphaned Node: " + jobInfo.getID() + " in namespace " + namespace + " in region " + string);
                }
            }
        }
    }

    public NomadWorkerTemplate getTemplate(Label label) {
        for (NomadWorkerTemplate nomadWorkerTemplate : this.templates) {
            if (label != null || nomadWorkerTemplate.getLabels().isEmpty()) {
                if ((label == null && nomadWorkerTemplate.getLabels().isEmpty()) || (label != null && label.matches(Label.parse(nomadWorkerTemplate.getLabels())))) {
                    return nomadWorkerTemplate;
                }
            }
        }
        return null;
    }

    public boolean canProvision(Label label) {
        return Optional.ofNullable(getTemplate(label)).isPresent();
    }

    public String getName() {
        return this.name;
    }

    public String getNomadUrl() {
        return this.nomadUrl;
    }

    public int getWorkerTimeout() {
        return this.workerTimeout;
    }

    public String getNomadACLCredentialsId() {
        return this.nomadACLCredentialsId;
    }

    public String getNomadACL() {
        return secretFor(getNomadACLCredentialsId());
    }

    public boolean isPrune() {
        return this.prune;
    }

    public List<NomadWorkerTemplate> getTemplates() {
        return this.templates;
    }

    public void setNomad(NomadApi nomadApi) {
        this.nomad = nomadApi;
    }

    public int getPending() {
        return this.pending;
    }

    public NomadApi nomad() {
        return this.nomad;
    }

    public boolean isTlsEnabled() {
        return this.tlsEnabled;
    }

    public String getClientCertificate() {
        return this.clientCertificate;
    }

    public Secret getClientPassword() {
        return this.clientPassword;
    }

    public String getServerCertificate() {
        return this.serverCertificate;
    }

    public Secret getServerPassword() {
        return this.serverPassword;
    }
}
