package io.alauda.jenkins.devops.support.client;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import io.alauda.jenkins.devops.support.KubernetesCluster;
import io.alauda.jenkins.devops.support.exception.KubernetesClientException;
import io.alauda.jenkins.devops.support.utils.CredentialsUtils;
import io.kubernetes.client.ApiClient;
import io.kubernetes.client.util.Config;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import okio.Buffer;
import org.apache.commons.lang.StringUtils;
import org.jenkinsci.remoting.util.Charsets;

/* loaded from: input_file:io/alauda/jenkins/devops/support/client/Clients.class */
public final class Clients {
    private static final Logger logger = Logger.getLogger(Clients.class.getName());

    private Clients() {
    }

    @Nonnull
    public static ApiClient createClientFromCluster(@Nonnull KubernetesCluster kubernetesCluster) throws KubernetesClientException {
        if (StringUtils.isEmpty(kubernetesCluster.getMasterUrl())) {
            try {
                return Config.fromCluster();
            } catch (IOException e) {
                logger.log(Level.SEVERE, String.format("Unable to create a client from local cluster, reason %s", e.getMessage()), (Throwable) e);
                throw new KubernetesClientException(e);
            }
        }
        String str = "";
        try {
            str = StringUtils.isEmpty(kubernetesCluster.getCredentialsId()) ? getTokenFromLocalCluster() : CredentialsUtils.getToken(kubernetesCluster.getCredentialsId());
        } catch (IOException | GeneralSecurityException e2) {
            logger.log(Level.WARNING, String.format("Unable to get token for k8s client, reason %s", e2.getMessage()), (Throwable) e2);
        }
        ApiClient fromToken = Config.fromToken(kubernetesCluster.getMasterUrl(), str, !kubernetesCluster.isSkipTlsVerify());
        if (!kubernetesCluster.isSkipTlsVerify()) {
            try {
                Buffer buffer = new Buffer();
                if (StringUtils.isEmpty(kubernetesCluster.getServerCertificateAuthority())) {
                    buffer.writeUtf8(getCAFromLocalCluster());
                } else if (new File(kubernetesCluster.getServerCertificateAuthority()).isFile()) {
                    buffer.write(Files.readAllBytes(Paths.get(kubernetesCluster.getServerCertificateAuthority(), new String[0])));
                } else {
                    buffer.writeUtf8(kubernetesCluster.getServerCertificateAuthority());
                }
                if (buffer.size() != 0) {
                    fromToken.setSslCaCert(buffer.inputStream());
                }
            } catch (IOException e3) {
                logger.log(Level.WARNING, String.format("Unable to get ca for k8s client, reason %s", e3.getMessage()), (Throwable) e3);
            }
        }
        return fromToken;
    }

    public static ApiClient createClientFromConfig(String str, String str2, String str3, boolean z) throws KubernetesClientException {
        KubernetesCluster kubernetesCluster = new KubernetesCluster();
        kubernetesCluster.setMasterUrl(str);
        kubernetesCluster.setCredentialsId(str2);
        kubernetesCluster.setServerCertificateAuthority(str3);
        kubernetesCluster.setSkipTlsVerify(z);
        return createClientFromCluster(kubernetesCluster);
    }

    @Nonnull
    @SuppressFBWarnings(value = {"DMI_HARDCODED_ABSOLUTE_FILENAME"}, justification = "I know what I'm doing")
    private static String getTokenFromLocalCluster() throws IOException {
        if (Files.exists(Paths.get("/var/run/secrets/kubernetes.io/serviceaccount/token", new String[0]), new LinkOption[0])) {
            return new String(Files.readAllBytes(Paths.get("/var/run/secrets/kubernetes.io/serviceaccount/token", new String[0])), Charsets.UTF_8);
        }
        throw new FileNotFoundException(String.format("Unable to get token from %s", "/var/run/secrets/kubernetes.io/serviceaccount/token"));
    }

    @Nonnull
    @SuppressFBWarnings(value = {"DMI_HARDCODED_ABSOLUTE_FILENAME"}, justification = "I know what I'm doing")
    private static String getCAFromLocalCluster() throws IOException {
        if (Files.exists(Paths.get("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt", new String[0]), new LinkOption[0])) {
            return new String(Files.readAllBytes(Paths.get("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt", new String[0])), Charsets.UTF_8);
        }
        throw new FileNotFoundException(String.format("Unable to get CA from %s", "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"));
    }
}
