package com.google.jenkins.plugins.k8sengine;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.google.api.services.cloudresourcemanager.model.Project;
import com.google.api.services.compute.model.Zone;
import com.google.api.services.container.model.Cluster;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.jenkins.plugins.credentials.oauth.GoogleOAuth2Credentials;
import com.google.jenkins.plugins.k8sengine.KubectlWrapper;
import com.google.jenkins.plugins.k8sengine.Manifests;
import com.google.jenkins.plugins.k8sengine.client.ClientFactory;
import com.google.jenkins.plugins.k8sengine.client.ContainerClient;
import hudson.AbortException;
import hudson.Extension;
import hudson.FilePath;
import hudson.Launcher;
import hudson.model.AbstractProject;
import hudson.model.Item;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.security.ACL;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.BuildStepMonitor;
import hudson.tasks.Builder;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import java.io.IOException;
import java.io.PrintStream;
import java.io.Serializable;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import jenkins.model.Jenkins;
import jenkins.tasks.SimpleBuildStep;
import org.jenkinsci.Symbol;
import org.kohsuke.stapler.AncestorInPath;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;

/* loaded from: input_file:com/google/jenkins/plugins/k8sengine/KubernetesEngineBuilder.class */
public class KubernetesEngineBuilder extends Builder implements SimpleBuildStep, Serializable {
    static final String EMPTY_NAME = "- none -";
    static final String EMPTY_VALUE = "";
    static final int DEFAULT_VERIFY_TIMEOUT_MINUTES = 5;
    static final String METRICS_LABEL_KEY = "app.kubernetes.io/managed-by";
    static final String METRICS_LABEL_VALUE = "graphite-jenkins-gke";
    private String credentialsId;
    private String projectId;
    private String zone;
    private String clusterName;
    private String manifestPattern;
    private boolean verifyDeployments;
    private int verifyTimeoutInMinutes = DEFAULT_VERIFY_TIMEOUT_MINUTES;
    private boolean verifyServices;
    private boolean isTestCleanup;
    private LinkedList<KubeConfigAfterBuildStep> afterBuildStepStack;
    private static final Logger LOGGER = Logger.getLogger(KubernetesEngineBuilder.class.getName());
    static final ImmutableSet<String> METRICS_TARGET_TYPES = ImmutableSet.of("Deployment", "Service", "ReplicaSet");

    @Extension
    @Symbol({"kubernetesEngineDeploy"})
    /* loaded from: input_file:com/google/jenkins/plugins/k8sengine/KubernetesEngineBuilder$DescriptorImpl.class */
    public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
        private ClientFactory clientFactory;

        @Nonnull
        public String getDisplayName() {
            return Messages.KubernetesEngineBuilder_DisplayName();
        }

        public boolean isApplicable(Class<? extends AbstractProject> cls) {
            return true;
        }

        @VisibleForTesting
        ClientFactory getClientFactory(Jenkins jenkins, String str) throws AbortException {
            if (this.clientFactory == null || !this.clientFactory.getCredentialsId().equals(str)) {
                this.clientFactory = new ClientFactory(jenkins, str);
            }
            return this.clientFactory;
        }

        public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Jenkins jenkins) {
            return (jenkins == null || !jenkins.hasPermission(Item.CONFIGURE)) ? new StandardListBoxModel() : new StandardListBoxModel().includeEmptyValue().includeMatchingAs(ACL.SYSTEM, jenkins, StandardCredentials.class, Collections.emptyList(), CredentialsMatchers.instanceOf(GoogleOAuth2Credentials.class));
        }

        public FormValidation doCheckCredentialsId(@AncestorInPath Jenkins jenkins, @QueryParameter("credentialsId") String str) {
            if (str.isEmpty()) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_NoCredential());
            }
            try {
                getClientFactory(jenkins, str);
                return FormValidation.ok();
            } catch (AbortException | RuntimeException e) {
                KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_CredentialAuthFailed(), e);
                return FormValidation.error(Messages.KubernetesEngineBuilder_CredentialAuthFailed());
            }
        }

        public ListBoxModel doFillProjectIdItems(@AncestorInPath Jenkins jenkins, @QueryParameter("projectId") String str, @QueryParameter("credentialsId") String str2) {
            ListBoxModel listBoxModel = new ListBoxModel();
            listBoxModel.add(KubernetesEngineBuilder.EMPTY_NAME, KubernetesEngineBuilder.EMPTY_VALUE);
            if (Strings.isNullOrEmpty(str2)) {
                return listBoxModel;
            }
            try {
                ClientFactory clientFactory = getClientFactory(jenkins, str2);
                String defaultProjectId = clientFactory.getDefaultProjectId();
                try {
                    ImmutableList<Project> accountProjects = clientFactory.cloudResourceManagerClient().getAccountProjects();
                    if (accountProjects.isEmpty()) {
                        return listBoxModel;
                    }
                    accountProjects.stream().filter(project -> {
                        return !project.getProjectId().equals(defaultProjectId);
                    }).forEach(project2 -> {
                        listBoxModel.add(project2.getProjectId());
                    });
                    if (Strings.isNullOrEmpty(defaultProjectId)) {
                        KubernetesEngineBuilder.selectOption(listBoxModel, str);
                        return listBoxModel;
                    }
                    if (accountProjects.size() == listBoxModel.size() && Strings.isNullOrEmpty(str)) {
                        listBoxModel.add(new ListBoxModel.Option(defaultProjectId, defaultProjectId, true));
                    } else {
                        listBoxModel.add(defaultProjectId);
                        KubernetesEngineBuilder.selectOption(listBoxModel, str);
                    }
                    return listBoxModel;
                } catch (IOException e) {
                    KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_ProjectIDFillError(), (Throwable) e);
                    listBoxModel.clear();
                    listBoxModel.add(Messages.KubernetesEngineBuilder_ProjectIDFillError(), KubernetesEngineBuilder.EMPTY_VALUE);
                    return listBoxModel;
                }
            } catch (AbortException | RuntimeException e2) {
                KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_CredentialAuthFailed(), e2);
                listBoxModel.clear();
                listBoxModel.add(Messages.KubernetesEngineBuilder_CredentialAuthFailed(), KubernetesEngineBuilder.EMPTY_VALUE);
                return listBoxModel;
            }
        }

        public FormValidation doCheckProjectId(@AncestorInPath Jenkins jenkins, @QueryParameter("projectId") String str, @QueryParameter("credentialsId") String str2) {
            if (Strings.isNullOrEmpty(str2) && Strings.isNullOrEmpty(str)) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_ProjectIDRequired());
            }
            if (Strings.isNullOrEmpty(str2)) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_ProjectCredentialIDRequired());
            }
            try {
                try {
                    return Strings.isNullOrEmpty(str) ? FormValidation.error(Messages.KubernetesEngineBuilder_ProjectIDRequired()) : !getClientFactory(jenkins, str2).cloudResourceManagerClient().getAccountProjects().stream().filter(project -> {
                        return str.equals(project.getProjectId());
                    }).findFirst().isPresent() ? FormValidation.error(Messages.KubernetesEngineBuilder_ProjectIDNotUnderCredential()) : FormValidation.ok();
                } catch (IOException e) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ProjectIDVerificationError());
                }
            } catch (AbortException | RuntimeException e2) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_CredentialAuthFailed());
            }
        }

        public ListBoxModel doFillZoneItems(@AncestorInPath Jenkins jenkins, @QueryParameter("zone") String str, @QueryParameter("credentialsId") String str2, @QueryParameter("projectId") String str3) {
            ListBoxModel listBoxModel = new ListBoxModel();
            listBoxModel.add(KubernetesEngineBuilder.EMPTY_NAME, KubernetesEngineBuilder.EMPTY_VALUE);
            if (Strings.isNullOrEmpty(str3) || Strings.isNullOrEmpty(str2)) {
                return listBoxModel;
            }
            try {
                try {
                    ImmutableList<Zone> zones = getClientFactory(jenkins, str2).computeClient().getZones(str3);
                    if (zones.isEmpty()) {
                        return listBoxModel;
                    }
                    zones.forEach(zone -> {
                        listBoxModel.add(zone.getName());
                    });
                    KubernetesEngineBuilder.selectOption(listBoxModel, str);
                    return listBoxModel;
                } catch (IOException e) {
                    KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_ZoneFillError(), (Throwable) e);
                    listBoxModel.clear();
                    listBoxModel.add(Messages.KubernetesEngineBuilder_ZoneFillError(), KubernetesEngineBuilder.EMPTY_VALUE);
                    return listBoxModel;
                }
            } catch (AbortException | RuntimeException e2) {
                KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_CredentialAuthFailed(), e2);
                listBoxModel.clear();
                listBoxModel.add(Messages.KubernetesEngineBuilder_CredentialAuthFailed(), KubernetesEngineBuilder.EMPTY_VALUE);
                return listBoxModel;
            }
        }

        public FormValidation doCheckZone(@AncestorInPath Jenkins jenkins, @QueryParameter("zone") String str, @QueryParameter("credentialsId") String str2, @QueryParameter("projectId") String str3) {
            if (Strings.isNullOrEmpty(str2) && Strings.isNullOrEmpty(str)) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_ZoneRequired());
            }
            if (Strings.isNullOrEmpty(str2)) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_ZoneCredentialIDRequired());
            }
            try {
                ClientFactory clientFactory = getClientFactory(jenkins, str2);
                if (Strings.isNullOrEmpty(str3) && Strings.isNullOrEmpty(str)) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ZoneRequired());
                }
                if (Strings.isNullOrEmpty(str3)) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ZoneProjectIDRequired());
                }
                try {
                    return Strings.isNullOrEmpty(str) ? FormValidation.error(Messages.KubernetesEngineBuilder_ZoneRequired()) : !clientFactory.computeClient().getZones(str3).stream().filter(zone -> {
                        return str.equalsIgnoreCase(zone.getName());
                    }).findFirst().isPresent() ? FormValidation.error(Messages.KubernetesEngineBuilder_ZoneNotInProject()) : FormValidation.ok();
                } catch (IOException e) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ZoneVerificationError());
                }
            } catch (AbortException | RuntimeException e2) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_CredentialAuthFailed());
            }
        }

        public ListBoxModel doFillClusterNameItems(@AncestorInPath Jenkins jenkins, @QueryParameter("clusterName") String str, @QueryParameter("credentialsId") String str2, @QueryParameter("projectId") String str3, @QueryParameter("zone") String str4) {
            ListBoxModel listBoxModel = new ListBoxModel();
            listBoxModel.add(KubernetesEngineBuilder.EMPTY_NAME, KubernetesEngineBuilder.EMPTY_VALUE);
            if (Strings.isNullOrEmpty(str2) || Strings.isNullOrEmpty(str3) || Strings.isNullOrEmpty(str4)) {
                return listBoxModel;
            }
            try {
                try {
                    List<Cluster> listClusters = getClientFactory(jenkins, str2).containerClient().listClusters(str3, str4);
                    if (listClusters.isEmpty()) {
                        return listBoxModel;
                    }
                    listClusters.forEach(cluster -> {
                        listBoxModel.add(cluster.getName());
                    });
                    KubernetesEngineBuilder.selectOption(listBoxModel, str);
                    return listBoxModel;
                } catch (IOException e) {
                    KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_ClusterFillError(), (Throwable) e);
                    listBoxModel.clear();
                    listBoxModel.add(Messages.KubernetesEngineBuilder_ClusterFillError(), KubernetesEngineBuilder.EMPTY_VALUE);
                    return listBoxModel;
                }
            } catch (AbortException | RuntimeException e2) {
                KubernetesEngineBuilder.LOGGER.log(Level.SEVERE, Messages.KubernetesEngineBuilder_CredentialAuthFailed(), e2);
                listBoxModel.clear();
                listBoxModel.add(Messages.KubernetesEngineBuilder_CredentialAuthFailed(), KubernetesEngineBuilder.EMPTY_VALUE);
                return listBoxModel;
            }
        }

        public FormValidation doCheckClusterName(@AncestorInPath Jenkins jenkins, @QueryParameter("clusterName") String str, @QueryParameter("credentialsId") String str2, @QueryParameter("projectId") String str3, @QueryParameter("zone") String str4) {
            if (Strings.isNullOrEmpty(str2) && Strings.isNullOrEmpty(str)) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_ClusterRequired());
            }
            if (Strings.isNullOrEmpty(str2)) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_ClusterCredentialIDRequired());
            }
            try {
                ClientFactory clientFactory = getClientFactory(jenkins, str2);
                if ((Strings.isNullOrEmpty(str3) || Strings.isNullOrEmpty(str4)) && Strings.isNullOrEmpty(str)) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ClusterRequired());
                }
                if (Strings.isNullOrEmpty(str3)) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ClusterProjectIDRequired());
                }
                if (Strings.isNullOrEmpty(str4)) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ClusterZoneRequired());
                }
                try {
                    List<Cluster> listClusters = clientFactory.containerClient().listClusters(str3, str4);
                    return Strings.isNullOrEmpty(str) ? FormValidation.error(Messages.KubernetesEngineBuilder_ClusterRequired()) : listClusters.size() == 0 ? FormValidation.error(Messages.KubernetesEngineBuilder_NoClusterInProjectZone()) : !listClusters.stream().filter(cluster -> {
                        return str.equals(cluster.getName());
                    }).findFirst().isPresent() ? FormValidation.error(Messages.KubernetesEngineBuilder_ClusterNotInProjectZone()) : FormValidation.ok();
                } catch (IOException e) {
                    return FormValidation.error(Messages.KubernetesEngineBuilder_ClusterVerificationError());
                }
            } catch (AbortException | RuntimeException e2) {
                return FormValidation.error(Messages.KubernetesEngineBuilder_CredentialAuthFailed());
            }
        }

        public FormValidation doCheckManifestPattern(@QueryParameter("manifestPattern") String str) {
            return Strings.isNullOrEmpty(str) ? FormValidation.error(Messages.KubernetesEngineBuilder_ManifestRequired()) : FormValidation.ok();
        }

        public FormValidation doCheckVerifyTimeoutInMinutes(@QueryParameter("verifyTimeoutInMinutes") String str) {
            return Strings.isNullOrEmpty(str) ? FormValidation.error(Messages.KubernetesEngineBuilder_VerifyTimeoutInMinutesRequired()) : !str.matches("([1-9]\\d*)") ? FormValidation.error(Messages.KubernetesEngineBuilder_VerifyTimeoutInMinutesFormatError()) : FormValidation.ok();
        }
    }

    @FunctionalInterface
    /* loaded from: input_file:com/google/jenkins/plugins/k8sengine/KubernetesEngineBuilder$KubeConfigAfterBuildStep.class */
    interface KubeConfigAfterBuildStep extends Serializable {
        void perform(KubeConfig kubeConfig, Run<?, ?> run, FilePath filePath, Launcher launcher, TaskListener taskListener) throws AbortException, InterruptedException, IOException;
    }

    @DataBoundConstructor
    public KubernetesEngineBuilder() {
    }

    public String getCredentialsId() {
        return this.credentialsId;
    }

    @DataBoundSetter
    public void setCredentialsId(String str) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str));
        this.credentialsId = str;
    }

    public String getProjectId() {
        return this.projectId;
    }

    @DataBoundSetter
    public void setProjectId(String str) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str));
        this.projectId = str;
    }

    public String getZone() {
        return this.zone;
    }

    @DataBoundSetter
    public void setZone(String str) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str));
        this.zone = str;
    }

    public String getClusterName() {
        return this.clusterName;
    }

    @DataBoundSetter
    public void setClusterName(String str) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str));
        this.clusterName = str;
    }

    public String getManifestPattern() {
        return this.manifestPattern;
    }

    @DataBoundSetter
    public void setManifestPattern(String str) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str));
        this.manifestPattern = str;
    }

    @DataBoundSetter
    public void setVerifyDeployments(boolean z) {
        this.verifyDeployments = z;
    }

    public boolean isVerifyDeployments() {
        return this.verifyDeployments;
    }

    @DataBoundSetter
    public void setVerifyServices(boolean z) {
        this.verifyServices = z;
    }

    public boolean isVerifyServices() {
        return this.verifyServices;
    }

    public int getVerifyTimeoutInMinutes() {
        return this.verifyTimeoutInMinutes;
    }

    @DataBoundSetter
    public void setVerifyTimeoutInMinutes(int i) {
        this.verifyTimeoutInMinutes = i;
    }

    @VisibleForTesting
    void pushAfterBuildStep(KubeConfigAfterBuildStep kubeConfigAfterBuildStep) {
        if (this.afterBuildStepStack == null) {
            this.afterBuildStepStack = new LinkedList<>();
        }
        this.afterBuildStepStack.push(kubeConfigAfterBuildStep);
    }

    public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull Launcher launcher, @Nonnull TaskListener taskListener) throws InterruptedException, IOException {
        LinkedList<KubeConfigAfterBuildStep> linkedList;
        boolean isEmpty;
        LOGGER.log(Level.INFO, String.format("GKE Deploying, projectId: %s cluster: %s zone: %s", this.projectId, this.clusterName, this.zone));
        KubeConfig fromCluster = KubeConfig.fromCluster(this.projectId, getContainerClient(this.credentialsId).getCluster(this.projectId, this.zone, this.clusterName));
        KubectlWrapper build = new KubectlWrapper.Builder().workspace(filePath).launcher(launcher).kubeConfig(fromCluster).build();
        FilePath child = filePath.child(this.manifestPattern);
        addMetricsLabel(child);
        build.runKubectlCommand("apply", ImmutableList.of("-f", child.getRemote()));
        try {
            if (this.verifyDeployments && !verify(build, this.manifestPattern, filePath, taskListener.getLogger())) {
                throw new AbortException(Messages.KubernetesEngineBuilder_KubernetesObjectsNotVerified());
            }
            if (linkedList == null) {
            } else {
                while (true) {
                    if (isEmpty) {
                        return;
                    }
                }
            }
        } finally {
            if (this.afterBuildStepStack != null) {
                while (!this.afterBuildStepStack.isEmpty()) {
                    this.afterBuildStepStack.pop().perform(fromCluster, run, filePath, launcher, taskListener);
                }
            }
        }
    }

    @VisibleForTesting
    static void addMetricsLabel(FilePath filePath) throws InterruptedException, IOException {
        Manifests fromFile = Manifests.fromFile(filePath);
        Iterator<Manifests.ManifestObject> it = fromFile.getObjectManifestsOfKinds(METRICS_TARGET_TYPES).iterator();
        while (it.hasNext()) {
            it.next().addLabel(METRICS_LABEL_KEY, METRICS_LABEL_VALUE);
        }
        fromFile.write();
    }

    private boolean verify(KubectlWrapper kubectlWrapper, String str, FilePath filePath, PrintStream printStream) throws InterruptedException, IOException {
        LOGGER.log(Level.INFO, String.format("GKE verifying deployment to, projectId: %s cluster: %s zone: %s manifests: %s", this.projectId, this.clusterName, this.zone, filePath.child(str)));
        printStream.println(String.format("Verifying manifests: %s", filePath.child(str)));
        List<Manifests.ManifestObject> objectManifestsOfKinds = Manifests.fromFile(filePath.child(str)).getObjectManifestsOfKinds(ImmutableSet.of(KubernetesVerifiers.DEPLOYMENT_KIND));
        printStream.println(Messages.KubernetesEngineBuilder_VerifyingNObjects(Integer.valueOf(objectManifestsOfKinds.size())));
        return VerificationTask.verifyObjects(kubectlWrapper, objectManifestsOfKinds, printStream, this.verifyTimeoutInMinutes);
    }

    public BuildStepMonitor getRequiredMonitorService() {
        return BuildStepMonitor.BUILD;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void selectOption(ListBoxModel listBoxModel, String str) {
        if (!Strings.isNullOrEmpty(str)) {
            Optional findFirst = listBoxModel.stream().filter(option -> {
                return str.equals(option.value);
            }).findFirst();
            if (findFirst.isPresent()) {
                ((ListBoxModel.Option) findFirst.get()).selected = true;
                return;
            }
        }
        listBoxModel.stream().filter(option2 -> {
            return !Strings.isNullOrEmpty(option2.value);
        }).findFirst().ifPresent(option3 -> {
            option3.selected = true;
        });
    }

    private static ContainerClient getContainerClient(String str) throws AbortException {
        return new ClientFactory(Jenkins.get(), ImmutableList.of(), str, Optional.empty()).containerClient();
    }
}
