package org.csanchez.jenkins.plugins.kubernetes.pipeline;

import com.google.common.base.Strings;
import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.AbortException;
import hudson.model.ItemGroup;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.slaves.Cloud;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import jenkins.model.Jenkins;
import org.apache.commons.lang.RandomStringUtils;
import org.csanchez.jenkins.plugins.kubernetes.ContainerTemplate;
import org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud;
import org.csanchez.jenkins.plugins.kubernetes.KubernetesFolderProperty;
import org.csanchez.jenkins.plugins.kubernetes.Messages;
import org.csanchez.jenkins.plugins.kubernetes.PodAnnotation;
import org.csanchez.jenkins.plugins.kubernetes.PodImagePullSecret;
import org.csanchez.jenkins.plugins.kubernetes.PodTemplate;
import org.csanchez.jenkins.plugins.kubernetes.PodTemplateUtils;
import org.jenkinsci.plugins.workflow.steps.AbstractStepExecutionImpl;
import org.jenkinsci.plugins.workflow.steps.BodyExecutionCallback;
import org.jenkinsci.plugins.workflow.steps.StepContext;

/* loaded from: input_file:WEB-INF/lib/kubernetes.jar:org/csanchez/jenkins/plugins/kubernetes/pipeline/PodTemplateStepExecution.class */
public class PodTemplateStepExecution extends AbstractStepExecutionImpl {
    private static final Logger LOGGER = Logger.getLogger(PodTemplateStepExecution.class.getName());
    private static final long serialVersionUID = -6139090518333729333L;
    private static final transient String NAME_FORMAT = "%s-%s";

    @SuppressFBWarnings(value = {"SE_TRANSIENT_FIELD_NOT_RESTORED"}, justification = "not needed on deserialization")
    private final transient PodTemplateStep step;
    private final String cloudName;
    private PodTemplate newTemplate;

    /* loaded from: input_file:WEB-INF/lib/kubernetes.jar:org/csanchez/jenkins/plugins/kubernetes/pipeline/PodTemplateStepExecution$PodTemplateCallback.class */
    private class PodTemplateCallback extends BodyExecutionCallback.TailCall {
        private static final long serialVersionUID = 6043919968776851324L;
        private final PodTemplate podTemplate;

        private PodTemplateCallback(PodTemplate podTemplate) {
            this.podTemplate = podTemplate;
        }

        protected void finished(StepContext stepContext) throws Exception {
            Cloud cloud = Jenkins.getInstance().getCloud(PodTemplateStepExecution.this.cloudName);
            if (cloud == null) {
                PodTemplateStepExecution.LOGGER.log(Level.WARNING, "Cloud {0} no longer exists, cannot delete pod template {1}", new Object[]{PodTemplateStepExecution.this.cloudName, this.podTemplate.getName()});
            } else if (!(cloud instanceof KubernetesCloud)) {
                PodTemplateStepExecution.LOGGER.log(Level.WARNING, "Cloud is not a KubernetesCloud: {0} {1}", (Object[]) new String[]{cloud.name, cloud.getClass().getName()});
            } else {
                PodTemplateStepExecution.LOGGER.log(Level.INFO, "Removing pod template {1} from cloud {0}", new Object[]{cloud.name, this.podTemplate.getName()});
                ((KubernetesCloud) cloud).removeDynamicTemplate(this.podTemplate);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PodTemplateStepExecution(PodTemplateStep podTemplateStep, StepContext stepContext) {
        super(stepContext);
        this.newTemplate = null;
        this.step = podTemplateStep;
        this.cloudName = podTemplateStep.getCloud();
    }

    public boolean start() throws Exception {
        Cloud cloud = Jenkins.getInstance().getCloud(this.cloudName);
        if (cloud == null) {
            throw new AbortException(String.format("Cloud does not exist: %s", this.cloudName));
        }
        if (!(cloud instanceof KubernetesCloud)) {
            throw new AbortException(String.format("Cloud is not a Kubernetes cloud: %s (%s)", this.cloudName, cloud.getClass().getName()));
        }
        KubernetesCloud kubernetesCloud = (KubernetesCloud) cloud;
        Run<?, ?> run = (Run) getContext().get(Run.class);
        if (kubernetesCloud.isUsageRestricted()) {
            checkAccess(run, kubernetesCloud);
        }
        PodTemplateContext podTemplateContext = (PodTemplateContext) getContext().get(PodTemplateContext.class);
        String name = podTemplateContext != null ? podTemplateContext.getName() : null;
        String format = String.format(NAME_FORMAT, this.step.getName(), RandomStringUtils.random(5, "bcdfghjklmnpqrstvwxz0123456789"));
        String checkNamespace = checkNamespace(kubernetesCloud, podTemplateContext);
        this.newTemplate = new PodTemplate();
        this.newTemplate.setName(format);
        this.newTemplate.setNamespace(checkNamespace);
        if (this.step.getInheritFrom() == null) {
            this.newTemplate.setInheritFrom(Strings.emptyToNull(name));
        } else {
            this.newTemplate.setInheritFrom(Strings.emptyToNull(this.step.getInheritFrom()));
        }
        this.newTemplate.setInstanceCap(this.step.getInstanceCap());
        this.newTemplate.setIdleMinutes(this.step.getIdleMinutes());
        this.newTemplate.setSlaveConnectTimeout(this.step.getSlaveConnectTimeout());
        this.newTemplate.setLabel(this.step.getLabel());
        this.newTemplate.setEnvVars(this.step.getEnvVars());
        this.newTemplate.setVolumes(this.step.getVolumes());
        this.newTemplate.setCustomWorkspaceVolumeEnabled(this.step.getWorkspaceVolume() != null);
        this.newTemplate.setWorkspaceVolume(this.step.getWorkspaceVolume());
        this.newTemplate.setContainers(this.step.getContainers());
        this.newTemplate.setNodeSelector(this.step.getNodeSelector());
        this.newTemplate.setNodeUsageMode(this.step.getNodeUsageMode());
        this.newTemplate.setServiceAccount(this.step.getServiceAccount());
        this.newTemplate.setAnnotations(this.step.getAnnotations());
        this.newTemplate.setListener((TaskListener) getContext().get(TaskListener.class));
        if (run != null) {
            this.newTemplate.getAnnotations().add(new PodAnnotation("buildUrl", ((KubernetesCloud) cloud).getJenkinsUrlOrDie() + run.getUrl()));
        }
        this.newTemplate.setImagePullSecrets((List) this.step.getImagePullSecrets().stream().map(str -> {
            return new PodImagePullSecret(str);
        }).collect(Collectors.toList()));
        this.newTemplate.setYaml(this.step.getYaml());
        this.newTemplate.setPodRetention(this.step.getPodRetention());
        if (this.step.getActiveDeadlineSeconds() != 0) {
            this.newTemplate.setActiveDeadlineSeconds(this.step.getActiveDeadlineSeconds());
        }
        for (ContainerTemplate containerTemplate : this.newTemplate.getContainers()) {
            if (!PodTemplateUtils.validateContainerName(containerTemplate.getName())) {
                throw new AbortException(Messages.RFC1123_error(containerTemplate.getName()));
            }
        }
        Collection<String> validateYamlContainerNames = PodTemplateUtils.validateYamlContainerNames(this.newTemplate.getYamls());
        if (!validateYamlContainerNames.isEmpty()) {
            throw new AbortException(Messages.RFC1123_error(String.join(", ", validateYamlContainerNames)));
        }
        if (!PodTemplateUtils.validateLabel(this.newTemplate.getLabel())) {
            throw new AbortException(Messages.label_error(this.newTemplate.getLabel()));
        }
        kubernetesCloud.addDynamicTemplate(this.newTemplate);
        getContext().newBodyInvoker().withContexts(new Object[]{this.step, new PodTemplateContext(checkNamespace, format)}).withCallback(new PodTemplateCallback(this.newTemplate)).start();
        return false;
    }

    private void checkAccess(Run<?, ?> run, KubernetesCloud kubernetesCloud) throws AbortException {
        ItemGroup parent = run.getParent().getParent();
        HashSet hashSet = new HashSet();
        KubernetesFolderProperty.collectAllowedClouds(hashSet, parent);
        if (!hashSet.contains(kubernetesCloud.name)) {
            throw new AbortException(String.format("Not authorized to use Kubernetes cloud: %s", this.step.getCloud()));
        }
    }

    private String checkNamespace(KubernetesCloud kubernetesCloud, @CheckForNull PodTemplateContext podTemplateContext) {
        return !Strings.isNullOrEmpty(this.step.getNamespace()) ? this.step.getNamespace() : (podTemplateContext == null || Strings.isNullOrEmpty(podTemplateContext.getNamespace())) ? kubernetesCloud.getNamespace() : podTemplateContext.getNamespace();
    }

    public void onResume() {
        super.onResume();
        Cloud cloud = Jenkins.getInstance().getCloud(this.cloudName);
        if (cloud == null) {
            throw new RuntimeException(String.format("Cloud does not exist: %s", this.cloudName));
        }
        if (!(cloud instanceof KubernetesCloud)) {
            throw new RuntimeException(String.format("Cloud is not a Kubernetes cloud: %s (%s)", this.cloudName, cloud.getClass().getName()));
        }
        ((KubernetesCloud) cloud).addDynamicTemplate(this.newTemplate);
    }
}
