package io.hops.hopsworks.expat.migrations.kubernetes;

import com.google.common.io.Files;
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClientException;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import io.fabric8.kubernetes.client.utils.Serialization;
import io.hops.hopsworks.common.util.HopsUtils;
import io.hops.hopsworks.expat.configuration.ConfigurationBuilder;
import io.hops.hopsworks.expat.configuration.ExpatConf;
import io.hops.hopsworks.expat.db.DbConnectionFactory;
import io.hops.hopsworks.expat.kubernetes.KubernetesClientFactory;
import io.hops.hopsworks.expat.migrations.MigrateStep;
import io.hops.hopsworks.expat.migrations.MigrationException;
import io.hops.hopsworks.expat.migrations.RollbackException;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Paths;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Base64;
import java.util.HashMap;
import org.apache.commons.configuration2.ex.ConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/hops/hopsworks/expat/migrations/kubernetes/CreateCertSecrets.class */
public class CreateCertSecrets implements MigrateStep {
    private static final Logger LOGGER = LoggerFactory.getLogger(CreateCertSecrets.class);

    @Override // io.hops.hopsworks.expat.migrations.MigrateStep
    public void migrate() throws MigrationException {
        String asYaml;
        FileWriter fileWriter;
        Throwable th;
        File file = new File("/tmp/k8s");
        file.mkdirs();
        try {
            String files = Files.toString(Paths.get(ConfigurationBuilder.getConfiguration().getString(ExpatConf.MASTER_PWD_FILE_KEY), new String[0]).toFile(), Charset.defaultCharset());
            Statement statement = null;
            ResultSet resultSet = null;
            try {
                try {
                    Statement createStatement = DbConnectionFactory.getConnection().createStatement();
                    ResultSet executeQuery = createStatement.executeQuery("SELECT u.username AS username, projectname, password, user_key, user_cert, user_key_pwd FROM users u join user_certs uc ON u.username = uc.username");
                    while (executeQuery.next()) {
                        String string = executeQuery.getString("projectname");
                        String replaceAll = string.toLowerCase().replaceAll("[^a-z0-9-]", "-");
                        String str = replaceAll + "--" + executeQuery.getString("username").toLowerCase().replaceAll("[^a-z0-9]", "-");
                        if (str.endsWith("-")) {
                            str = str + "0";
                        }
                        String str2 = string + "__" + executeQuery.getString("username");
                        try {
                            String decrypt = HopsUtils.decrypt(executeQuery.getString("password"), executeQuery.getString("user_key_pwd"), files);
                            HashMap hashMap = new HashMap();
                            hashMap.put(str2 + "__cert.key", Base64.getEncoder().encodeToString(decrypt.getBytes()));
                            hashMap.put(str2 + "__kstore.jks", Base64.getEncoder().encodeToString(executeQuery.getBytes("user_key")));
                            hashMap.put(str2 + "__tstore.jks", Base64.getEncoder().encodeToString(executeQuery.getBytes("user_cert")));
                            asYaml = Serialization.asYaml(new SecretBuilder().withMetadata(new ObjectMetaBuilder().withName(str).withNamespace(replaceAll).build()).withData(hashMap).build());
                            try {
                                fileWriter = new FileWriter(new File(file, str + ".yaml"));
                                th = null;
                            } catch (IOException e) {
                                e.printStackTrace();
                            }
                        } catch (Exception e2) {
                            LOGGER.error("Could not create secret " + str + " for project user: " + string, e2);
                        }
                        try {
                            try {
                                fileWriter.write(asYaml);
                                if (fileWriter != null) {
                                    if (0 != 0) {
                                        try {
                                            fileWriter.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                    } else {
                                        fileWriter.close();
                                    }
                                }
                                LOGGER.info("Secret " + str + " created for project user: " + string);
                            } catch (Throwable th3) {
                                th = th3;
                                throw th3;
                            }
                        } catch (Throwable th4) {
                            if (fileWriter != null) {
                                if (th != null) {
                                    try {
                                        fileWriter.close();
                                    } catch (Throwable th5) {
                                        th.addSuppressed(th5);
                                    }
                                } else {
                                    fileWriter.close();
                                }
                            }
                            throw th4;
                        }
                    }
                    if (createStatement != null) {
                        try {
                            createStatement.close();
                        } catch (SQLException e3) {
                        }
                    }
                    if (executeQuery != null) {
                        try {
                            executeQuery.close();
                        } catch (SQLException e4) {
                        }
                    }
                } catch (SQLException | ConfigurationException e5) {
                    throw new MigrationException("Cannot fetch the list of projects from the database", e5);
                }
            } catch (Throwable th6) {
                if (0 != 0) {
                    try {
                        statement.close();
                    } catch (SQLException e6) {
                    }
                }
                if (0 != 0) {
                    try {
                        resultSet.close();
                    } catch (SQLException e7) {
                    }
                }
                throw th6;
            }
        } catch (ConfigurationException | IOException e8) {
            throw new MigrationException("Could not read the master password", e8);
        }
    }

    @Override // io.hops.hopsworks.expat.migrations.MigrateStep
    public void rollback() throws RollbackException {
        try {
            KubernetesClient client = KubernetesClientFactory.getClient();
            Statement statement = null;
            ResultSet resultSet = null;
            try {
                try {
                    statement = DbConnectionFactory.getConnection().createStatement();
                    resultSet = statement.executeQuery("SELECT projectname, username FROM project");
                    while (resultSet.next()) {
                        String string = resultSet.getString("projectname");
                        String replace = string.replace("_", "-");
                        String str = replace + "--" + resultSet.getString("username");
                        String str2 = string + "__" + resultSet.getString("username");
                        try {
                            ((NonNamespaceOperation) client.secrets().inNamespace(replace)).delete(new SecretBuilder().withMetadata(new ObjectMetaBuilder().withName(str).build()).build());
                            LOGGER.info("Secret " + str + " deleted for project user: " + str2);
                        } catch (KubernetesClientException e) {
                            LOGGER.error("Could not delete secret" + str + " for project user: " + str2, e);
                        }
                    }
                    if (statement != null) {
                        try {
                            statement.close();
                        } catch (SQLException e2) {
                        }
                    }
                    if (resultSet != null) {
                        try {
                            resultSet.close();
                        } catch (SQLException e3) {
                        }
                    }
                } catch (Throwable th) {
                    if (statement != null) {
                        try {
                            statement.close();
                        } catch (SQLException e4) {
                        }
                    }
                    if (resultSet != null) {
                        try {
                            resultSet.close();
                        } catch (SQLException e5) {
                        }
                    }
                    throw th;
                }
            } catch (SQLException | ConfigurationException e6) {
                throw new RollbackException("Cannot fetch the list of projects from the database", e6);
            }
        } catch (ConfigurationException e7) {
            throw new RollbackException("Cannot read the configuration", e7);
        }
    }
}
