package org.ballerinax.kubernetes.handlers.istio;

import io.fabric8.kubernetes.client.internal.SerializationUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import me.snowdrop.istio.api.networking.v1alpha3.GatewayBuilder;
import me.snowdrop.istio.api.networking.v1alpha3.Server;
import me.snowdrop.istio.api.networking.v1alpha3.ServerBuilder;
import me.snowdrop.istio.api.networking.v1alpha3.TLSOptions;
import me.snowdrop.istio.api.networking.v1alpha3.TLSOptionsBuilder;
import me.snowdrop.istio.api.networking.v1alpha3.TLSOptionsMode;
import org.ballerinax.kubernetes.KubernetesConstants;
import org.ballerinax.kubernetes.exceptions.KubernetesPluginException;
import org.ballerinax.kubernetes.handlers.AbstractArtifactHandler;
import org.ballerinax.kubernetes.models.istio.IstioGatewayModel;
import org.ballerinax.kubernetes.models.istio.IstioServerModel;
import org.ballerinax.kubernetes.utils.KubernetesUtils;

/* loaded from: input_file:org/ballerinax/kubernetes/handlers/istio/IstioGatewayHandler.class */
public class IstioGatewayHandler extends AbstractArtifactHandler {
    @Override // org.ballerinax.kubernetes.handlers.ArtifactHandler
    public void createArtifacts() throws KubernetesPluginException {
        Map<String, IstioGatewayModel> istioGatewayModels = this.dataHolder.getIstioGatewayModels();
        int size = istioGatewayModels.size();
        if (size > 0) {
            OUT.println();
        }
        int i = 0;
        for (IstioGatewayModel istioGatewayModel : istioGatewayModels.values()) {
            i++;
            if (null == istioGatewayModel.getSelector() || istioGatewayModel.getSelector().size() == 0) {
                LinkedHashMap linkedHashMap = new LinkedHashMap();
                linkedHashMap.put(KubernetesConstants.ISTIO_GATEWAY_SELECTOR, "ingressgateway");
                istioGatewayModel.setSelector(linkedHashMap);
            }
            if (null == istioGatewayModel.getServers() || istioGatewayModel.getServers().size() == 0) {
                throw new KubernetesPluginException("'" + istioGatewayModel.getName() + "' istio gateway needs one or more servers.");
            }
            for (IstioServerModel istioServerModel : istioGatewayModel.getServers()) {
                if (null == istioServerModel.getHosts() || istioServerModel.getHosts().size() == 0) {
                    throw new KubernetesPluginException("'" + istioGatewayModel.getName() + "' istio gateway needs one or more server hosts.");
                }
                if (null == istioServerModel.getPort() || istioServerModel.getPort().getNumber() < 0) {
                    throw new KubernetesPluginException("'" + istioGatewayModel.getName() + "' istio gateway ports cannot be less than 0. found: " + istioServerModel.getPort().getNumber());
                }
                if (istioServerModel.getTls() != null && "SIMPLE".equals(istioServerModel.getTls().getMode()) && (istioServerModel.getTls().getServerCertificate() == null || istioServerModel.getTls().getPrivateKey() == null)) {
                    throw new KubernetesPluginException("'" + istioGatewayModel.getName() + "' istio gateway TLS mode is SIMPLE, hence serverCertificate and privateKey fields are required.");
                }
                if (istioServerModel.getTls() != null && "MUTUAL".equals(istioServerModel.getTls().getMode()) && (istioServerModel.getTls().getServerCertificate() == null || istioServerModel.getTls().getPrivateKey() == null || istioServerModel.getTls().getCaCertificates() == null)) {
                    throw new KubernetesPluginException("'" + istioGatewayModel.getName() + "' istio gateway TLS mode is MUTUAL, hence serverCertificate, privateKey and caCertificates fields are required.");
                }
            }
            generate(istioGatewayModel);
            OUT.print("\t@istio:Gateway \t\t\t\t - complete " + i + "/" + size + "\r");
        }
    }

    private void generate(IstioGatewayModel istioGatewayModel) throws KubernetesPluginException {
        try {
            KubernetesUtils.writeToFile(SerializationUtils.dumpWithoutRuntimeStateAsYaml(((GatewayBuilder) ((GatewayBuilder) new GatewayBuilder().withNewMetadata().withName(istioGatewayModel.getName()).withNamespace(this.dataHolder.getNamespace()).withLabels(istioGatewayModel.getLabels()).withAnnotations(istioGatewayModel.getAnnotations()).endMetadata()).withNewSpec().withSelector(istioGatewayModel.getSelector()).withServers(populateServers(istioGatewayModel.getServers())).endSpec()).build()), "_istio_gateway.yaml");
        } catch (IOException e) {
            throw new KubernetesPluginException("error while generating yaml file for istio gateway: " + istioGatewayModel.getName(), e);
        }
    }

    private List<Server> populateServers(List<IstioServerModel> list) {
        return (List) list.stream().map(istioServerModel -> {
            return ((ServerBuilder) new ServerBuilder().withHosts(new ArrayList(istioServerModel.getHosts())).withNewPort().withNumber(Integer.valueOf(istioServerModel.getPort().getNumber())).withProtocol(istioServerModel.getPort().getProtocol()).withName(istioServerModel.getPort().getName()).endPort()).withTls(populateTLS(istioServerModel.getTls())).build();
        }).collect(Collectors.toList());
    }

    private TLSOptions populateTLS(IstioServerModel.TLSOptions tLSOptions) {
        if (null == tLSOptions) {
            return null;
        }
        return new TLSOptionsBuilder().withHttpsRedirect(Boolean.valueOf(tLSOptions.isHttpsRedirect())).withMode(TLSOptionsMode.valueOf(tLSOptions.getMode())).withServerCertificate(tLSOptions.getServerCertificate()).withPrivateKey(tLSOptions.getPrivateKey()).withCaCertificates(tLSOptions.getCaCertificates()).withSubjectAltNames(new ArrayList(tLSOptions.getSubjectAltNames())).build();
    }
}
