package akka.discovery.kubernetes;

import akka.actor.ActorSystem;
import akka.annotation.InternalApi;
import akka.discovery.Lookup;
import akka.discovery.ServiceDiscovery;
import akka.discovery.ServiceDiscovery$Resolved$;
import akka.dispatch.Dispatchers$;
import akka.dispatch.MessageDispatcher;
import akka.event.LogSource$;
import akka.event.Logging$;
import akka.event.LoggingAdapter;
import akka.http.scaladsl.ConnectionContext$;
import akka.http.scaladsl.Http$;
import akka.http.scaladsl.HttpExt;
import akka.http.scaladsl.HttpsConnectionContext;
import akka.http.scaladsl.model.HttpRequest;
import akka.http.scaladsl.model.HttpRequest$;
import akka.http.scaladsl.model.StatusCode;
import akka.http.scaladsl.model.StatusCodes;
import akka.http.scaladsl.model.StatusCodes$;
import akka.http.scaladsl.model.Uri$;
import akka.http.scaladsl.model.Uri$Path$Empty$;
import akka.http.scaladsl.model.Uri$Query$;
import akka.http.scaladsl.model.headers.Authorization$;
import akka.http.scaladsl.model.headers.OAuth2BearerToken$;
import akka.http.scaladsl.unmarshalling.Unmarshal$;
import akka.http.scaladsl.unmarshalling.Unmarshaller$;
import akka.pki.kubernetes.PemManagersProvider$;
import akka.stream.Materializer$;
import java.io.Serializable;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.NoSuchElementException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import scala.Array$;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Product;
import scala.Some$;
import scala.Tuple2;
import scala.collection.Iterable;
import scala.collection.IterableOnceOps;
import scala.collection.IterableOps;
import scala.collection.Iterator;
import scala.collection.StringOps$;
import scala.collection.immutable.$colon;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.Seq;
import scala.concurrent.Future;
import scala.concurrent.Future$;
import scala.concurrent.duration.FiniteDuration;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;
import scala.runtime.ScalaRunTime$;
import scala.sys.package$;
import scala.util.Try$;
import scala.util.control.NoStackTrace;
import scala.util.control.NonFatal$;

/* compiled from: KubernetesApiServiceDiscovery.scala */
/* loaded from: input_file:akka/discovery/kubernetes/KubernetesApiServiceDiscovery.class */
public class KubernetesApiServiceDiscovery extends ServiceDiscovery {
    private final ActorSystem system;
    private final HttpExt http;
    private final Settings settings;
    private final LoggingAdapter log;
    private final Future<KubernetesSetup> kubernetesSetup;

    /* compiled from: KubernetesApiServiceDiscovery.scala */
    /* loaded from: input_file:akka/discovery/kubernetes/KubernetesApiServiceDiscovery$KubernetesApiException.class */
    public static class KubernetesApiException extends RuntimeException implements NoStackTrace {
        public KubernetesApiException(String str) {
            super(str);
            NoStackTrace.$init$(this);
        }

        @Override // java.lang.Throwable
        public /* bridge */ /* synthetic */ Throwable fillInStackTrace() {
            return NoStackTrace.fillInStackTrace$(this);
        }

        public Throwable scala$util$control$NoStackTrace$$super$fillInStackTrace() {
            return super.fillInStackTrace();
        }
    }

    /* compiled from: KubernetesApiServiceDiscovery.scala */
    /* loaded from: input_file:akka/discovery/kubernetes/KubernetesApiServiceDiscovery$KubernetesSetup.class */
    public static final class KubernetesSetup implements Product, Serializable {
        private final String podNamespace;
        private final String apiToken;
        private final HttpsConnectionContext clientHttpsConnectionContext;

        public static KubernetesSetup apply(String str, String str2, HttpsConnectionContext httpsConnectionContext) {
            return KubernetesApiServiceDiscovery$KubernetesSetup$.MODULE$.apply(str, str2, httpsConnectionContext);
        }

        public static KubernetesSetup fromProduct(Product product) {
            return KubernetesApiServiceDiscovery$KubernetesSetup$.MODULE$.m3fromProduct(product);
        }

        public static KubernetesSetup unapply(KubernetesSetup kubernetesSetup) {
            return KubernetesApiServiceDiscovery$KubernetesSetup$.MODULE$.unapply(kubernetesSetup);
        }

        public KubernetesSetup(String str, String str2, HttpsConnectionContext httpsConnectionContext) {
            this.podNamespace = str;
            this.apiToken = str2;
            this.clientHttpsConnectionContext = httpsConnectionContext;
        }

        public /* bridge */ /* synthetic */ Iterator productIterator() {
            return Product.productIterator$(this);
        }

        public /* bridge */ /* synthetic */ Iterator productElementNames() {
            return Product.productElementNames$(this);
        }

        public int hashCode() {
            return ScalaRunTime$.MODULE$._hashCode(this);
        }

        public boolean equals(Object obj) {
            boolean z;
            if (this != obj) {
                if (obj instanceof KubernetesSetup) {
                    KubernetesSetup kubernetesSetup = (KubernetesSetup) obj;
                    String podNamespace = podNamespace();
                    String podNamespace2 = kubernetesSetup.podNamespace();
                    if (podNamespace != null ? podNamespace.equals(podNamespace2) : podNamespace2 == null) {
                        String apiToken = apiToken();
                        String apiToken2 = kubernetesSetup.apiToken();
                        if (apiToken != null ? apiToken.equals(apiToken2) : apiToken2 == null) {
                            HttpsConnectionContext clientHttpsConnectionContext = clientHttpsConnectionContext();
                            HttpsConnectionContext clientHttpsConnectionContext2 = kubernetesSetup.clientHttpsConnectionContext();
                            if (clientHttpsConnectionContext != null ? clientHttpsConnectionContext.equals(clientHttpsConnectionContext2) : clientHttpsConnectionContext2 == null) {
                                z = true;
                            }
                        }
                    }
                    z = false;
                } else {
                    z = false;
                }
                if (!z) {
                    return false;
                }
            }
            return true;
        }

        public String toString() {
            return ScalaRunTime$.MODULE$._toString(this);
        }

        public boolean canEqual(Object obj) {
            return obj instanceof KubernetesSetup;
        }

        public int productArity() {
            return 3;
        }

        public String productPrefix() {
            return "KubernetesSetup";
        }

        public Object productElement(int i) {
            switch (i) {
                case 0:
                    return _1();
                case 1:
                    return _2();
                case 2:
                    return _3();
                default:
                    throw new IndexOutOfBoundsException(BoxesRunTime.boxToInteger(i).toString());
            }
        }

        public String productElementName(int i) {
            switch (i) {
                case 0:
                    return "podNamespace";
                case 1:
                    return "apiToken";
                case 2:
                    return "clientHttpsConnectionContext";
                default:
                    throw new IndexOutOfBoundsException(BoxesRunTime.boxToInteger(i).toString());
            }
        }

        public String podNamespace() {
            return this.podNamespace;
        }

        public String apiToken() {
            return this.apiToken;
        }

        public HttpsConnectionContext clientHttpsConnectionContext() {
            return this.clientHttpsConnectionContext;
        }

        public KubernetesSetup copy(String str, String str2, HttpsConnectionContext httpsConnectionContext) {
            return new KubernetesSetup(str, str2, httpsConnectionContext);
        }

        public String copy$default$1() {
            return podNamespace();
        }

        public String copy$default$2() {
            return apiToken();
        }

        public HttpsConnectionContext copy$default$3() {
            return clientHttpsConnectionContext();
        }

        public String _1() {
            return podNamespace();
        }

        public String _2() {
            return apiToken();
        }

        public HttpsConnectionContext _3() {
            return clientHttpsConnectionContext();
        }
    }

    @InternalApi
    public static Seq<ServiceDiscovery.ResolvedTarget> targets(PodList podList, Option<String> option, String str, String str2, boolean z, Option<String> option2) {
        return KubernetesApiServiceDiscovery$.MODULE$.targets(podList, option, str, str2, z, option2);
    }

    public KubernetesApiServiceDiscovery(ActorSystem actorSystem) {
        this.system = actorSystem;
        this.http = Http$.MODULE$.apply(actorSystem);
        this.settings = (Settings) Settings$.MODULE$.apply(actorSystem);
        this.log = Logging$.MODULE$.apply(actorSystem, KubernetesApiServiceDiscovery.class, LogSource$.MODULE$.fromAnyClass());
        this.log.debug("Settings {}", this.settings);
        MessageDispatcher lookup = actorSystem.dispatchers().lookup(Dispatchers$.MODULE$.DefaultBlockingDispatcherId());
        this.kubernetesSetup = Future$.MODULE$.apply(this::$init$$$anonfun$1, lookup).flatMap(str -> {
            return Future$.MODULE$.apply(this::$init$$$anonfun$2$$anonfun$1, lookup).flatMap(str -> {
                return Future$.MODULE$.apply(this::$init$$$anonfun$2$$anonfun$2$$anonfun$1, lookup).map(httpsConnectionContext -> {
                    return KubernetesApiServiceDiscovery$KubernetesSetup$.MODULE$.apply(str, str, httpsConnectionContext);
                }, lookup);
            }, lookup);
        }, lookup);
    }

    public Future<ServiceDiscovery.Resolved> lookup(Lookup lookup, FiniteDuration finiteDuration) {
        String podLabelSelector = this.settings.podLabelSelector(lookup.serviceName());
        return this.kubernetesSetup.flatMap(kubernetesSetup -> {
            this.log.info("Querying for pods with label selector: [{}]. Namespace: [{}]. Port: [{}]", podLabelSelector, kubernetesSetup.podNamespace(), lookup.portName());
            return optionToFuture(podRequest(kubernetesSetup.apiToken(), kubernetesSetup.podNamespace(), podLabelSelector), "Unable to form request; check Kubernetes environment (expecting env vars " + this.settings.apiServiceHostEnvName() + ", " + this.settings.apiServicePortEnvName() + ")").flatMap(httpRequest -> {
                return this.http.singleRequest(httpRequest, kubernetesSetup.clientHttpsConnectionContext(), this.http.singleRequest$default$3(), this.http.singleRequest$default$4()).flatMap(httpResponse -> {
                    return httpResponse.entity().toStrict(finiteDuration, Materializer$.MODULE$.matFromSystem(this.system)).flatMap(strict -> {
                        Future failed;
                        StatusCode status = httpResponse.status();
                        StatusCodes.Success OK = StatusCodes$.MODULE$.OK();
                        if (OK != null ? !OK.equals(status) : status != null) {
                            StatusCodes.ClientError Forbidden = StatusCodes$.MODULE$.Forbidden();
                            if (Forbidden != null ? !Forbidden.equals(status) : status != null) {
                                Unmarshal$.MODULE$.apply(strict).to(Unmarshaller$.MODULE$.stringUnmarshaller(), this.system.dispatcher(), Materializer$.MODULE$.matFromSystem(this.system)).foreach(str -> {
                                    this.log.warning("Non-200 when communicating with Kubernetes API server. Status code: [{}]. Response body: [{}]", status, str);
                                }, this.system.dispatcher());
                                failed = Future$.MODULE$.failed(new KubernetesApiException("Non-200 from Kubernetes API server: " + status));
                            } else {
                                Unmarshal$.MODULE$.apply(strict).to(Unmarshaller$.MODULE$.stringUnmarshaller(), this.system.dispatcher(), Materializer$.MODULE$.matFromSystem(this.system)).foreach(str2 -> {
                                    this.log.warning("Forbidden to communicate with Kubernetes API server; check RBAC settings. Response: [{}]", str2);
                                }, this.system.dispatcher());
                                failed = Future$.MODULE$.failed(new KubernetesApiException("Forbidden when communicating with the Kubernetes API. Check RBAC settings."));
                            }
                        } else {
                            this.log.debug("Kubernetes API entity: [{}]", strict.data().utf8String());
                            Future future = Unmarshal$.MODULE$.apply(strict).to(JsonFormat$.MODULE$.sprayJsonUnmarshaller(JsonFormat$.MODULE$.podListFormat()), this.system.dispatcher(), Materializer$.MODULE$.matFromSystem(this.system));
                            future.failed().foreach(th -> {
                                this.log.warning("Failed to unmarshal Kubernetes API response.  Status code: [{}]; Response body: [{}]. Ex: [{}]", httpResponse.status().value(), strict, th.getMessage());
                            }, this.system.dispatcher());
                            failed = future;
                        }
                        return failed.map(podList -> {
                            Seq<ServiceDiscovery.ResolvedTarget> targets = KubernetesApiServiceDiscovery$.MODULE$.targets(podList, lookup.portName(), kubernetesSetup.podNamespace(), this.settings.podDomain(), this.settings.rawIp(), this.settings.containerName());
                            if (targets.isEmpty() && podList.items().nonEmpty() && this.log.isInfoEnabled()) {
                                this.log.info("No targets found from pod list. Is the correct port name configured? Current configuration: [{}]. Ports on pods: [{}]", lookup.portName(), ((IterableOnceOps) ((IterableOps) ((IterableOps) ((IterableOps) podList.items().flatMap(pod -> {
                                    return pod.spec();
                                })).flatMap(podSpec -> {
                                    return podSpec.containers();
                                })).flatMap(container -> {
                                    return container.ports();
                                })).flatten(Predef$.MODULE$.$conforms())).toSet());
                            }
                            return ServiceDiscovery$Resolved$.MODULE$.apply(lookup.serviceName(), targets);
                        }, this.system.dispatcher());
                    }, this.system.dispatcher());
                }, this.system.dispatcher());
            }, this.system.dispatcher());
        }, this.system.dispatcher());
    }

    private <T> Future<T> optionToFuture(Option<T> option, String str) {
        return (Future) option.fold(() -> {
            return optionToFuture$$anonfun$1(r1);
        }, obj -> {
            return Future$.MODULE$.successful(obj);
        });
    }

    private Option<HttpRequest> podRequest(String str, String str2, String str3) {
        return package$.MODULE$.env().get(this.settings.apiServiceHostEnvName()).flatMap(str4 -> {
            return package$.MODULE$.env().get(this.settings.apiServicePortEnvName()).flatMap(str4 -> {
                return Try$.MODULE$.apply(() -> {
                    return podRequest$$anonfun$1$$anonfun$1$$anonfun$1(r1);
                }).toOption().map(obj -> {
                    return podRequest$$anonfun$1$$anonfun$1$$anonfun$2(str2, str3, str4, str, BoxesRunTime.unboxToInt(obj));
                });
            });
        });
    }

    private HttpsConnectionContext clientHttpsConnectionContext() {
        Iterable loadCertificates = PemManagersProvider$.MODULE$.loadCertificates(this.settings.apiCaPath());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(null);
        keyManagerFactory.init(keyStore, (char[]) Array$.MODULE$.empty(ClassTag$.MODULE$.apply(Character.TYPE)));
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManager[] buildTrustManagers = PemManagersProvider$.MODULE$.buildTrustManagers(loadCertificates);
        SecureRandom secureRandom = new SecureRandom();
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        sSLContext.init(keyManagers, buildTrustManagers, secureRandom);
        return ConnectionContext$.MODULE$.httpsClient(sSLContext);
    }

    private Option<String> readConfigVarFromFilesystem(String str, String str2) {
        Path path = Paths.get(str, new String[0]);
        if (!Files.exists(path, new LinkOption[0])) {
            this.log.warning("Unable to read {} from {} because it doesn't exist.", str2, str);
            return None$.MODULE$;
        }
        try {
            return Some$.MODULE$.apply(new String(Files.readAllBytes(path), "utf-8"));
        } catch (Throwable th) {
            if (th != null) {
                Option unapply = NonFatal$.MODULE$.unapply(th);
                if (!unapply.isEmpty()) {
                    this.log.error((Throwable) unapply.get(), "Error reading {} from {}", str2, str);
                    return None$.MODULE$;
                }
            }
            throw th;
        }
    }

    private static final String $init$$$anonfun$1$$anonfun$1() {
        return "";
    }

    private final String $init$$$anonfun$1() {
        return (String) readConfigVarFromFilesystem(this.settings.apiTokenPath(), "api-token").getOrElse(KubernetesApiServiceDiscovery::$init$$$anonfun$1$$anonfun$1);
    }

    private final Option $init$$$anonfun$2$$anonfun$1$$anonfun$1() {
        return readConfigVarFromFilesystem(this.settings.podNamespacePath(), "pod-namespace");
    }

    private static final String $init$$$anonfun$2$$anonfun$1$$anonfun$2() {
        return "default";
    }

    private final String $init$$$anonfun$2$$anonfun$1() {
        return (String) this.settings.podNamespace().orElse(this::$init$$$anonfun$2$$anonfun$1$$anonfun$1).getOrElse(KubernetesApiServiceDiscovery::$init$$$anonfun$2$$anonfun$1$$anonfun$2);
    }

    private final HttpsConnectionContext $init$$$anonfun$2$$anonfun$2$$anonfun$1() {
        return clientHttpsConnectionContext();
    }

    private static final Future optionToFuture$$anonfun$1(String str) {
        return Future$.MODULE$.failed(new NoSuchElementException(str));
    }

    private static final int podRequest$$anonfun$1$$anonfun$1$$anonfun$1(String str) {
        return StringOps$.MODULE$.toInt$extension(Predef$.MODULE$.augmentString(str));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final /* synthetic */ HttpRequest podRequest$$anonfun$1$$anonfun$1$$anonfun$2(String str, String str2, String str3, String str4, int i) {
        return HttpRequest$.MODULE$.apply(HttpRequest$.MODULE$.apply$default$1(), Uri$.MODULE$.from("https", Uri$.MODULE$.from$default$2(), str3, i, Uri$.MODULE$.from$default$5(), Uri$.MODULE$.from$default$6(), Uri$.MODULE$.from$default$7(), Uri$.MODULE$.from$default$8()).withPath(Uri$Path$Empty$.MODULE$.$div("api").$div("v1").$div("namespaces").$div(str).$div("pods")).withQuery(Uri$Query$.MODULE$.apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("labelSelector"), str2), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc("fieldSelection"), "status.phase==Running")}))), new $colon.colon(Authorization$.MODULE$.apply(OAuth2BearerToken$.MODULE$.apply(str4)), Nil$.MODULE$), HttpRequest$.MODULE$.apply$default$4(), HttpRequest$.MODULE$.apply$default$5());
    }
}
