package com.netflix.kayenta.gcs.storage;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.api.client.http.ByteArrayContent;
import com.google.api.client.http.HttpResponseException;
import com.google.api.services.storage.Storage;
import com.google.api.services.storage.model.Bucket;
import com.google.api.services.storage.model.Objects;
import com.google.api.services.storage.model.StorageObject;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.netflix.kayenta.canary.CanaryConfig;
import com.netflix.kayenta.google.security.GoogleNamedAccountCredentials;
import com.netflix.kayenta.index.CanaryConfigIndex;
import com.netflix.kayenta.index.config.CanaryConfigIndexAction;
import com.netflix.kayenta.security.AccountCredentialsRepository;
import com.netflix.kayenta.storage.ObjectType;
import com.netflix.kayenta.storage.StorageService;
import com.netflix.spinnaker.kork.web.exceptions.NotFoundException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.validation.constraints.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/netflix/kayenta/gcs/storage/GcsStorageService.class */
public class GcsStorageService implements StorageService {
    private static final Logger log = LoggerFactory.getLogger(GcsStorageService.class);

    @Autowired
    private ObjectMapper kayentaObjectMapper;

    @NotNull
    private List<String> accountNames;

    @Autowired
    private AccountCredentialsRepository accountCredentialsRepository;

    @Autowired
    private CanaryConfigIndex canaryConfigIndex;

    /* loaded from: input_file:com/netflix/kayenta/gcs/storage/GcsStorageService$GcsStorageServiceBuilder.class */
    public static class GcsStorageServiceBuilder {
        private ObjectMapper kayentaObjectMapper;
        private ArrayList<String> accountNames;
        private AccountCredentialsRepository accountCredentialsRepository;
        private CanaryConfigIndex canaryConfigIndex;

        GcsStorageServiceBuilder() {
        }

        public GcsStorageServiceBuilder kayentaObjectMapper(ObjectMapper objectMapper) {
            this.kayentaObjectMapper = objectMapper;
            return this;
        }

        public GcsStorageServiceBuilder accountName(String str) {
            if (this.accountNames == null) {
                this.accountNames = new ArrayList<>();
            }
            this.accountNames.add(str);
            return this;
        }

        public GcsStorageServiceBuilder accountNames(Collection<? extends String> collection) {
            if (collection == null) {
                throw new IllegalArgumentException("accountNames cannot be null");
            }
            if (this.accountNames == null) {
                this.accountNames = new ArrayList<>();
            }
            this.accountNames.addAll(collection);
            return this;
        }

        public GcsStorageServiceBuilder clearAccountNames() {
            if (this.accountNames != null) {
                this.accountNames.clear();
            }
            return this;
        }

        public GcsStorageServiceBuilder accountCredentialsRepository(AccountCredentialsRepository accountCredentialsRepository) {
            this.accountCredentialsRepository = accountCredentialsRepository;
            return this;
        }

        public GcsStorageServiceBuilder canaryConfigIndex(CanaryConfigIndex canaryConfigIndex) {
            this.canaryConfigIndex = canaryConfigIndex;
            return this;
        }

        public GcsStorageService build() {
            List unmodifiableList;
            switch (this.accountNames == null ? 0 : this.accountNames.size()) {
                case 0:
                    unmodifiableList = Collections.emptyList();
                    break;
                case 1:
                    unmodifiableList = Collections.singletonList(this.accountNames.get(0));
                    break;
                default:
                    unmodifiableList = Collections.unmodifiableList(new ArrayList(this.accountNames));
                    break;
            }
            return new GcsStorageService(this.kayentaObjectMapper, unmodifiableList, this.accountCredentialsRepository, this.canaryConfigIndex);
        }

        public String toString() {
            return "GcsStorageService.GcsStorageServiceBuilder(kayentaObjectMapper=" + String.valueOf(this.kayentaObjectMapper) + ", accountNames=" + String.valueOf(this.accountNames) + ", accountCredentialsRepository=" + String.valueOf(this.accountCredentialsRepository) + ", canaryConfigIndex=" + String.valueOf(this.canaryConfigIndex) + ")";
        }
    }

    public boolean servicesAccount(String str) {
        return this.accountNames.contains(str);
    }

    public void ensureBucketExists(String str) {
        GoogleNamedAccountCredentials requiredOne = this.accountCredentialsRepository.getRequiredOne(str);
        Storage storage = requiredOne.getStorage();
        String project = requiredOne.getProject();
        String bucket = requiredOne.getBucket();
        String bucketLocation = requiredOne.getBucketLocation();
        try {
            storage.buckets().get(bucket).execute();
        } catch (HttpResponseException e) {
            if (e.getStatusCode() != 404) {
                if (e.getStatusCode() == 403) {
                    log.error("Account does not have permissions to get bucket metadata {}. Please see the FAQ for details: https://github.com/spinnaker/kayenta/blob/master/docs/faq.md#why-doesnt-my-google-account-have-access-to-get-bucket-metadata: {}", bucket, e);
                    throw new IllegalArgumentException((Throwable) e);
                }
                log.error("Could not get bucket {}: {}", bucket, e);
                throw new IllegalArgumentException((Throwable) e);
            }
            log.warn("Bucket {} does not exist. Creating it in project {}.", bucket, project);
            Bucket versioning = new Bucket().setName(bucket).setVersioning(new Bucket.Versioning().setEnabled(true));
            if (!StringUtils.isEmpty(bucketLocation)) {
                log.warn("Using location {} for bucket {}.", versioning, project);
                versioning.setLocation(bucketLocation);
            }
            try {
                storage.buckets().insert(project, versioning).execute();
            } catch (IOException e2) {
                log.error("Could not create bucket {} in project {}: {}", new Object[]{bucket, project, e2});
                throw new IllegalArgumentException(e2);
            }
        } catch (IOException e3) {
            log.error("Could not get bucket {}: {}", bucket, e3);
            throw new IllegalArgumentException(e3);
        }
    }

    public <T> T loadObject(String str, ObjectType objectType, String str2) throws IllegalArgumentException, NotFoundException {
        GoogleNamedAccountCredentials googleNamedAccountCredentials = (GoogleNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        Storage storage = googleNamedAccountCredentials.getStorage();
        String bucket = googleNamedAccountCredentials.getBucket();
        try {
            StorageObject resolveSingularItem = resolveSingularItem(objectType, str2, googleNamedAccountCredentials, storage, bucket);
            try {
                return (T) deserialize(storage, (StorageObject) storage.objects().get(bucket, resolveSingularItem.getName()).execute(), objectType.getTypeReference());
            } catch (IOException e) {
                if (e instanceof HttpResponseException) {
                    HttpResponseException httpResponseException = e;
                    log.error("Failed to load {} {}: {} {}", new Object[]{objectType.getGroup(), str2, Integer.valueOf(httpResponseException.getStatusCode()), httpResponseException.getStatusMessage()});
                    if (httpResponseException.getStatusCode() == 404) {
                        throw new NotFoundException("No file at path " + resolveSingularItem.getName() + ".");
                    }
                }
                throw new IllegalStateException((Throwable) e);
            }
        } catch (IllegalArgumentException e2) {
            throw new NotFoundException(e2.getMessage());
        }
    }

    private StorageObject resolveSingularItem(ObjectType objectType, String str, GoogleNamedAccountCredentials googleNamedAccountCredentials, Storage storage, String str2) {
        try {
            List items = ((Objects) storage.objects().list(str2).setPrefix(daoRoot(googleNamedAccountCredentials, objectType.getGroup()) + "/" + str).execute()).getItems();
            if (items == null || items.size() != 1) {
                throw new IllegalArgumentException("Unable to resolve singular " + String.valueOf(objectType) + " at " + daoRoot(googleNamedAccountCredentials, objectType.getGroup()) + "/" + str + ".");
            }
            return (StorageObject) items.get(0);
        } catch (IOException e) {
            throw new IllegalArgumentException("Could not fetch items from Google Cloud Storage: " + e.getMessage(), e);
        }
    }

    private <T> T deserialize(Storage storage, StorageObject storageObject, TypeReference<T> typeReference) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        storage.objects().get(storageObject.getBucket(), storageObject.getName()).executeMediaAndDownloadTo(byteArrayOutputStream);
        return (T) this.kayentaObjectMapper.readValue(byteArrayOutputStream.toString("UTF8"), typeReference);
    }

    public <T> void storeObject(String str, ObjectType objectType, String str2, T t, String str3, boolean z) {
        GoogleNamedAccountCredentials googleNamedAccountCredentials = (GoogleNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        Storage storage = googleNamedAccountCredentials.getStorage();
        String bucket = googleNamedAccountCredentials.getBucket();
        String keyToPath = keyToPath(googleNamedAccountCredentials, objectType, str2, str3);
        ensureBucketExists(str);
        long j = -1;
        String str4 = null;
        String str5 = null;
        StorageObject storageObject = null;
        if (objectType == ObjectType.CANARY_CONFIG) {
            j = this.canaryConfigIndex.getRedisTime();
            CanaryConfig canaryConfig = (CanaryConfig) t;
            checkForDuplicateCanaryConfig(canaryConfig, str2, googleNamedAccountCredentials);
            if (z) {
                storageObject = resolveSingularItem(objectType, str2, googleNamedAccountCredentials, storage, bucket);
            }
            str4 = UUID.randomUUID().toString();
            ImmutableMap build = new ImmutableMap.Builder().put("id", str2).put("name", canaryConfig.getName()).put("updatedTimestamp", Long.valueOf(j)).put("updatedTimestampIso", Instant.ofEpochMilli(j).toString()).put("applications", canaryConfig.getApplications()).build();
            try {
                str5 = this.kayentaObjectMapper.writeValueAsString(build);
                this.canaryConfigIndex.startPendingUpdate(googleNamedAccountCredentials, j, CanaryConfigIndexAction.UPDATE, str4, str5);
            } catch (JsonProcessingException e) {
                throw new IllegalArgumentException("Problem serializing canaryConfigSummary -> " + String.valueOf(build), e);
            }
        }
        try {
            storage.objects().insert(bucket, new StorageObject().setBucket(bucket).setName(keyToPath), new ByteArrayContent("application/json", this.kayentaObjectMapper.writeValueAsBytes(t))).execute();
            if (objectType == ObjectType.CANARY_CONFIG) {
                if (storageObject != null && !storageObject.getName().equals(keyToPath)) {
                    storage.objects().delete(bucket, storageObject.getName()).execute();
                }
                this.canaryConfigIndex.finishPendingUpdate(googleNamedAccountCredentials, CanaryConfigIndexAction.UPDATE, str4);
            }
        } catch (IOException e2) {
            log.error("Update failed on path {}: {}", keyToPath, e2);
            if (objectType == ObjectType.CANARY_CONFIG) {
                this.canaryConfigIndex.removeFailedPendingUpdate(googleNamedAccountCredentials, j, CanaryConfigIndexAction.UPDATE, str4, str5);
            }
            throw new IllegalArgumentException(e2);
        }
    }

    private void checkForDuplicateCanaryConfig(CanaryConfig canaryConfig, String str, GoogleNamedAccountCredentials googleNamedAccountCredentials) {
        String name = canaryConfig.getName();
        List applications = canaryConfig.getApplications();
        String idFromName = this.canaryConfigIndex.getIdFromName(googleNamedAccountCredentials, name, applications);
        if (!StringUtils.isEmpty(idFromName) && !idFromName.equals(str)) {
            throw new IllegalArgumentException("Canary config with name '" + name + "' already exists in the scope of applications " + String.valueOf(applications) + ".");
        }
    }

    public void deleteObject(String str, ObjectType objectType, String str2) {
        GoogleNamedAccountCredentials googleNamedAccountCredentials = (GoogleNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        Storage storage = googleNamedAccountCredentials.getStorage();
        String bucket = googleNamedAccountCredentials.getBucket();
        StorageObject resolveSingularItem = resolveSingularItem(objectType, str2, googleNamedAccountCredentials, storage, bucket);
        long j = -1;
        String str3 = null;
        String str4 = null;
        if (objectType == ObjectType.CANARY_CONFIG) {
            j = this.canaryConfigIndex.getRedisTime();
            Map summaryFromId = this.canaryConfigIndex.getSummaryFromId(googleNamedAccountCredentials, str2);
            if (summaryFromId != null) {
                String str5 = (String) summaryFromId.get("name");
                List list = (List) summaryFromId.get("applications");
                str3 = UUID.randomUUID().toString();
                ImmutableMap build = new ImmutableMap.Builder().put("id", str2).put("name", str5).put("updatedTimestamp", Long.valueOf(j)).put("updatedTimestampIso", Instant.ofEpochMilli(j).toString()).put("applications", list).build();
                try {
                    str4 = this.kayentaObjectMapper.writeValueAsString(build);
                    this.canaryConfigIndex.startPendingUpdate(googleNamedAccountCredentials, j, CanaryConfigIndexAction.DELETE, str3, str4);
                } catch (JsonProcessingException e) {
                    throw new IllegalArgumentException("Problem serializing canaryConfigSummary -> " + String.valueOf(build), e);
                }
            }
        }
        try {
            storage.objects().delete(bucket, resolveSingularItem.getName()).execute();
            if (str3 != null) {
                this.canaryConfigIndex.finishPendingUpdate(googleNamedAccountCredentials, CanaryConfigIndexAction.DELETE, str3);
            }
        } catch (IOException e2) {
            log.error("Failed to delete path {}: {}", resolveSingularItem.getName(), e2);
            if (str3 != null) {
                this.canaryConfigIndex.removeFailedPendingUpdate(googleNamedAccountCredentials, j, CanaryConfigIndexAction.DELETE, str3, str4);
            }
            throw new IllegalArgumentException(e2);
        } catch (HttpResponseException e3) {
            if (e3.getStatusCode() != 404) {
                if (str3 != null) {
                    this.canaryConfigIndex.removeFailedPendingUpdate(googleNamedAccountCredentials, j, CanaryConfigIndexAction.DELETE, str3, str4);
                }
                throw new IllegalArgumentException((Throwable) e3);
            }
            if (str3 != null) {
                this.canaryConfigIndex.finishPendingUpdate(googleNamedAccountCredentials, CanaryConfigIndexAction.DELETE, str3);
            }
        }
    }

    public List<Map<String, Object>> listObjectKeys(String str, ObjectType objectType, List<String> list, boolean z) {
        Objects objects;
        GoogleNamedAccountCredentials googleNamedAccountCredentials = (GoogleNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        if (!z && objectType == ObjectType.CANARY_CONFIG) {
            return Lists.newArrayList(this.canaryConfigIndex.getCanaryConfigSummarySet(googleNamedAccountCredentials, list));
        }
        Storage storage = googleNamedAccountCredentials.getStorage();
        String bucket = googleNamedAccountCredentials.getBucket();
        String daoRoot = daoRoot(googleNamedAccountCredentials, objectType.getGroup());
        ensureBucketExists(str);
        int length = daoRoot.length() + 1;
        ArrayList arrayList = new ArrayList();
        log.debug("Listing {}", objectType.getGroup());
        try {
            Storage.Objects.List prefix = storage.objects().list(bucket).setPrefix(daoRoot);
            do {
                objects = (Objects) prefix.execute();
                List<StorageObject> items = objects.getItems();
                if (items != null) {
                    for (StorageObject storageObject : items) {
                        String name = storageObject.getName();
                        int lastIndexOf = name.lastIndexOf("/");
                        HashMap hashMap = new HashMap();
                        long value = storageObject.getUpdated().getValue();
                        hashMap.put("id", name.substring(length, lastIndexOf));
                        hashMap.put("updatedTimestamp", Long.valueOf(value));
                        hashMap.put("updatedTimestampIso", Instant.ofEpochMilli(value).toString());
                        if (objectType == ObjectType.CANARY_CONFIG) {
                            String substring = name.substring(lastIndexOf + 1);
                            if (substring.endsWith(".json")) {
                                substring = substring.substring(0, substring.length() - 5);
                            }
                            hashMap.put("name", substring);
                        }
                        arrayList.add(hashMap);
                    }
                }
                prefix.setPageToken(objects.getNextPageToken());
            } while (objects.getNextPageToken() != null);
        } catch (IOException e) {
            log.error("Could not fetch items from Google Cloud Storage: {}", e);
        }
        return arrayList;
    }

    private String daoRoot(GoogleNamedAccountCredentials googleNamedAccountCredentials, String str) {
        return googleNamedAccountCredentials.getRootFolder() + "/" + str;
    }

    private String keyToPath(GoogleNamedAccountCredentials googleNamedAccountCredentials, ObjectType objectType, String str, String str2) {
        if (str2 == null) {
            str2 = objectType.getDefaultFilename();
        }
        return daoRoot(googleNamedAccountCredentials, objectType.getGroup()) + "/" + str + "/" + str2;
    }

    GcsStorageService(ObjectMapper objectMapper, List<String> list, AccountCredentialsRepository accountCredentialsRepository, CanaryConfigIndex canaryConfigIndex) {
        this.kayentaObjectMapper = objectMapper;
        this.accountNames = list;
        this.accountCredentialsRepository = accountCredentialsRepository;
        this.canaryConfigIndex = canaryConfigIndex;
    }

    public static GcsStorageServiceBuilder builder() {
        return new GcsStorageServiceBuilder();
    }

    public List<String> getAccountNames() {
        return this.accountNames;
    }
}
