package com.netflix.kayenta.s3.storage;

import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.model.AmazonS3Exception;
import com.amazonaws.services.s3.model.HeadBucketRequest;
import com.amazonaws.services.s3.model.ListObjectsRequest;
import com.amazonaws.services.s3.model.ObjectListing;
import com.amazonaws.services.s3.model.ObjectMetadata;
import com.amazonaws.services.s3.model.S3Object;
import com.amazonaws.services.s3.model.S3ObjectSummary;
import com.amazonaws.util.StringUtils;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.netflix.kayenta.aws.security.AwsNamedAccountCredentials;
import com.netflix.kayenta.canary.CanaryConfig;
import com.netflix.kayenta.index.CanaryConfigIndex;
import com.netflix.kayenta.index.config.CanaryConfigIndexAction;
import com.netflix.kayenta.security.AccountCredentialsRepository;
import com.netflix.kayenta.storage.ObjectType;
import com.netflix.kayenta.storage.StorageService;
import com.netflix.kayenta.util.Retry;
import com.netflix.spinnaker.kork.web.exceptions.NotFoundException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.validation.constraints.NotNull;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/netflix/kayenta/s3/storage/S3StorageService.class */
public class S3StorageService implements StorageService {
    private static final Logger log = LoggerFactory.getLogger(S3StorageService.class);

    @NotNull
    private ObjectMapper objectMapper;

    @NotNull
    private List<String> accountNames;

    @Autowired
    AccountCredentialsRepository accountCredentialsRepository;

    @Autowired
    CanaryConfigIndex canaryConfigIndex;
    public final int MAX_RETRIES = 10;
    public final long RETRY_BACKOFF = 1000;
    private final Retry retry = new Retry();

    /* loaded from: input_file:com/netflix/kayenta/s3/storage/S3StorageService$S3StorageServiceBuilder.class */
    public static class S3StorageServiceBuilder {
        private ObjectMapper objectMapper;
        private ArrayList<String> accountNames;
        private AccountCredentialsRepository accountCredentialsRepository;
        private CanaryConfigIndex canaryConfigIndex;

        S3StorageServiceBuilder() {
        }

        public S3StorageServiceBuilder objectMapper(ObjectMapper objectMapper) {
            this.objectMapper = objectMapper;
            return this;
        }

        public S3StorageServiceBuilder accountName(String str) {
            if (this.accountNames == null) {
                this.accountNames = new ArrayList<>();
            }
            this.accountNames.add(str);
            return this;
        }

        public S3StorageServiceBuilder accountNames(Collection<? extends String> collection) {
            if (collection == null) {
                throw new IllegalArgumentException("accountNames cannot be null");
            }
            if (this.accountNames == null) {
                this.accountNames = new ArrayList<>();
            }
            this.accountNames.addAll(collection);
            return this;
        }

        public S3StorageServiceBuilder clearAccountNames() {
            if (this.accountNames != null) {
                this.accountNames.clear();
            }
            return this;
        }

        public S3StorageServiceBuilder accountCredentialsRepository(AccountCredentialsRepository accountCredentialsRepository) {
            this.accountCredentialsRepository = accountCredentialsRepository;
            return this;
        }

        public S3StorageServiceBuilder canaryConfigIndex(CanaryConfigIndex canaryConfigIndex) {
            this.canaryConfigIndex = canaryConfigIndex;
            return this;
        }

        public S3StorageService build() {
            List unmodifiableList;
            switch (this.accountNames == null ? 0 : this.accountNames.size()) {
                case 0:
                    unmodifiableList = Collections.emptyList();
                    break;
                case 1:
                    unmodifiableList = Collections.singletonList(this.accountNames.get(0));
                    break;
                default:
                    unmodifiableList = Collections.unmodifiableList(new ArrayList(this.accountNames));
                    break;
            }
            return new S3StorageService(this.objectMapper, unmodifiableList, this.accountCredentialsRepository, this.canaryConfigIndex);
        }

        public String toString() {
            return "S3StorageService.S3StorageServiceBuilder(objectMapper=" + this.objectMapper + ", accountNames=" + this.accountNames + ", accountCredentialsRepository=" + this.accountCredentialsRepository + ", canaryConfigIndex=" + this.canaryConfigIndex + ")";
        }
    }

    public boolean servicesAccount(String str) {
        return this.accountNames.contains(str);
    }

    public void ensureBucketExists(String str) {
        AwsNamedAccountCredentials requiredOne = this.accountCredentialsRepository.getRequiredOne(str);
        AmazonS3 amazonS3 = requiredOne.getAmazonS3();
        String bucket = requiredOne.getBucket();
        String region = requiredOne.getRegion();
        try {
            amazonS3.headBucket(new HeadBucketRequest(bucket));
        } catch (AmazonServiceException e) {
            if (e.getStatusCode() != 404) {
                log.error("Could not create bucket {}: {}", bucket, e);
                throw e;
            }
            if (StringUtils.isNullOrEmpty(region)) {
                log.warn("Bucket {} does not exist. Creating it in default region.", bucket);
                amazonS3.createBucket(bucket);
            } else {
                log.warn("Bucket {} does not exist. Creating it in region {}.", bucket, region);
                amazonS3.createBucket(bucket, region);
            }
        }
    }

    public <T> T loadObject(String str, ObjectType objectType, String str2) throws IllegalArgumentException, NotFoundException {
        AwsNamedAccountCredentials awsNamedAccountCredentials = (AwsNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        AmazonS3 amazonS3 = awsNamedAccountCredentials.getAmazonS3();
        String bucket = awsNamedAccountCredentials.getBucket();
        try {
            String resolveSingularPath = resolveSingularPath(objectType, str2, awsNamedAccountCredentials, amazonS3, bucket);
            try {
                return (T) deserialize(amazonS3.getObject(bucket, resolveSingularPath), objectType.getTypeReference());
            } catch (AmazonS3Exception e) {
                log.error("Failed to load {} {}: {}", new Object[]{objectType.getGroup(), str2, Integer.valueOf(e.getStatusCode())});
                if (e.getStatusCode() == 404) {
                    throw new NotFoundException("No file at path " + resolveSingularPath + ".");
                }
                throw e;
            } catch (IOException e2) {
                throw new IllegalStateException("Unable to deserialize object (key: " + str2 + ")", e2);
            }
        } catch (IllegalArgumentException e3) {
            throw new NotFoundException(e3.getMessage());
        }
    }

    private String resolveSingularPath(ObjectType objectType, String str, AwsNamedAccountCredentials awsNamedAccountCredentials, AmazonS3 amazonS3, String str2) {
        List objectSummaries = amazonS3.listObjects(new ListObjectsRequest(str2, daoRoot(awsNamedAccountCredentials, objectType.getGroup()) + "/" + str, (String) null, (String) null, 10000)).getObjectSummaries();
        if (objectSummaries == null || objectSummaries.size() != 1) {
            throw new IllegalArgumentException("Unable to resolve singular " + objectType + " at " + daoRoot(awsNamedAccountCredentials, objectType.getGroup()) + "/" + str + ".");
        }
        return ((S3ObjectSummary) objectSummaries.get(0)).getKey();
    }

    private <T> T deserialize(S3Object s3Object, TypeReference<T> typeReference) throws IOException {
        return (T) this.objectMapper.readValue(s3Object.getObjectContent(), typeReference);
    }

    public <T> void storeObject(String str, ObjectType objectType, String str2, T t, String str3, boolean z) {
        String str4;
        AwsNamedAccountCredentials awsNamedAccountCredentials = (AwsNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        AmazonS3 amazonS3 = awsNamedAccountCredentials.getAmazonS3();
        String bucket = awsNamedAccountCredentials.getBucket();
        String group = objectType.getGroup();
        String buildS3Key = buildS3Key(awsNamedAccountCredentials, objectType, group, str2, str3);
        ensureBucketExists(str);
        long j = -1;
        String str5 = null;
        String str6 = null;
        if (objectType == ObjectType.CANARY_CONFIG) {
            j = this.canaryConfigIndex.getRedisTime();
            CanaryConfig canaryConfig = (CanaryConfig) t;
            checkForDuplicateCanaryConfig(canaryConfig, str2, awsNamedAccountCredentials);
            str4 = z ? resolveSingularPath(objectType, str2, awsNamedAccountCredentials, amazonS3, bucket) : null;
            str5 = UUID.randomUUID().toString();
            ImmutableMap build = new ImmutableMap.Builder().put("id", str2).put("name", canaryConfig.getName()).put("updatedTimestamp", Long.valueOf(j)).put("updatedTimestampIso", Instant.ofEpochMilli(j).toString()).put("applications", canaryConfig.getApplications()).build();
            try {
                str6 = this.objectMapper.writeValueAsString(build);
                this.canaryConfigIndex.startPendingUpdate(awsNamedAccountCredentials, j, CanaryConfigIndexAction.UPDATE, str5, str6);
            } catch (JsonProcessingException e) {
                throw new IllegalArgumentException("Problem serializing canaryConfigSummary -> " + build, e);
            }
        } else {
            str4 = null;
        }
        try {
            byte[] writeValueAsBytes = this.objectMapper.writeValueAsBytes(t);
            ObjectMetadata objectMetadata = new ObjectMetadata();
            objectMetadata.setContentLength(writeValueAsBytes.length);
            objectMetadata.setContentMD5(new String(Base64.encodeBase64(DigestUtils.md5(writeValueAsBytes))));
            this.retry.retry(() -> {
                return amazonS3.putObject(bucket, buildS3Key, new ByteArrayInputStream(writeValueAsBytes), objectMetadata);
            }, 10, 1000L);
            if (objectType == ObjectType.CANARY_CONFIG) {
                if (str4 != null && !str4.equals(buildS3Key)) {
                    String str7 = str4;
                    this.retry.retry(() -> {
                        amazonS3.deleteObject(bucket, str7);
                    }, 10, 1000L);
                }
                this.canaryConfigIndex.finishPendingUpdate(awsNamedAccountCredentials, CanaryConfigIndexAction.UPDATE, str5);
            }
        } catch (Exception e2) {
            log.error("Update failed on path {}: {}", buildTypedFolder(awsNamedAccountCredentials, group), e2);
            if (objectType == ObjectType.CANARY_CONFIG) {
                this.canaryConfigIndex.removeFailedPendingUpdate(awsNamedAccountCredentials, j, CanaryConfigIndexAction.UPDATE, str5, str6);
            }
            throw new IllegalArgumentException(e2);
        }
    }

    private void checkForDuplicateCanaryConfig(CanaryConfig canaryConfig, String str, AwsNamedAccountCredentials awsNamedAccountCredentials) {
        String name = canaryConfig.getName();
        List applications = canaryConfig.getApplications();
        String idFromName = this.canaryConfigIndex.getIdFromName(awsNamedAccountCredentials, name, applications);
        if (!org.springframework.util.StringUtils.isEmpty(idFromName) && !idFromName.equals(str)) {
            throw new IllegalArgumentException("Canary config with name '" + name + "' already exists in the scope of applications " + applications + ".");
        }
    }

    public void deleteObject(String str, ObjectType objectType, String str2) {
        AwsNamedAccountCredentials awsNamedAccountCredentials = (AwsNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        AmazonS3 amazonS3 = awsNamedAccountCredentials.getAmazonS3();
        String bucket = awsNamedAccountCredentials.getBucket();
        String resolveSingularPath = resolveSingularPath(objectType, str2, awsNamedAccountCredentials, amazonS3, bucket);
        long j = -1;
        String str3 = null;
        String str4 = null;
        if (objectType == ObjectType.CANARY_CONFIG) {
            j = this.canaryConfigIndex.getRedisTime();
            Map summaryFromId = this.canaryConfigIndex.getSummaryFromId(awsNamedAccountCredentials, str2);
            if (summaryFromId != null) {
                String str5 = (String) summaryFromId.get("name");
                List list = (List) summaryFromId.get("applications");
                str3 = UUID.randomUUID().toString();
                ImmutableMap build = new ImmutableMap.Builder().put("id", str2).put("name", str5).put("updatedTimestamp", Long.valueOf(j)).put("updatedTimestampIso", Instant.ofEpochMilli(j).toString()).put("applications", list).build();
                try {
                    str4 = this.objectMapper.writeValueAsString(build);
                    this.canaryConfigIndex.startPendingUpdate(awsNamedAccountCredentials, j, CanaryConfigIndexAction.DELETE, str3, str4);
                } catch (JsonProcessingException e) {
                    throw new IllegalArgumentException("Problem serializing canaryConfigSummary -> " + build, e);
                }
            }
        }
        try {
            this.retry.retry(() -> {
                amazonS3.deleteObject(bucket, resolveSingularPath);
            }, 10, 1000L);
            if (str3 != null) {
                this.canaryConfigIndex.finishPendingUpdate(awsNamedAccountCredentials, CanaryConfigIndexAction.DELETE, str3);
            }
        } catch (Exception e2) {
            log.error("Failed to delete path {}: {}", resolveSingularPath, e2);
            if (str3 != null) {
                this.canaryConfigIndex.removeFailedPendingUpdate(awsNamedAccountCredentials, j, CanaryConfigIndexAction.DELETE, str3, str4);
            }
            throw new IllegalArgumentException(e2);
        }
    }

    public List<Map<String, Object>> listObjectKeys(String str, ObjectType objectType, List<String> list, boolean z) {
        AwsNamedAccountCredentials awsNamedAccountCredentials = (AwsNamedAccountCredentials) this.accountCredentialsRepository.getRequiredOne(str);
        if (!z && objectType == ObjectType.CANARY_CONFIG) {
            return Lists.newArrayList(this.canaryConfigIndex.getCanaryConfigSummarySet(awsNamedAccountCredentials, list));
        }
        AmazonS3 amazonS3 = awsNamedAccountCredentials.getAmazonS3();
        String bucket = awsNamedAccountCredentials.getBucket();
        String group = objectType.getGroup();
        String buildTypedFolder = buildTypedFolder(awsNamedAccountCredentials, group);
        ensureBucketExists(str);
        int length = buildTypedFolder.length() + 1;
        ArrayList arrayList = new ArrayList();
        log.debug("Listing {}", group);
        ObjectListing listObjects = amazonS3.listObjects(new ListObjectsRequest(bucket, buildTypedFolder, (String) null, (String) null, 10000));
        List<S3ObjectSummary> objectSummaries = listObjects.getObjectSummaries();
        while (listObjects.isTruncated()) {
            listObjects = amazonS3.listNextBatchOfObjects(listObjects);
            objectSummaries.addAll(listObjects.getObjectSummaries());
        }
        if (objectSummaries != null) {
            for (S3ObjectSummary s3ObjectSummary : objectSummaries) {
                String key = s3ObjectSummary.getKey();
                int lastIndexOf = key.lastIndexOf("/");
                HashMap hashMap = new HashMap();
                long time = s3ObjectSummary.getLastModified().getTime();
                hashMap.put("id", key.substring(length, lastIndexOf));
                hashMap.put("updatedTimestamp", Long.valueOf(time));
                hashMap.put("updatedTimestampIso", Instant.ofEpochMilli(time).toString());
                if (objectType == ObjectType.CANARY_CONFIG) {
                    String substring = key.substring(lastIndexOf + 1);
                    if (substring.endsWith(".json")) {
                        substring = substring.substring(0, substring.length() - 5);
                    }
                    hashMap.put("name", substring);
                }
                arrayList.add(hashMap);
            }
        }
        return arrayList;
    }

    private String daoRoot(AwsNamedAccountCredentials awsNamedAccountCredentials, String str) {
        return awsNamedAccountCredentials.getRootFolder() + "/" + str;
    }

    private String buildS3Key(AwsNamedAccountCredentials awsNamedAccountCredentials, ObjectType objectType, String str, String str2, String str3) {
        if (str3 == null) {
            str3 = objectType.getDefaultFilename();
        }
        return str2.endsWith(str3) ? str2 : (buildTypedFolder(awsNamedAccountCredentials, str) + "/" + str2 + "/" + str3).replace("//", "/");
    }

    private String buildTypedFolder(AwsNamedAccountCredentials awsNamedAccountCredentials, String str) {
        return daoRoot(awsNamedAccountCredentials, str).replaceAll("//", "/");
    }

    S3StorageService(ObjectMapper objectMapper, List<String> list, AccountCredentialsRepository accountCredentialsRepository, CanaryConfigIndex canaryConfigIndex) {
        this.objectMapper = objectMapper;
        this.accountNames = list;
        this.accountCredentialsRepository = accountCredentialsRepository;
        this.canaryConfigIndex = canaryConfigIndex;
    }

    public static S3StorageServiceBuilder builder() {
        return new S3StorageServiceBuilder();
    }

    public List<String> getAccountNames() {
        return this.accountNames;
    }
}
