package io.dekorate.certmanager.decorator;

import io.dekorate.certmanager.annotation.PrivateKeyAlgorithm;
import io.dekorate.certmanager.annotation.PrivateKeyEncoding;
import io.dekorate.certmanager.annotation.RotationPolicy;
import io.dekorate.certmanager.config.CertificateConfig;
import io.dekorate.certmanager.config.IssuerRef;
import io.dekorate.certmanager.config.LocalObjectReference;
import io.dekorate.certmanager.config.Subject;
import io.dekorate.kubernetes.decorator.Decorator;
import io.dekorate.kubernetes.decorator.ResourceProvidingDecorator;
import io.dekorate.utils.Strings;
import io.fabric8.certmanager.api.model.meta.v1.ObjectReference;
import io.fabric8.certmanager.api.model.meta.v1.ObjectReferenceBuilder;
import io.fabric8.certmanager.api.model.meta.v1.SecretKeySelector;
import io.fabric8.certmanager.api.model.meta.v1.SecretKeySelectorBuilder;
import io.fabric8.certmanager.api.model.v1.CertificateBuilder;
import io.fabric8.certmanager.api.model.v1.CertificateFluent;
import io.fabric8.certmanager.api.model.v1.CertificateKeystores;
import io.fabric8.certmanager.api.model.v1.CertificateKeystoresBuilder;
import io.fabric8.certmanager.api.model.v1.CertificatePrivateKey;
import io.fabric8.certmanager.api.model.v1.CertificatePrivateKeyBuilder;
import io.fabric8.certmanager.api.model.v1.CertificateSpecFluent;
import io.fabric8.certmanager.api.model.v1.X509Subject;
import io.fabric8.certmanager.api.model.v1.X509SubjectBuilder;
import io.fabric8.kubernetes.api.model.Duration;
import io.fabric8.kubernetes.api.model.HasMetadata;
import io.fabric8.kubernetes.api.model.KubernetesListBuilder;
import io.sundr.model.Node;
import java.text.ParseException;
import java.util.Optional;

/* loaded from: input_file:BOOT-INF/lib/certmanager-annotations-3.5.3.jar:io/dekorate/certmanager/decorator/AddCertificateResourceDecorator.class */
public class AddCertificateResourceDecorator extends ResourceProvidingDecorator<KubernetesListBuilder> {
    private final CertificateConfig config;

    public AddCertificateResourceDecorator(CertificateConfig certificateConfig) {
        this.config = certificateConfig;
    }

    @Override // io.fabric8.kubernetes.api.builder.Visitor
    public void visit(KubernetesListBuilder kubernetesListBuilder) {
        HasMetadata mandatoryDeploymentHasMetadata = getMandatoryDeploymentHasMetadata(kubernetesListBuilder, ANY);
        CertificateBuilder certificateBuilder = new CertificateBuilder();
        certificateBuilder.withNewMetadata().withName(getName(mandatoryDeploymentHasMetadata)).withNamespace(mandatoryDeploymentHasMetadata.getMetadata().getNamespace()).endMetadata();
        CertificateFluent.SpecNested withSecretName = certificateBuilder.withNewSpec().withSecretName(this.config.getSecretName());
        if (this.config.getIssuerRef() != null) {
            withSecretName.withIssuerRef(toIssuerRef(this.config.getIssuerRef()));
        } else {
            ((CertificateSpecFluent.IssuerRefNested) withSecretName.withNewIssuerRef().withName(getName(mandatoryDeploymentHasMetadata))).endIssuerRef();
        }
        Optional map = Optional.ofNullable(this.config.getSubject()).map(this::toSubject);
        withSecretName.getClass();
        map.ifPresent(withSecretName::withSubject);
        Optional ofNullable = Optional.ofNullable(this.config.getCommonName());
        withSecretName.getClass();
        ofNullable.ifPresent(withSecretName::withCommonName);
        Optional map2 = Optional.ofNullable(this.config.getDuration()).map(this::toDuration);
        withSecretName.getClass();
        map2.ifPresent(withSecretName::withDuration);
        Optional map3 = Optional.ofNullable(this.config.getRenewBefore()).map(this::toDuration);
        withSecretName.getClass();
        map3.ifPresent(withSecretName::withRenewBefore);
        Optional ofNullable2 = Optional.ofNullable(this.config.getDnsNames());
        withSecretName.getClass();
        ofNullable2.ifPresent(withSecretName::withDnsNames);
        Optional ofNullable3 = Optional.ofNullable(this.config.getIpAddresses());
        withSecretName.getClass();
        ofNullable3.ifPresent(withSecretName::withIpAddresses);
        Optional ofNullable4 = Optional.ofNullable(this.config.getUris());
        withSecretName.getClass();
        ofNullable4.ifPresent(withSecretName::withUris);
        Optional ofNullable5 = Optional.ofNullable(this.config.getEmailAddresses());
        withSecretName.getClass();
        ofNullable5.ifPresent(withSecretName::withEmailAddresses);
        Optional ofNullable6 = Optional.ofNullable(this.config.getUsages());
        withSecretName.getClass();
        ofNullable6.ifPresent(withSecretName::withUsages);
        Optional map4 = Optional.ofNullable(this.config.getKeystores()).map(this::toCertificateKeystores);
        withSecretName.getClass();
        map4.ifPresent(withSecretName::withKeystores);
        Optional ofNullable7 = Optional.ofNullable(this.config.getIsCA());
        withSecretName.getClass();
        ofNullable7.ifPresent(withSecretName::withIsCA);
        Optional map5 = Optional.ofNullable(this.config.getPrivateKey()).map(this::toPrivateKey);
        withSecretName.getClass();
        map5.ifPresent(withSecretName::withPrivateKey);
        Optional ofNullable8 = Optional.ofNullable(this.config.getEncodeUsagesInRequest());
        withSecretName.getClass();
        ofNullable8.ifPresent(withSecretName::withEncodeUsagesInRequest);
        kubernetesListBuilder.addToItems(((CertificateBuilder) withSecretName.endSpec()).build());
    }

    private CertificatePrivateKey toPrivateKey(io.dekorate.certmanager.config.CertificatePrivateKey certificatePrivateKey) {
        CertificatePrivateKeyBuilder certificatePrivateKeyBuilder = new CertificatePrivateKeyBuilder();
        if (certificatePrivateKey.getRotationPolicy() != null && certificatePrivateKey.getRotationPolicy() != RotationPolicy.Unset) {
            certificatePrivateKeyBuilder.withRotationPolicy(certificatePrivateKey.getRotationPolicy().name());
        }
        if (certificatePrivateKey.getAlgorithm() != null && certificatePrivateKey.getAlgorithm() != PrivateKeyAlgorithm.Unset) {
            certificatePrivateKeyBuilder.withAlgorithm(certificatePrivateKey.getAlgorithm().name());
        }
        if (certificatePrivateKey.getEncoding() != null && certificatePrivateKey.getEncoding() != PrivateKeyEncoding.Unset) {
            certificatePrivateKeyBuilder.withEncoding(certificatePrivateKey.getEncoding().name());
        }
        if (certificatePrivateKey.getSize().intValue() >= 0) {
            certificatePrivateKeyBuilder.withSize(certificatePrivateKey.getSize());
        }
        return certificatePrivateKeyBuilder.build();
    }

    private CertificateKeystores toCertificateKeystores(io.dekorate.certmanager.config.CertificateKeystores certificateKeystores) {
        CertificateKeystoresBuilder certificateKeystoresBuilder = new CertificateKeystoresBuilder();
        if (certificateKeystores.getJks() != null) {
            certificateKeystoresBuilder.withNewJks().withCreate(certificateKeystores.getJks().getCreate()).withPasswordSecretRef(toSecretKeySelector(certificateKeystores.getJks().getPasswordSecretRef())).endJks();
        }
        if (certificateKeystores.getPkcs12() != null) {
            certificateKeystoresBuilder.withNewPkcs12().withCreate(certificateKeystores.getPkcs12().getCreate()).withPasswordSecretRef(toSecretKeySelector(certificateKeystores.getPkcs12().getPasswordSecretRef())).endPkcs12();
        }
        return certificateKeystoresBuilder.build();
    }

    private SecretKeySelector toSecretKeySelector(LocalObjectReference localObjectReference) {
        if (localObjectReference == null) {
            return null;
        }
        SecretKeySelectorBuilder secretKeySelectorBuilder = new SecretKeySelectorBuilder();
        secretKeySelectorBuilder.withName(localObjectReference.getName());
        secretKeySelectorBuilder.withKey(localObjectReference.getKey());
        return secretKeySelectorBuilder.build();
    }

    private Duration toDuration(String str) {
        try {
            return Duration.parse(str);
        } catch (ParseException e) {
            throw new IllegalArgumentException("Wrong duration format '" + str + Node.Q, e);
        }
    }

    private ObjectReference toIssuerRef(IssuerRef issuerRef) {
        ObjectReferenceBuilder objectReferenceBuilder = new ObjectReferenceBuilder();
        objectReferenceBuilder.withName(issuerRef.getName());
        if (Strings.isNotNullOrEmpty(issuerRef.getKind())) {
            objectReferenceBuilder.withKind(issuerRef.getKind());
        }
        if (Strings.isNotNullOrEmpty(issuerRef.getGroup())) {
            objectReferenceBuilder.withGroup(issuerRef.getGroup());
        }
        return objectReferenceBuilder.build();
    }

    private X509Subject toSubject(Subject subject) {
        X509SubjectBuilder x509SubjectBuilder = new X509SubjectBuilder();
        Optional ofNullable = Optional.ofNullable(subject.getCountries());
        x509SubjectBuilder.getClass();
        ofNullable.ifPresent(x509SubjectBuilder::withCountries);
        Optional ofNullable2 = Optional.ofNullable(subject.getLocalities());
        x509SubjectBuilder.getClass();
        ofNullable2.ifPresent(x509SubjectBuilder::withLocalities);
        Optional ofNullable3 = Optional.ofNullable(subject.getOrganizationalUnits());
        x509SubjectBuilder.getClass();
        ofNullable3.ifPresent(x509SubjectBuilder::withOrganizationalUnits);
        Optional ofNullable4 = Optional.ofNullable(subject.getOrganizations());
        x509SubjectBuilder.getClass();
        ofNullable4.ifPresent(x509SubjectBuilder::withOrganizations);
        Optional ofNullable5 = Optional.ofNullable(subject.getProvinces());
        x509SubjectBuilder.getClass();
        ofNullable5.ifPresent(x509SubjectBuilder::withProvinces);
        Optional ofNullable6 = Optional.ofNullable(subject.getPostalCodes());
        x509SubjectBuilder.getClass();
        ofNullable6.ifPresent(x509SubjectBuilder::withPostalCodes);
        Optional ofNullable7 = Optional.ofNullable(subject.getSerialNumber());
        x509SubjectBuilder.getClass();
        ofNullable7.ifPresent(x509SubjectBuilder::withSerialNumber);
        Optional ofNullable8 = Optional.ofNullable(subject.getStreetAddresses());
        x509SubjectBuilder.getClass();
        ofNullable8.ifPresent(x509SubjectBuilder::withStreetAddresses);
        return x509SubjectBuilder.build();
    }

    @Override // io.dekorate.kubernetes.decorator.Decorator
    public Class<? extends Decorator>[] after() {
        return new Class[]{ResourceProvidingDecorator.class};
    }

    private String getName(HasMetadata hasMetadata) {
        return Strings.isNullOrEmpty(this.config.getName()) ? hasMetadata.getMetadata().getName() : this.config.getName();
    }
}
