package io.dekorate.certmanager.manifest;

import io.dekorate.ConfigurationRegistry;
import io.dekorate.Logger;
import io.dekorate.LoggerFactory;
import io.dekorate.ManifestGenerator;
import io.dekorate.ResourceRegistry;
import io.dekorate.certmanager.config.CertificateConfig;
import io.dekorate.certmanager.config.EditableCertificateConfig;
import io.dekorate.certmanager.decorator.AddCaIssuerResourceDecorator;
import io.dekorate.certmanager.decorator.AddCertificateResourceDecorator;
import io.dekorate.certmanager.decorator.AddSelfSignedIssuerResourceDecorator;
import io.dekorate.certmanager.decorator.AddVaultIssuerResourceDecorator;
import io.dekorate.kubernetes.config.BaseConfig;
import io.dekorate.kubernetes.config.Configuration;
import io.dekorate.kubernetes.config.MountBuilder;
import io.dekorate.kubernetes.config.SecretVolumeBuilder;
import io.dekorate.kubernetes.decorator.AddMountDecorator;
import io.dekorate.kubernetes.decorator.AddSecretVolumeDecorator;
import io.dekorate.utils.Strings;
import java.util.Objects;
import java.util.stream.Stream;

/* loaded from: input_file:BOOT-INF/lib/certmanager-annotations-4.1.4.jar:io/dekorate/certmanager/manifest/CertificateResourceGenerator.class */
public class CertificateResourceGenerator implements ManifestGenerator<CertificateConfig> {
    private static final String DEFAULT_VOLUME_NAME = "volume-certs";
    private static final String DEFAULT_VOLUME_MOUNT_PATH = "/etc/certs";
    private final ResourceRegistry resourceRegistry;
    private final ConfigurationRegistry configurationRegistry;
    private static final String CERTIFICATE = "certificate";
    private final Logger LOGGER = LoggerFactory.getLogger();

    public CertificateResourceGenerator(ResourceRegistry resourceRegistry, ConfigurationRegistry configurationRegistry) {
        this.resourceRegistry = resourceRegistry;
        this.configurationRegistry = configurationRegistry;
    }

    @Override // io.dekorate.ManifestGenerator
    public int order() {
        return 600;
    }

    @Override // io.dekorate.ManifestGenerator
    public String getKey() {
        return "certificate";
    }

    @Override // io.dekorate.ManifestGenerator
    public boolean accepts(Class<? extends Configuration> cls) {
        return cls.equals(CertificateConfig.class) || cls.equals(EditableCertificateConfig.class);
    }

    @Override // io.dekorate.ManifestGenerator
    public void generate(CertificateConfig certificateConfig) {
        this.LOGGER.info("Processing certificate config.");
        validate(certificateConfig);
        String defaultIfEmpty = Strings.defaultIfEmpty(certificateConfig.getName(), (String) this.configurationRegistry.get(BaseConfig.class).map((v0) -> {
            return v0.getName();
        }).orElse(certificateConfig.getProject().getBuildInfo().getName()));
        if (certificateConfig.getVault() != null) {
            this.resourceRegistry.decorate(new AddVaultIssuerResourceDecorator(certificateConfig.getVault(), defaultIfEmpty));
        }
        if (certificateConfig.getCa() != null) {
            this.resourceRegistry.decorate(new AddCaIssuerResourceDecorator(certificateConfig.getCa(), defaultIfEmpty));
        }
        if (certificateConfig.getSelfSigned() != null) {
            this.resourceRegistry.decorate(new AddSelfSignedIssuerResourceDecorator(certificateConfig.getSelfSigned(), defaultIfEmpty));
        }
        this.resourceRegistry.decorate(new AddCertificateResourceDecorator(defaultIfEmpty, certificateConfig));
        String defaultIfEmpty2 = Strings.defaultIfEmpty(certificateConfig.getName(), DEFAULT_VOLUME_NAME);
        this.resourceRegistry.decorate(new AddMountDecorator(new MountBuilder().withName(Strings.defaultIfEmpty(certificateConfig.getName(), DEFAULT_VOLUME_NAME)).withPath(Strings.defaultIfEmpty(certificateConfig.getVolumeMountPath(), DEFAULT_VOLUME_MOUNT_PATH)).withReadOnly(true).build()));
        this.resourceRegistry.decorate(new AddSecretVolumeDecorator(new SecretVolumeBuilder().withSecretName(certificateConfig.getSecretName()).withVolumeName(defaultIfEmpty2).build()));
    }

    public void validate(CertificateConfig certificateConfig) {
        Object[] allIssuers = getAllIssuers(certificateConfig);
        if (noneIssuerIsSet(allIssuers)) {
            throw new IllegalArgumentException("No issuer has been set in the certificate");
        }
        if (moreThanOneIssuerIsSet(allIssuers)) {
            throw new IllegalArgumentException("More then one issuer have been set in the certificate");
        }
    }

    private Object[] getAllIssuers(CertificateConfig certificateConfig) {
        return new Object[]{certificateConfig.getIssuerRef(), certificateConfig.getCa(), certificateConfig.getVault(), certificateConfig.getSelfSigned()};
    }

    private boolean moreThanOneIssuerIsSet(Object... objArr) {
        return Stream.of(objArr).filter(Objects::nonNull).count() > 1;
    }

    private boolean noneIssuerIsSet(Object... objArr) {
        return Stream.of(objArr).noneMatch(Objects::nonNull);
    }
}
