package org.codingmatters.poom.ci.runners.pipeline.executors;

import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonParser;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import javax.crypto.NoSuchPaddingException;
import org.codingmatters.poom.ci.ciphering.DataUncipherer;
import org.codingmatters.poom.ci.ciphering.descriptors.CipheredData;
import org.codingmatters.poom.ci.ciphering.descriptors.json.CipheredDataReader;
import org.codingmatters.poom.ci.pipeline.PipelineScript;
import org.codingmatters.poom.ci.pipeline.api.types.StageTermination;
import org.codingmatters.poom.ci.pipeline.descriptors.Secret;
import org.codingmatters.poom.ci.pipeline.descriptors.StageHolder;
import org.codingmatters.poom.ci.pipeline.stage.OnlyWhenParsingException;
import org.codingmatters.poom.ci.pipeline.stage.OnlyWhenProcessor;
import org.codingmatters.poom.ci.runners.pipeline.PipelineContext;
import org.codingmatters.poom.ci.runners.pipeline.PipelineExecutor;
import org.codingmatters.poom.services.logging.CategorizedLogger;
import org.codingmatters.poom.services.support.process.ProcessInvoker;

/* loaded from: input_file:org/codingmatters/poom/ci/runners/pipeline/executors/PipelineShellExecutor.class */
public class PipelineShellExecutor implements PipelineExecutor {
    private static final CategorizedLogger log = CategorizedLogger.getLogger((Class<?>) PipelineShellExecutor.class);
    private final PipelineContext context;
    private final PipelineScript pipelineScript;
    private final KeyStore keystore;
    private final char[] keypass;
    private final JsonFactory jsonFactory;
    private final Map<String, String> secretVars = new HashMap();

    public PipelineShellExecutor(PipelineContext pipelineContext, KeyStore keyStore, char[] cArr, JsonFactory jsonFactory) {
        this.context = pipelineContext;
        this.keystore = keyStore;
        this.keypass = cArr;
        this.jsonFactory = jsonFactory;
        this.pipelineScript = new PipelineScript(this.context.pipeline());
    }

    @Override // org.codingmatters.poom.ci.runners.pipeline.PipelineExecutor
    public void initialize() throws IOException {
        if (this.context.pipeline().secrets() != null) {
            for (Secret secret : this.context.pipeline().secrets()) {
                byte[] readSecretData = readSecretData(secret);
                if (secret.opt().as().orElse(Secret.As.var).equals(Secret.As.file)) {
                    writeSecretToFile(secret, readSecretData);
                } else {
                    this.secretVars.put(secret.name(), new String(readSecretData));
                }
            }
        }
    }

    @Override // org.codingmatters.poom.ci.runners.pipeline.PipelineExecutor
    public boolean isExecutable(StageHolder stageHolder) throws PipelineExecutor.InvalidStageRestrictionException {
        try {
            return new OnlyWhenProcessor(this.context.variableProvider()).isExecutable(stageHolder.stage());
        } catch (OnlyWhenParsingException e) {
            throw new PipelineExecutor.InvalidStageRestrictionException(String.format("error evaluating stage %s (%s) onlyWhen expressions", stageHolder.stage().name(), stageHolder.type()), e);
        }
    }

    @Override // org.codingmatters.poom.ci.runners.pipeline.PipelineExecutor
    public StageTermination.Exit execute(StageHolder stageHolder, PipelineExecutor.StageLogListener stageLogListener) throws IOException {
        ensureStageExists(stageHolder);
        File createStageScript = createStageScript(stageHolder);
        createStageScript.setExecutable(true);
        logStageScript(stageHolder, createStageScript);
        ProcessBuilder directory = new ProcessBuilder(createStageScript.getAbsolutePath(), this.context.workspace().getAbsolutePath(), this.context.sources().getAbsolutePath()).directory(this.context.workspace());
        this.context.setVariablesTo(directory.environment());
        if (!this.secretVars.isEmpty()) {
            directory.environment().putAll(this.secretVars);
        }
        try {
            return createInvokerForStage(stageHolder).exec(directory, str -> {
                lineLogger(stageLogListener, str);
            }, str2 -> {
                lineLogger(stageLogListener, str2);
            }) == 0 ? StageTermination.Exit.SUCCESS : StageTermination.Exit.FAILURE;
        } catch (InterruptedException e) {
            log.error("error processing stage script", e);
            return StageTermination.Exit.FAILURE;
        }
    }

    private void lineLogger(PipelineExecutor.StageLogListener stageLogListener, String str) {
        log.info(str);
        stageLogListener.logLine(str);
    }

    private ProcessInvoker createInvokerForStage(StageHolder stageHolder) {
        return new ProcessInvoker(((Long) Optional.ofNullable(stageHolder.stage().timeout()).orElse(30L)).longValue(), TimeUnit.MINUTES);
    }

    private void logStageScript(StageHolder stageHolder, File file) {
        log.info("will execute stage {} / {} script from file {} with content : \n{}", stageHolder.type().name().toLowerCase(), stageHolder.stage().name(), file, content(file));
    }

    private String content(File file) {
        StringBuilder sb = new StringBuilder();
        try {
            FileReader fileReader = new FileReader(file);
            Throwable th = null;
            try {
                try {
                    char[] cArr = new char[1024];
                    for (int read = fileReader.read(cArr); read != -1; read = fileReader.read(cArr)) {
                        sb.append(cArr, 0, read);
                    }
                    if (fileReader != null) {
                        if (0 != 0) {
                            try {
                                fileReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileReader.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            log.error("failed reading stage script", e);
        }
        return sb.toString();
    }

    private File createStageScript(StageHolder stageHolder) throws IOException {
        File createTempFile = File.createTempFile(this.context.pipelineId() + "-" + stageHolder.type().name().toLowerCase() + "-stage-" + stageHolder.stage().name(), ".sh");
        createTempFile.deleteOnExit();
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        Throwable th = null;
        try {
            try {
                this.pipelineScript.forStage(stageHolder, fileOutputStream);
                if (fileOutputStream != null) {
                    if (0 != 0) {
                        try {
                            fileOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileOutputStream.close();
                    }
                }
                return createTempFile;
            } finally {
            }
        } catch (Throwable th3) {
            if (fileOutputStream != null) {
                if (th != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileOutputStream.close();
                }
            }
            throw th3;
        }
    }

    private void ensureStageExists(StageHolder stageHolder) throws IOException {
        stageHolder.opt().stage().orElseThrow(() -> {
            return new IOException("malformed stage : " + stageHolder);
        });
    }

    private byte[] readSecretData(Secret secret) throws IOException {
        try {
            return new DataUncipherer(this.keystore, this.keypass).uncipher(readCipheredDataFile(secret));
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException | NoSuchPaddingException e) {
            throw new IOException("error reading / unciphering secret data", e);
        }
    }

    private CipheredData readCipheredDataFile(Secret secret) throws IOException {
        String replaceAll = secret.content().replaceAll("\\$SRC", this.context.sources().getAbsolutePath()).replaceAll("\\$\\{SRC\\}", this.context.sources().getAbsolutePath());
        try {
            JsonParser createParser = this.jsonFactory.createParser(new File(replaceAll));
            Throwable th = null;
            try {
                CipheredData read = new CipheredDataReader().read(createParser);
                if (createParser != null) {
                    if (0 != 0) {
                        try {
                            createParser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createParser.close();
                    }
                }
                return read;
            } finally {
            }
        } catch (IOException e) {
            throw new IOException("failed reading secret file : " + replaceAll, e);
        }
    }

    private void writeSecretToFile(Secret secret, byte[] bArr) throws IOException {
        File file = new File(new File(this.context.workspace(), "secrets"), secret.name());
        file.getParentFile().mkdirs();
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            Throwable th = null;
            try {
                try {
                    fileOutputStream.write(bArr);
                    fileOutputStream.flush();
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new IOException("failed writing secret file to " + file.getAbsolutePath(), e);
        }
    }
}
