package com.cloudera.cmf.command;

import com.cloudera.api.model.ApiHostCertInfo;
import com.cloudera.cmf.CommandRunner;
import com.cloudera.cmf.Environment;
import com.cloudera.cmf.model.DbCertificate;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.enterprise.TempFileUtils;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.joda.time.Instant;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/command/CertmanagerRunner.class */
public class CertmanagerRunner {
    private static Logger LOG = LoggerFactory.getLogger(CertmanagerRunner.class);
    private static final String CERTMANAGER_BIN = "bin/certmanager";
    public static final String TEMP_DIR_MARKER = "{{TEMP_DIR}}";
    protected String certmanagerPath = Paths.get(Environment.getAgentDir(), CERTMANAGER_BIN).toString();

    public byte[] runCmcaCommand(String str, List<String> list) {
        Preconditions.checkNotNull(list);
        LOG.info("Running CMCA command with args: " + list.toString());
        ArrayList newArrayList = Lists.newArrayList(new String[]{this.certmanagerPath});
        if (StringUtils.isNotBlank(str)) {
            newArrayList.add("--location");
            newArrayList.add(str);
        }
        newArrayList.addAll(list);
        CommandRunner.WriterCommandResult run = CommandRunner.run(newArrayList, (InputStream) null, (Map) null, new CommandRunner.WriterCommandResult());
        if (run.retcode == 0) {
            return run._output.toByteArray();
        }
        LOG.error(String.format("Failed to run CMCA command, return code: %s, stderr:\n%s", Integer.valueOf(run.retcode), run._error));
        throw new IllegalStateException("Failed to run CMCA command, return code: " + run.retcode);
    }

    public void importAdditionalCerts(String str, List<ApiHostCertInfo> list, boolean z, boolean z2, CmfEntityManager cmfEntityManager) throws IOException {
        for (ApiHostCertInfo apiHostCertInfo : list) {
            Path path = null;
            Path path2 = null;
            try {
                String certificate = apiHostCertInfo.getCertificate();
                String key = apiHostCertInfo.getKey();
                if (!z) {
                    path = TempFileUtils.writeTempFile("host-cert", apiHostCertInfo.getCertificate());
                    path2 = TempFileUtils.writeTempFile("host-key", apiHostCertInfo.getKey());
                    certificate = path.toAbsolutePath().toString();
                    key = path2.toAbsolutePath().toString();
                }
                ArrayList newArrayList = Lists.newArrayList(new String[]{"add_custom_cert", "--host-cert", certificate, "--host-key", key, apiHostCertInfo.getHostname()});
                if (z2) {
                    newArrayList.add("--output=-");
                }
                byte[] runCmcaCommand = runCmcaCommand(str, newArrayList);
                if (z2) {
                    DbCertificate dbCertificate = new DbCertificate();
                    dbCertificate.setHostname(apiHostCertInfo.getHostname());
                    dbCertificate.setCerttar(runCmcaCommand);
                    dbCertificate.setCreatedInstant(Instant.now());
                    LOG.info("Persisting host cert for: " + dbCertificate.getHostname());
                    cmfEntityManager.persistCertificate(dbCertificate);
                }
                TempFileUtils.deleteFileAndSwallowException(path);
                TempFileUtils.deleteFileAndSwallowException(path2);
            } catch (Throwable th) {
                TempFileUtils.deleteFileAndSwallowException((Path) null);
                TempFileUtils.deleteFileAndSwallowException((Path) null);
                throw th;
            }
        }
    }

    @VisibleForTesting
    void setCertmanagerPath(String str) {
        this.certmanagerPath = str;
    }
}
