package com.cloudera.cmf.command;

import com.cloudera.cmf.command.MigrateCmcaToDbCommand;
import com.cloudera.cmf.command.flow.AbstractCmdWork;
import com.cloudera.cmf.command.flow.CmdWorkCtx;
import com.cloudera.cmf.command.flow.WorkOutput;
import com.cloudera.cmf.command.flow.WorkOutputs;
import com.cloudera.cmf.model.DbCertificate;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.scm.ScmHandler;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.enterprise.ArchiveUtils;
import com.cloudera.enterprise.MessageWithArgs;
import com.cloudera.server.cmf.ClientProtocolUtils;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.nio.file.CopyOption;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.PosixFilePermissions;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.joda.time.Instant;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/command/MigrateCmcaToDbCmdWork.class */
public class MigrateCmcaToDbCmdWork extends AbstractCmdWork {
    private static final String DEFAULT_AGENT_CERT_LOCATION = "/var/lib/cloudera-scm-agent/agent-cert/";
    private static final String TRUSTSTORE_PATH = "/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks";
    protected String location;
    private static Logger LOG = LoggerFactory.getLogger(MigrateCmcaToDbCmdWork.class);
    private static final String KEYSTORE_PATH = "/var/lib/cloudera-scm-agent/agent-cert/cm-auto-host_keystore.jks";
    private static Map<String, String> CM_CONFIGS_TO_SET = ImmutableMap.of("HOST_CERT_GENERATOR", CertmanagerRunner.TEMP_DIR_MARKER, "KEYSTORE_PATH", KEYSTORE_PATH, "TRUSTSTORE_PATH", "/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks");

    @VisibleForTesting
    protected void bootstrapKeystores(CmdWorkCtx cmdWorkCtx) {
        try {
            if (Files.notExists(Paths.get(DEFAULT_AGENT_CERT_LOCATION, new String[0]), new LinkOption[0])) {
                Files.createDirectory(Paths.get(DEFAULT_AGENT_CERT_LOCATION, new String[0]), PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwxr-xr-x")));
                Files.setPosixFilePermissions(Paths.get(DEFAULT_AGENT_CERT_LOCATION, new String[0]), PosixFilePermissions.fromString("rwxr-xr-x"));
            }
            if (Files.notExists(Paths.get(KEYSTORE_PATH, new String[0]), new LinkOption[0])) {
                copyFileFromParam(ScmParams.KEYSTORE_PATH, KEYSTORE_PATH, cmdWorkCtx);
            }
            if (Files.notExists(Paths.get("/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks", new String[0]), new LinkOption[0])) {
                copyFileFromParam(ScmParams.TRUSTSTORE_PATH, "/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks", cmdWorkCtx);
                Files.setPosixFilePermissions(Paths.get("/var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks", new String[0]), PosixFilePermissions.fromString("rw-r--r--"));
            }
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    @VisibleForTesting
    boolean disableInitFile(String str) {
        Path path = Paths.get(str, new String[0]);
        if (Files.notExists(path, new LinkOption[0])) {
            LOG.info("No init file found, skipping.");
            return false;
        }
        try {
            List<String> readAllLines = Files.readAllLines(path);
            for (int i = 0; i < readAllLines.size(); i++) {
                String str2 = readAllLines.get(i);
                if (!StringUtils.isBlank(str2)) {
                    String[] split = str2.split(" ");
                    if (split.length >= 3 && StringUtils.equalsIgnoreCase(split[0], "setsettings") && CM_CONFIGS_TO_SET.containsKey(split[1].toUpperCase())) {
                        readAllLines.set(i, "# " + str2);
                    }
                }
            }
            Files.write(path, StringUtils.join(readAllLines, "\n").getBytes(), new OpenOption[0]);
            return true;
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public WorkOutput doWork(CmdWorkCtx cmdWorkCtx) {
        String str = (String) ScmHandler.getScmConfigValue(ScmParams.HOST_CERT_GENERATOR, cmdWorkCtx.getCmfEM().getScmConfigProvider());
        if (StringUtils.isBlank(str) || StringUtils.equals(str, CertmanagerRunner.TEMP_DIR_MARKER) || !str.endsWith("/generate_host_cert")) {
            return WorkOutputs.failure(cmdWorkCtx.getCommandId(), MigrateCmcaToDbCommand.I18nKeys.NOOP.getKey(), new String[0]);
        }
        this.location = str.substring(0, str.length() - "/generate_host_cert".length());
        LOG.info("Determined CMCA location: " + this.location);
        String str2 = this.location + "/cm_init.txt";
        LOG.info("Modifying init file if present: " + str2);
        disableInitFile(str2);
        LOG.info("Tarring CMCA directory: " + this.location);
        byte[] runTarCompress = ArchiveUtils.runTarCompress(this.location, true);
        LOG.info("Persisting new CMCA to database");
        DbCertificate dbCertificate = new DbCertificate();
        dbCertificate.setCreatedInstant(Instant.now());
        dbCertificate.setHostname("__root__");
        dbCertificate.setCerttar(runTarCompress);
        cmdWorkCtx.getCmfEM().persistCertificate(dbCertificate);
        LOG.info("Ensuring truststore and keystore files exist");
        bootstrapKeystores(cmdWorkCtx);
        LOG.info("Configuring CM to read from DB");
        for (Map.Entry<String, String> entry : CM_CONFIGS_TO_SET.entrySet()) {
            ClientProtocolUtils.setSetting(entry.getKey(), entry.getValue(), cmdWorkCtx.getCmfEM(), cmdWorkCtx.getServiceDataProvider().getServiceHandlerRegistry(), cmdWorkCtx.getServiceDataProvider().getOperationsManager());
        }
        return WorkOutputs.success(MigrateCmcaToDbCommand.I18nKeys.HELP.getKey(), new String[0]);
    }

    private void copyFileFromParam(ParamSpec<String> paramSpec, String str, CmdWorkCtx cmdWorkCtx) throws IOException {
        Files.copy(Paths.get((String) ScmHandler.getScmConfigValue(paramSpec, cmdWorkCtx.getCmfEM().getScmConfigProvider()), new String[0]), Paths.get(str, new String[0]), new CopyOption[0]);
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public MessageWithArgs getDescription(CmdWorkCtx cmdWorkCtx) {
        return MessageWithArgs.of(MigrateCmcaToDbCommand.I18nKeys.HELP, new String[0]);
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public void onFinish(WorkOutput workOutput, CmdWorkCtx cmdWorkCtx) {
    }
}
