package com.cloudera.cmf.command;

import com.cloudera.cmf.command.GenerateHostCertsCommand;
import com.cloudera.cmf.command.flow.CmdWorkCtx;
import com.cloudera.cmf.command.flow.work.OneOffHostProcCmdWork;
import com.cloudera.cmf.model.DbCertificate;
import com.cloudera.cmf.model.DbHost;
import com.cloudera.cmf.model.DbProcess;
import com.cloudera.cmf.service.scm.ScmHandler;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.enterprise.ArchiveUtils;
import com.cloudera.enterprise.MessageWithArgs;
import com.cloudera.enterprise.TempFileUtils;
import com.cloudera.server.cmf.node.HostCertConfigurator;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.nio.file.Path;
import java.util.ArrayList;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/cmf/command/GenerateHostCertsNoSshCmdWork.class */
public class GenerateHostCertsNoSshCmdWork extends OneOffHostProcCmdWork {
    private static Logger LOG = LoggerFactory.getLogger(GenerateHostCertsNoSshCmdWork.class);
    private static final String PROGRAM = "certs/rotate_host_cert.sh";
    private static final String PROCESS_NAME = "host-cert-rotation";

    @VisibleForTesting
    static CertmanagerRunner runner;
    private GenerateHostCertsCommandArgs cmdArgs;

    public GenerateHostCertsNoSshCmdWork(@JsonProperty("hostId") Long l, @JsonProperty("cmdArgs") GenerateHostCertsCommandArgs generateHostCertsCommandArgs) {
        super(l);
        this.cmdArgs = generateHostCertsCommandArgs;
        runner = new CertmanagerRunner();
    }

    @Override // com.cloudera.cmf.command.flow.work.OneOffHostProcCmdWork
    protected void beforeProcessCreation(CmdWorkCtx cmdWorkCtx, DbProcess dbProcess, DbHost dbHost) {
        String extractAndWriteCmca;
        LOG.debug("Before process creation for host {}", dbHost.getName());
        String str = (String) ScmHandler.getScmConfigValue(ScmParams.HOST_CERT_GENERATOR, cmdWorkCtx.getCmfEM().getScmConfigProvider());
        Path path = null;
        try {
            try {
                if (StringUtils.isBlank(str) || StringUtils.equals(str, CertmanagerRunner.TEMP_DIR_MARKER) || !str.endsWith("/generate_host_cert")) {
                    DbCertificate findCertificate = cmdWorkCtx.getCmfEM().findCertificate("__root__");
                    byte[] certtar = findCertificate != null ? findCertificate.getCerttar() : null;
                    if (certtar == null) {
                        throw new IllegalStateException("Invalid CMCA in database: missing cert data");
                    }
                    path = TempFileUtils.createTempDir("CMCA");
                    extractAndWriteCmca = extractAndWriteCmca(path, certtar);
                } else {
                    extractAndWriteCmca = str.substring(0, str.length() - "/generate_host_cert".length());
                }
                Path createTempFile = TempFileUtils.createTempFile("cert-request-token");
                String path2 = createTempFile.toAbsolutePath().toString();
                ArrayList newArrayList = Lists.newArrayList();
                newArrayList.add("gen_cert_request_token");
                newArrayList.add("--hostname");
                newArrayList.add(dbHost.getName());
                newArrayList.add("--lifetime");
                newArrayList.add("3600");
                newArrayList.add("--output");
                newArrayList.add(path2);
                runner.runCmcaCommand(extractAndWriteCmca, newArrayList);
                BufferedReader bufferedReader = new BufferedReader(new FileReader(path2));
                StringBuilder sb = new StringBuilder();
                for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                    sb.append(readLine);
                    sb.append(System.lineSeparator());
                }
                String trim = sb.toString().trim();
                TempFileUtils.deleteFileAndSwallowException(createTempFile);
                if (path != null) {
                    TempFileUtils.deleteDirAndSwallowException(path);
                }
                dbProcess.setProgram(PROGRAM);
                dbProcess.setArguments(ImmutableList.of(HostCertConfigurator.CM_AGENT_UTIL_PATH, trim));
                setRootUserGroup(cmdWorkCtx, dbProcess);
            } catch (IOException e) {
                LOG.error("Failed to rotate host certificates: ", e);
                throw new IllegalStateException(e);
            }
        } catch (Throwable th) {
            TempFileUtils.deleteFileAndSwallowException((Path) null);
            if (0 != 0) {
                TempFileUtils.deleteDirAndSwallowException((Path) null);
            }
            throw th;
        }
    }

    @VisibleForTesting
    public String extractAndWriteCmca(Path path, byte[] bArr) {
        ArchiveUtils.runTarExtract(bArr, path.toAbsolutePath().toString());
        return path.toAbsolutePath().toString();
    }

    @Override // com.cloudera.cmf.command.flow.work.OneOffProcCmdWork
    public String getProcessName() {
        return PROCESS_NAME;
    }

    @Override // com.cloudera.cmf.command.flow.CmdWork
    public MessageWithArgs getDescription(CmdWorkCtx cmdWorkCtx) {
        return MessageWithArgs.of(GenerateHostCertsCommand.I18nKeys.NO_SSH_HELP, new String[0]);
    }
}
