package com.github.pires.hazelcast;

import ch.qos.logback.core.net.ssl.SSL;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.hazelcast.config.Config;
import com.hazelcast.config.GroupConfig;
import com.hazelcast.config.JoinConfig;
import com.hazelcast.config.MulticastConfig;
import com.hazelcast.config.NetworkConfig;
import com.hazelcast.config.SSLConfig;
import com.hazelcast.config.TcpIpConfig;
import com.hazelcast.core.Hazelcast;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.CopyOnWriteArrayList;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.CommandLineRunner;
import org.springframework.stereotype.Controller;

@Controller
/* loaded from: input_file:BOOT-INF/classes/com/github/pires/hazelcast/HazelcastDiscoveryController.class */
public class HazelcastDiscoveryController implements CommandLineRunner {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) HazelcastDiscoveryController.class);
    private static TrustManager[] trustAll = {new X509TrustManager() { // from class: com.github.pires.hazelcast.HazelcastDiscoveryController.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};
    private static HostnameVerifier trustAllHosts = new HostnameVerifier() { // from class: com.github.pires.hazelcast.HazelcastDiscoveryController.2
        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            return true;
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:BOOT-INF/classes/com/github/pires/hazelcast/HazelcastDiscoveryController$Address.class */
    public static class Address {
        public String ip;

        Address() {
        }
    }

    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:BOOT-INF/classes/com/github/pires/hazelcast/HazelcastDiscoveryController$Endpoints.class */
    static class Endpoints {
        public List<Subset> subsets;

        Endpoints() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:BOOT-INF/classes/com/github/pires/hazelcast/HazelcastDiscoveryController$Subset.class */
    public static class Subset {
        public List<Address> addresses;
        public List<Address> notReadyAddresses;

        Subset() {
        }
    }

    private static String getServiceAccountToken() throws IOException {
        return new String(Files.readAllBytes(Paths.get("/var/run/secrets/kubernetes.io/serviceaccount/token", new String[0])));
    }

    private static String getEnvOrDefault(String str, String str2) {
        String str3 = System.getenv(str);
        return (str3 == null || str3.isEmpty()) ? str2 : str3;
    }

    @Override // org.springframework.boot.CommandLineRunner
    public void run(String... strArr) {
        String envOrDefault = getEnvOrDefault("HAZELCAST_SERVICE", "hazelcast");
        String format = String.format("/api/v1/namespaces/%s/endpoints/", getEnvOrDefault("POD_NAMESPACE", "default"));
        String envOrDefault2 = getEnvOrDefault("KUBERNETES_MASTER", "https://kubernetes.default.svc.".concat(getEnvOrDefault("DNS_DOMAIN", "cluster.local")));
        log.info("Asking k8s registry at {}..", envOrDefault2);
        CopyOnWriteArrayList copyOnWriteArrayList = new CopyOnWriteArrayList();
        try {
            String serviceAccountToken = getServiceAccountToken();
            SSLContext sSLContext = SSLContext.getInstance(SSL.DEFAULT_PROTOCOL);
            sSLContext.init(null, trustAll, new SecureRandom());
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(envOrDefault2 + format + envOrDefault).openConnection();
            httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
            httpsURLConnection.setHostnameVerifier(trustAllHosts);
            httpsURLConnection.addRequestProperty("Authorization", "Bearer " + serviceAccountToken);
            Endpoints endpoints = (Endpoints) new ObjectMapper().readValue(httpsURLConnection.getInputStream(), Endpoints.class);
            if (endpoints != null && endpoints.subsets != null && !endpoints.subsets.isEmpty()) {
                endpoints.subsets.forEach(subset -> {
                    if (subset.addresses != null && !subset.addresses.isEmpty()) {
                        subset.addresses.forEach(address -> {
                            copyOnWriteArrayList.add(address.ip);
                        });
                    } else if (subset.notReadyAddresses == null || subset.notReadyAddresses.isEmpty()) {
                        log.warn("Could not find any hazelcast nodes.");
                    } else {
                        subset.notReadyAddresses.forEach(address2 -> {
                            copyOnWriteArrayList.add(address2.ip);
                        });
                    }
                });
            }
        } catch (IOException | KeyManagementException | NoSuchAlgorithmException e) {
            log.warn("Request to Kubernetes API failed", e);
        }
        log.info("Found {} pods running Hazelcast.", Integer.valueOf(copyOnWriteArrayList.size()));
        runHazelcast(copyOnWriteArrayList);
    }

    private void runHazelcast(List<String> list) {
        Config config = new Config();
        config.setInstanceName(UUID.randomUUID().toString());
        String envOrDefault = getEnvOrDefault("HC_GROUP_NAME", "someGroup");
        String envOrDefault2 = getEnvOrDefault("HC_GROUP_PASSWORD", null);
        int parseInt = Integer.parseInt(getEnvOrDefault("HC_PORT", "5701"));
        String envOrDefault3 = getEnvOrDefault("HC_REST_ENABLED", "false");
        if (envOrDefault2 != null) {
            config.setGroupConfig(new GroupConfig(envOrDefault, envOrDefault2));
        } else {
            config.setGroupConfig(new GroupConfig(envOrDefault));
        }
        config.setProperty("hazelcast.rest.enabled", envOrDefault3);
        NetworkConfig networkConfig = new NetworkConfig();
        networkConfig.setPortAutoIncrement(false);
        networkConfig.setPort(parseInt);
        MulticastConfig multicastConfig = new MulticastConfig();
        multicastConfig.setEnabled(false);
        TcpIpConfig tcpIpConfig = new TcpIpConfig();
        tcpIpConfig.getClass();
        list.forEach(tcpIpConfig::addMember);
        tcpIpConfig.setEnabled(true);
        JoinConfig joinConfig = new JoinConfig();
        joinConfig.setMulticastConfig(multicastConfig);
        joinConfig.setTcpIpConfig(tcpIpConfig);
        networkConfig.setJoin(joinConfig);
        networkConfig.setSSLConfig(new SSLConfig().setEnabled(false));
        config.setNetworkConfig(networkConfig);
        Hazelcast.newHazelcastInstance(config);
    }
}
