package dev.stratospheric.cdk;

import dev.stratospheric.cdk.Network;
import java.util.Collections;
import java.util.Objects;
import org.jetbrains.annotations.NotNull;
import software.amazon.awscdk.Environment;
import software.amazon.awscdk.services.ec2.CfnSecurityGroup;
import software.amazon.awscdk.services.rds.CfnDBInstance;
import software.amazon.awscdk.services.rds.CfnDBSubnetGroup;
import software.amazon.awscdk.services.secretsmanager.CfnSecretTargetAttachment;
import software.amazon.awscdk.services.secretsmanager.ISecret;
import software.amazon.awscdk.services.secretsmanager.Secret;
import software.amazon.awscdk.services.secretsmanager.SecretStringGenerator;
import software.amazon.awscdk.services.ssm.StringParameter;
import software.constructs.Construct;

/* loaded from: input_file:dev/stratospheric/cdk/PostgresDatabase.class */
public class PostgresDatabase extends Construct {
    private static final String PARAMETER_ENDPOINT_ADDRESS = "endpointAddress";
    private static final String PARAMETER_ENDPOINT_PORT = "endpointPort";
    private static final String PARAMETER_DATABASE_NAME = "databaseName";
    private static final String PARAMETER_SECURITY_GROUP_ID = "securityGroupId";
    private static final String PARAMETER_SECRET_ARN = "secretArn";
    private static final String PARAMETER_INSTANCE_ID = "instanceId";
    private final CfnSecurityGroup databaseSecurityGroup;
    private final CfnDBInstance dbInstance;
    private final ISecret databaseSecret;
    private final ApplicationEnvironment applicationEnvironment;

    /* loaded from: input_file:dev/stratospheric/cdk/PostgresDatabase$DatabaseInputParameters.class */
    public static class DatabaseInputParameters {
        private int storageInGb = 20;
        private String instanceClass = "db.t2.micro";
        private String postgresVersion = "12.9";

        public DatabaseInputParameters withStorageInGb(int i) {
            this.storageInGb = i;
            return this;
        }

        public DatabaseInputParameters withInstanceClass(String str) {
            Objects.requireNonNull(str);
            this.instanceClass = str;
            return this;
        }

        public DatabaseInputParameters withPostgresVersion(String str) {
            Objects.requireNonNull(str);
            this.postgresVersion = str;
            return this;
        }
    }

    /* loaded from: input_file:dev/stratospheric/cdk/PostgresDatabase$DatabaseOutputParameters.class */
    public static class DatabaseOutputParameters {
        private final String endpointAddress;
        private final String endpointPort;
        private final String dbName;
        private final String databaseSecretArn;
        private final String databaseSecurityGroupId;
        private final String instanceId;

        public DatabaseOutputParameters(String str, String str2, String str3, String str4, String str5, String str6) {
            this.endpointAddress = str;
            this.endpointPort = str2;
            this.dbName = str3;
            this.databaseSecretArn = str4;
            this.databaseSecurityGroupId = str5;
            this.instanceId = str6;
        }

        public String getEndpointAddress() {
            return this.endpointAddress;
        }

        public String getEndpointPort() {
            return this.endpointPort;
        }

        public String getDbName() {
            return this.dbName;
        }

        public String getDatabaseSecretArn() {
            return this.databaseSecretArn;
        }

        public String getDatabaseSecurityGroupId() {
            return this.databaseSecurityGroupId;
        }

        public String getInstanceId() {
            return this.instanceId;
        }
    }

    public PostgresDatabase(Construct construct, String str, Environment environment, ApplicationEnvironment applicationEnvironment, DatabaseInputParameters databaseInputParameters) {
        super(construct, str);
        this.applicationEnvironment = applicationEnvironment;
        Network.NetworkOutputParameters outputParametersFromParameterStore = Network.getOutputParametersFromParameterStore(this, applicationEnvironment.getEnvironmentName());
        String sanitizeDbParameterName = sanitizeDbParameterName(applicationEnvironment.prefix("dbUser"));
        this.databaseSecurityGroup = CfnSecurityGroup.Builder.create(this, "databaseSecurityGroup").vpcId(outputParametersFromParameterStore.getVpcId()).groupDescription("Security Group for the database instance").groupName(applicationEnvironment.prefix("dbSecurityGroup")).build();
        this.databaseSecret = Secret.Builder.create(this, "databaseSecret").secretName(applicationEnvironment.prefix("DatabaseSecret")).description("Credentials to the RDS instance").generateSecretString(SecretStringGenerator.builder().secretStringTemplate(String.format("{\"username\": \"%s\"}", sanitizeDbParameterName)).generateStringKey("password").passwordLength(32).excludeCharacters("@/\\\" ").build()).build();
        this.dbInstance = CfnDBInstance.Builder.create(this, "postgresInstance").dbInstanceIdentifier(applicationEnvironment.prefix("database")).allocatedStorage(String.valueOf(databaseInputParameters.storageInGb)).availabilityZone(outputParametersFromParameterStore.getAvailabilityZones().get(0)).dbInstanceClass(databaseInputParameters.instanceClass).dbName(sanitizeDbParameterName(applicationEnvironment.prefix("database"))).dbSubnetGroupName(CfnDBSubnetGroup.Builder.create(this, "dbSubnetGroup").dbSubnetGroupDescription("Subnet group for the RDS instance").dbSubnetGroupName(applicationEnvironment.prefix("dbSubnetGroup")).subnetIds(outputParametersFromParameterStore.getIsolatedSubnets()).build().getDbSubnetGroupName()).engine("postgres").engineVersion(databaseInputParameters.postgresVersion).masterUsername(sanitizeDbParameterName).masterUserPassword(this.databaseSecret.secretValueFromJson("password").unsafeUnwrap()).publiclyAccessible(false).vpcSecurityGroups(Collections.singletonList(this.databaseSecurityGroup.getAttrGroupId())).build();
        CfnSecretTargetAttachment.Builder.create(this, "secretTargetAttachment").secretId(this.databaseSecret.getSecretArn()).targetId(this.dbInstance.getRef()).targetType("AWS::RDS::DBInstance").build();
        createOutputParameters();
        applicationEnvironment.tag(this);
    }

    @NotNull
    private static String createParameterName(ApplicationEnvironment applicationEnvironment, String str) {
        return applicationEnvironment.getEnvironmentName() + "-" + applicationEnvironment.getApplicationName() + "-Database-" + str;
    }

    public static DatabaseOutputParameters getOutputParametersFromParameterStore(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return new DatabaseOutputParameters(getEndpointAddress(construct, applicationEnvironment), getEndpointPort(construct, applicationEnvironment), getDbName(construct, applicationEnvironment), getDatabaseSecretArn(construct, applicationEnvironment), getDatabaseSecurityGroupId(construct, applicationEnvironment), getDatabaseIdentifier(construct, applicationEnvironment));
    }

    private static String getDatabaseIdentifier(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return StringParameter.fromStringParameterName(construct, PARAMETER_INSTANCE_ID, createParameterName(applicationEnvironment, PARAMETER_INSTANCE_ID)).getStringValue();
    }

    private static String getEndpointAddress(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return StringParameter.fromStringParameterName(construct, PARAMETER_ENDPOINT_ADDRESS, createParameterName(applicationEnvironment, PARAMETER_ENDPOINT_ADDRESS)).getStringValue();
    }

    private static String getEndpointPort(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return StringParameter.fromStringParameterName(construct, PARAMETER_ENDPOINT_PORT, createParameterName(applicationEnvironment, PARAMETER_ENDPOINT_PORT)).getStringValue();
    }

    private static String getDbName(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return StringParameter.fromStringParameterName(construct, PARAMETER_DATABASE_NAME, createParameterName(applicationEnvironment, PARAMETER_DATABASE_NAME)).getStringValue();
    }

    private static String getDatabaseSecretArn(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return StringParameter.fromStringParameterName(construct, PARAMETER_SECRET_ARN, createParameterName(applicationEnvironment, PARAMETER_SECRET_ARN)).getStringValue();
    }

    private static String getDatabaseSecurityGroupId(Construct construct, ApplicationEnvironment applicationEnvironment) {
        return StringParameter.fromStringParameterName(construct, PARAMETER_SECURITY_GROUP_ID, createParameterName(applicationEnvironment, PARAMETER_SECURITY_GROUP_ID)).getStringValue();
    }

    private void createOutputParameters() {
        StringParameter.Builder.create(this, PARAMETER_ENDPOINT_ADDRESS).parameterName(createParameterName(this.applicationEnvironment, PARAMETER_ENDPOINT_ADDRESS)).stringValue(this.dbInstance.getAttrEndpointAddress()).build();
        StringParameter.Builder.create(this, PARAMETER_ENDPOINT_PORT).parameterName(createParameterName(this.applicationEnvironment, PARAMETER_ENDPOINT_PORT)).stringValue(this.dbInstance.getAttrEndpointPort()).build();
        StringParameter.Builder.create(this, PARAMETER_DATABASE_NAME).parameterName(createParameterName(this.applicationEnvironment, PARAMETER_DATABASE_NAME)).stringValue(this.dbInstance.getDbName()).build();
        StringParameter.Builder.create(this, PARAMETER_SECURITY_GROUP_ID).parameterName(createParameterName(this.applicationEnvironment, PARAMETER_SECURITY_GROUP_ID)).stringValue(this.databaseSecurityGroup.getAttrGroupId()).build();
        StringParameter.Builder.create(this, "secret").parameterName(createParameterName(this.applicationEnvironment, PARAMETER_SECRET_ARN)).stringValue(this.databaseSecret.getSecretArn()).build();
        StringParameter.Builder.create(this, PARAMETER_INSTANCE_ID).parameterName(createParameterName(this.applicationEnvironment, PARAMETER_INSTANCE_ID)).stringValue(this.dbInstance.getDbInstanceIdentifier()).build();
    }

    private String sanitizeDbParameterName(String str) {
        return str.replaceAll("[^a-zA-Z0-9]", "").replaceAll("^[0-9]", "a");
    }

    public DatabaseOutputParameters getOutputParameters() {
        return new DatabaseOutputParameters(this.dbInstance.getAttrEndpointAddress(), this.dbInstance.getAttrEndpointPort(), this.dbInstance.getDbName(), this.databaseSecurityGroup.getAttrGroupId(), this.databaseSecret.getSecretArn(), this.dbInstance.getDbInstanceIdentifier());
    }
}
