package com.netflix.spinnaker.clouddriver.kubernetes.validator;

import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.netflix.spinnaker.clouddriver.deploy.ValidationErrors;
import com.netflix.spinnaker.clouddriver.kubernetes.description.manifest.KubernetesKind;
import com.netflix.spinnaker.clouddriver.kubernetes.description.manifest.KubernetesManifest;
import com.netflix.spinnaker.clouddriver.kubernetes.security.KubernetesCredentials;
import com.netflix.spinnaker.clouddriver.security.AccountCredentials;
import com.netflix.spinnaker.clouddriver.security.AccountCredentialsProvider;
import java.util.ArrayList;
import java.util.Collections;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/netflix/spinnaker/clouddriver/kubernetes/validator/KubernetesValidationUtil.class */
public class KubernetesValidationUtil {
    private final String context;
    private final ValidationErrors errors;
    private static final Logger log = LoggerFactory.getLogger(KubernetesValidationUtil.class);
    private static final ImmutableSet<KubernetesCredentials.KubernetesKindStatus> validKindStatuses = ImmutableSet.of(KubernetesCredentials.KubernetesKindStatus.VALID, KubernetesCredentials.KubernetesKindStatus.UNKNOWN);

    public KubernetesValidationUtil(String str, ValidationErrors validationErrors) {
        this.context = str;
        this.errors = validationErrors;
    }

    private String joinAttributeChain(String... strArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.context);
        Collections.addAll(arrayList, strArr);
        return String.join(".", arrayList);
    }

    public void reject(String str, String... strArr) {
        String joinAttributeChain = joinAttributeChain(strArr);
        this.errors.reject(joinAttributeChain, joinAttributeChain(joinAttributeChain, str));
    }

    public boolean validateNotEmpty(String str, Object obj) {
        if (obj != null) {
            return true;
        }
        reject("empty", str);
        return false;
    }

    public boolean validateCredentials(AccountCredentialsProvider accountCredentialsProvider, String str, KubernetesManifest kubernetesManifest) {
        return validateCredentials(accountCredentialsProvider, str, kubernetesManifest.getKind(), kubernetesManifest.getNamespace());
    }

    public boolean validateCredentials(AccountCredentialsProvider accountCredentialsProvider, String str, KubernetesKind kubernetesKind, String str2) {
        log.info("Validating credentials for {} {} {}", new Object[]{str, kubernetesKind, str2});
        if (Strings.isNullOrEmpty(str)) {
            reject("empty", "account");
            return false;
        }
        if (Strings.isNullOrEmpty(str2)) {
            return true;
        }
        AccountCredentials credentials = accountCredentialsProvider.getCredentials(str);
        if (credentials == null) {
            reject("notFound", "account");
            return false;
        }
        if (credentials.getCredentials() instanceof KubernetesCredentials) {
            return validateNamespace(str2, (KubernetesCredentials) credentials.getCredentials()) && validateKind(kubernetesKind, (KubernetesCredentials) credentials.getCredentials());
        }
        reject("wrongVersion", "account");
        return false;
    }

    private boolean validateKind(KubernetesKind kubernetesKind, KubernetesCredentials kubernetesCredentials) {
        KubernetesCredentials.KubernetesKindStatus kindStatus = kubernetesCredentials.getKindStatus(kubernetesKind);
        if (validKindStatuses.contains(kindStatus)) {
            return true;
        }
        reject(kindStatus.getErrorMessage(kubernetesKind), kubernetesKind.toString());
        return false;
    }

    protected boolean validateNamespace(String str, KubernetesCredentials kubernetesCredentials) {
        ImmutableList<String> namespaces = kubernetesCredentials.getNamespaces();
        if (namespaces != null && !namespaces.isEmpty() && !namespaces.contains(str)) {
            reject("wrongNamespace", str);
            return false;
        }
        ImmutableList<String> omitNamespaces = kubernetesCredentials.getOmitNamespaces();
        if (omitNamespaces == null || !omitNamespaces.contains(str)) {
            return true;
        }
        reject("omittedNamespace", str);
        return false;
    }
}
