package com.spotify.docker;

import com.google.auth.oauth2.GoogleCredentials;
import com.google.common.base.Function;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.spotify.docker.client.DefaultDockerClient;
import com.spotify.docker.client.DockerCertificates;
import com.spotify.docker.client.DockerCertificatesStore;
import com.spotify.docker.client.DockerClient;
import com.spotify.docker.client.auth.ConfigFileRegistryAuthSupplier;
import com.spotify.docker.client.auth.FixedRegistryAuthSupplier;
import com.spotify.docker.client.auth.MultiRegistryAuthSupplier;
import com.spotify.docker.client.auth.RegistryAuthSupplier;
import com.spotify.docker.client.auth.gcr.ContainerRegistryAuthSupplier;
import com.spotify.docker.client.exceptions.DockerCertificateException;
import com.spotify.docker.client.messages.RegistryAuth;
import com.spotify.docker.client.messages.RegistryConfigs;
import com.spotify.docker.client.shaded.com.google.common.base.Optional;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.util.ArrayList;
import javax.annotation.Nonnull;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecution;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugins.annotations.Component;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.settings.Server;
import org.apache.maven.settings.Settings;
import org.codehaus.plexus.util.xml.Xpp3Dom;
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;

/* loaded from: input_file:com/spotify/docker/AbstractDockerMojo.class */
abstract class AbstractDockerMojo extends AbstractMojo {

    @Component(role = MavenSession.class)
    protected MavenSession session;

    @Component(role = MojoExecution.class)
    protected MojoExecution execution;

    @Component
    private Settings settings;

    @Component(role = SecDispatcher.class, hint = "mng-4384")
    private SecDispatcher secDispatcher;

    @Parameter(property = "dockerHost")
    private String dockerHost;

    @Parameter(property = "dockerCertPath")
    private String dockerCertPath;

    @Parameter(property = "serverId")
    private String serverId;

    @Parameter(property = "registryUrl")
    private String registryUrl;

    @Parameter(property = "retryPushCount", defaultValue = "5")
    private int retryPushCount;

    @Parameter(property = "retryPushTimeout", defaultValue = "10000")
    private int retryPushTimeout;

    @Parameter(property = "skipDocker", defaultValue = "false")
    private boolean skipDocker;

    @Parameter(property = "skipDockerPush", defaultValue = "false")
    private boolean skipDockerPush;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/spotify/docker/AbstractDockerMojo$SupplierToClassNameFunction.class */
    public static class SupplierToClassNameFunction implements Function<RegistryAuthSupplier, String> {
        private SupplierToClassNameFunction() {
        }

        @Nonnull
        public String apply(@Nonnull RegistryAuthSupplier registryAuthSupplier) {
            return registryAuthSupplier.getClass().getSimpleName();
        }
    }

    public int getRetryPushTimeout() {
        return this.retryPushTimeout;
    }

    public int getRetryPushCount() {
        return this.retryPushCount;
    }

    public boolean isSkipDocker() {
        return this.skipDocker;
    }

    public boolean isSkipDockerPush() {
        return this.skipDockerPush;
    }

    public void execute() throws MojoExecutionException {
        if (this.skipDocker) {
            getLog().info("Skipping docker goal");
            return;
        }
        try {
            DockerClient buildDockerClient = buildDockerClient();
            Throwable th = null;
            try {
                execute(buildDockerClient);
                if (buildDockerClient != null) {
                    if (0 != 0) {
                        try {
                            buildDockerClient.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        buildDockerClient.close();
                    }
                }
            } finally {
            }
        } catch (Exception e) {
            throw new MojoExecutionException("Exception caught", e);
        }
    }

    protected DefaultDockerClient.Builder getBuilder() throws DockerCertificateException {
        return DefaultDockerClient.fromEnv().readTimeoutMillis(0L);
    }

    protected DockerClient buildDockerClient() throws MojoExecutionException {
        try {
            DefaultDockerClient.Builder builder = getBuilder();
            String rawDockerHost = rawDockerHost();
            if (!Strings.isNullOrEmpty(rawDockerHost)) {
                builder.uri(rawDockerHost);
            }
            Optional<DockerCertificatesStore> dockerCertificates = dockerCertificates();
            if (dockerCertificates.isPresent()) {
                builder.dockerCertificates((DockerCertificatesStore) dockerCertificates.get());
            }
            builder.registryAuthSupplier(authSupplier());
            return builder.build();
        } catch (DockerCertificateException e) {
            throw new MojoExecutionException("Cannot build DockerClient due to certificate problem", e);
        }
    }

    protected abstract void execute(DockerClient dockerClient) throws Exception;

    protected String rawDockerHost() {
        return this.dockerHost;
    }

    protected Optional<DockerCertificatesStore> dockerCertificates() throws DockerCertificateException {
        return !Strings.isNullOrEmpty(this.dockerCertPath) ? DockerCertificates.builder().dockerCertPath(Paths.get(this.dockerCertPath, new String[0])).build() : Optional.absent();
    }

    private String getEmail(Server server) {
        Xpp3Dom child;
        String str = null;
        Xpp3Dom xpp3Dom = (Xpp3Dom) server.getConfiguration();
        if (xpp3Dom != null && (child = xpp3Dom.getChild("email")) != null) {
            str = child.getValue();
        }
        return str;
    }

    protected RegistryAuth registryAuth() throws MojoExecutionException {
        if (this.settings == null || this.serverId == null) {
            return null;
        }
        Server server = this.settings.getServer(this.serverId);
        if (server == null) {
            getLog().warn("No entry found in settings.xml for serverId=" + this.serverId + ", cannot configure authentication for that registry");
            return null;
        }
        RegistryAuth.Builder builder = RegistryAuth.builder();
        String username = server.getUsername();
        String password = server.getPassword();
        if (this.secDispatcher != null) {
            try {
                password = this.secDispatcher.decrypt(password);
            } catch (SecDispatcherException e) {
                throw new MojoExecutionException("Cannot decrypt password from settings", e);
            }
        }
        String email = getEmail(server);
        if (!Strings.isNullOrEmpty(username)) {
            builder.username(username);
        }
        if (!Strings.isNullOrEmpty(email)) {
            builder.email(email);
        }
        if (!Strings.isNullOrEmpty(password)) {
            builder.password(password);
        }
        if (!Strings.isNullOrEmpty(this.registryUrl)) {
            builder.serverAddress(this.registryUrl);
        }
        return builder.build();
    }

    private RegistryAuthSupplier authSupplier() throws MojoExecutionException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ConfigFileRegistryAuthSupplier());
        RegistryAuthSupplier googleContainerRegistryAuthSupplier = googleContainerRegistryAuthSupplier();
        if (googleContainerRegistryAuthSupplier != null) {
            arrayList.add(googleContainerRegistryAuthSupplier);
        }
        RegistryAuth registryAuth = registryAuth();
        if (registryAuth != null) {
            arrayList.add(new FixedRegistryAuthSupplier(registryAuth, RegistryConfigs.create(ImmutableMap.of(serverIdFor(registryAuth), registryAuth))));
        }
        getLog().info("Using authentication suppliers: " + Lists.transform(arrayList, new SupplierToClassNameFunction()));
        return new MultiRegistryAuthSupplier(arrayList);
    }

    private String serverIdFor(RegistryAuth registryAuth) {
        return this.serverId != null ? this.serverId : registryAuth.serverAddress() != null ? registryAuth.serverAddress() : "index.docker.io";
    }

    private RegistryAuthSupplier googleContainerRegistryAuthSupplier() throws MojoExecutionException {
        GoogleCredentials googleCredentials = null;
        String str = System.getenv("DOCKER_GOOGLE_CREDENTIALS");
        if (str != null) {
            File file = new File(str);
            if (file.exists()) {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    Throwable th = null;
                    try {
                        try {
                            googleCredentials = GoogleCredentials.fromStream(fileInputStream);
                            getLog().info("Using Google credentials from file: " + file.getAbsolutePath());
                            if (fileInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        fileInputStream.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    fileInputStream.close();
                                }
                            }
                        } finally {
                        }
                    } finally {
                    }
                } catch (IOException e) {
                    throw new MojoExecutionException("Cannot load credentials referenced by DOCKER_GOOGLE_CREDENTIALS environment variable", e);
                }
            }
        }
        if (googleCredentials == null) {
            try {
                googleCredentials = GoogleCredentials.getApplicationDefault();
                getLog().info("Using Google application default credentials");
            } catch (IOException e2) {
                getLog().debug("Failed to load Google application default credentials", e2);
            }
        }
        if (googleCredentials == null) {
            return null;
        }
        return ContainerRegistryAuthSupplier.forCredentials(googleCredentials).build();
    }
}
