package org.apache.shenyu.springboot.starter.k8s;

import io.kubernetes.client.extended.controller.Controller;
import io.kubernetes.client.extended.controller.ControllerManager;
import io.kubernetes.client.extended.controller.builder.ControllerBuilder;
import io.kubernetes.client.extended.controller.builder.DefaultControllerBuilder;
import io.kubernetes.client.informer.SharedIndexInformer;
import io.kubernetes.client.informer.SharedInformerFactory;
import io.kubernetes.client.openapi.ApiClient;
import io.kubernetes.client.openapi.ApiException;
import io.kubernetes.client.openapi.apis.CoreV1Api;
import io.kubernetes.client.openapi.models.V1Endpoints;
import io.kubernetes.client.openapi.models.V1EndpointsList;
import io.kubernetes.client.openapi.models.V1Ingress;
import io.kubernetes.client.openapi.models.V1IngressList;
import io.kubernetes.client.openapi.models.V1Secret;
import io.kubernetes.client.openapi.models.V1SecretList;
import io.kubernetes.client.openapi.models.V1Service;
import io.kubernetes.client.openapi.models.V1ServiceList;
import io.kubernetes.client.util.generic.GenericKubernetesApi;
import java.io.ByteArrayInputStream;
import java.time.Duration;
import java.util.Optional;
import java.util.concurrent.Executors;
import org.apache.shenyu.common.config.NettyHttpProperties;
import org.apache.shenyu.common.config.ssl.ShenyuSniAsyncMapping;
import org.apache.shenyu.common.exception.ShenyuException;
import org.apache.shenyu.k8s.parser.IngressParser;
import org.apache.shenyu.k8s.reconciler.EndpointsReconciler;
import org.apache.shenyu.k8s.reconciler.IngressReconciler;
import org.apache.shenyu.k8s.repository.ShenyuCacheRepository;
import org.apache.shenyu.plugin.base.cache.CommonDiscoveryUpstreamDataSubscriber;
import org.apache.shenyu.plugin.base.cache.CommonPluginDataSubscriber;
import org.apache.shenyu.plugin.global.subsciber.MetaDataCacheSubscriber;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import reactor.netty.tcp.TcpSslContextSpec;

@Configuration
/* loaded from: input_file:org/apache/shenyu/springboot/starter/k8s/IngressControllerConfiguration.class */
public class IngressControllerConfiguration {
    @Bean({"controller-manager"})
    public ControllerManager controllerManager(SharedInformerFactory sharedInformerFactory, @Qualifier("ingress-controller") Controller controller, @Qualifier("endpoints-controller") Controller controller2) {
        Runnable controllerManager = new ControllerManager(sharedInformerFactory, new Controller[]{controller, controller2});
        Executors.newSingleThreadExecutor().submit(controllerManager);
        return controllerManager;
    }

    @Bean({"ingress-controller"})
    public Controller ingressController(SharedInformerFactory sharedInformerFactory, IngressReconciler ingressReconciler) {
        DefaultControllerBuilder watch = ControllerBuilder.defaultBuilder(sharedInformerFactory).watch(workQueue -> {
            return ControllerBuilder.controllerWatchBuilder(V1Ingress.class, workQueue).withResyncPeriod(Duration.ofMinutes(1L)).build();
        });
        watch.withWorkerCount(2);
        return watch.withReconciler(ingressReconciler).withName("ingressController").build();
    }

    @Bean
    public IngressReconciler ingressReconciler(SharedIndexInformer<V1Ingress> sharedIndexInformer, SharedIndexInformer<V1Secret> sharedIndexInformer2, ShenyuCacheRepository shenyuCacheRepository, ObjectProvider<ShenyuSniAsyncMapping> objectProvider, IngressParser ingressParser, ApiClient apiClient) {
        return new IngressReconciler(sharedIndexInformer, sharedIndexInformer2, shenyuCacheRepository, (ShenyuSniAsyncMapping) Optional.ofNullable((ShenyuSniAsyncMapping) objectProvider.getIfAvailable()).orElse(new ShenyuSniAsyncMapping()), ingressParser, apiClient);
    }

    @Bean({"endpoints-controller"})
    public Controller endpointsController(SharedInformerFactory sharedInformerFactory, EndpointsReconciler endpointsReconciler) {
        DefaultControllerBuilder watch = ControllerBuilder.defaultBuilder(sharedInformerFactory).watch(workQueue -> {
            return ControllerBuilder.controllerWatchBuilder(V1Endpoints.class, workQueue).withResyncPeriod(Duration.ofMinutes(1L)).build();
        });
        watch.withWorkerCount(2);
        return watch.withReconciler(endpointsReconciler).withName("ingressController").build();
    }

    @Bean
    public EndpointsReconciler endpointsReconciler(SharedIndexInformer<V1Ingress> sharedIndexInformer, SharedIndexInformer<V1Endpoints> sharedIndexInformer2, ShenyuCacheRepository shenyuCacheRepository, ApiClient apiClient) {
        return new EndpointsReconciler(sharedIndexInformer, sharedIndexInformer2, shenyuCacheRepository, apiClient);
    }

    @Bean
    public ShenyuCacheRepository shenyuCacheRepository(CommonPluginDataSubscriber commonPluginDataSubscriber, CommonDiscoveryUpstreamDataSubscriber commonDiscoveryUpstreamDataSubscriber, MetaDataCacheSubscriber metaDataCacheSubscriber, MetaDataCacheSubscriber metaDataCacheSubscriber2) {
        return new ShenyuCacheRepository(commonPluginDataSubscriber, commonDiscoveryUpstreamDataSubscriber, metaDataCacheSubscriber, metaDataCacheSubscriber2);
    }

    @Bean
    public IngressParser ingressParser(SharedIndexInformer<V1Service> sharedIndexInformer, SharedIndexInformer<V1Endpoints> sharedIndexInformer2) {
        return new IngressParser(sharedIndexInformer, sharedIndexInformer2);
    }

    @Bean
    public SharedIndexInformer<V1Service> serviceInformer(ApiClient apiClient, SharedInformerFactory sharedInformerFactory) {
        return sharedInformerFactory.sharedIndexInformerFor(new GenericKubernetesApi(V1Service.class, V1ServiceList.class, "", "v1", "services", apiClient), V1Service.class, 0L);
    }

    @Bean
    public SharedIndexInformer<V1Endpoints> endpointsInformer(ApiClient apiClient, SharedInformerFactory sharedInformerFactory) {
        return sharedInformerFactory.sharedIndexInformerFor(new GenericKubernetesApi(V1Endpoints.class, V1EndpointsList.class, "", "v1", "endpoints", apiClient), V1Endpoints.class, 0L);
    }

    @Bean
    public SharedIndexInformer<V1Secret> secretInformer(ApiClient apiClient, SharedInformerFactory sharedInformerFactory) {
        return sharedInformerFactory.sharedIndexInformerFor(new GenericKubernetesApi(V1Secret.class, V1SecretList.class, "", "v1", "secrets", apiClient), V1Secret.class, 0L);
    }

    @Bean
    public SharedIndexInformer<V1Ingress> ingressInformer(ApiClient apiClient, SharedInformerFactory sharedInformerFactory) {
        return sharedInformerFactory.sharedIndexInformerFor(new GenericKubernetesApi(V1Ingress.class, V1IngressList.class, "networking.k8s.io", "v1", "ingresses", apiClient), V1Ingress.class, 0L);
    }

    @ConditionalOnProperty(value = {"shenyu.netty.http.web-server-factory-enabled", "shenyu.netty.http.sni.enabled"}, havingValue = "true")
    @Bean
    public TcpSslContextSpec tcpSslContextSpec(ObjectProvider<NettyHttpProperties> objectProvider, ApiClient apiClient) throws ApiException {
        NettyHttpProperties.SniProperties sni = ((NettyHttpProperties) Optional.ofNullable((NettyHttpProperties) objectProvider.getIfAvailable()).orElse(new NettyHttpProperties())).getSni();
        if (sni == null || !sni.getEnabled().booleanValue() || !"k8s".equals(sni.getMod())) {
            return TcpSslContextSpec.forServer(new ByteArrayInputStream(new byte[0]), new ByteArrayInputStream(new byte[0]));
        }
        String str = (String) Optional.ofNullable(sni.getDefaultK8sSecretName()).orElse("default-ingress-crt");
        String str2 = (String) Optional.ofNullable(sni.getDefaultK8sSecretNamespace()).orElse("default");
        V1Secret readNamespacedSecret = new CoreV1Api(apiClient).readNamespacedSecret(str, str2, "true");
        if (readNamespacedSecret.getData() != null) {
            return TcpSslContextSpec.forServer(new ByteArrayInputStream((byte[]) readNamespacedSecret.getData().get("tls.crt")), new ByteArrayInputStream((byte[]) readNamespacedSecret.getData().get("tls.key")));
        }
        throw new ShenyuException(String.format("Can not read cert and key from default secret %s/%s", str2, str));
    }
}
