package com.atlassian.pipelines.runner.core.runtime.linux.docker;

import com.atlassian.bitbucketci.common.model.Error;
import com.atlassian.pipelines.runner.api.configuration.RunnerConfiguration;
import com.atlassian.pipelines.runner.api.directory.Directory;
import com.atlassian.pipelines.runner.api.error.ErrorKeys;
import com.atlassian.pipelines.runner.api.factory.DirectoryFactory;
import com.atlassian.pipelines.runner.api.model.docker.Bind;
import com.atlassian.pipelines.runner.api.model.docker.ContainerState;
import com.atlassian.pipelines.runner.api.model.docker.CreateContainerArgs;
import com.atlassian.pipelines.runner.api.model.docker.EnvironmentVariable;
import com.atlassian.pipelines.runner.api.model.docker.HealthCheck;
import com.atlassian.pipelines.runner.api.model.docker.Image;
import com.atlassian.pipelines.runner.api.model.docker.ImmutableBind;
import com.atlassian.pipelines.runner.api.model.docker.ImmutableCreateContainerArgs;
import com.atlassian.pipelines.runner.api.model.docker.ImmutableEnvironmentVariable;
import com.atlassian.pipelines.runner.api.model.docker.ImmutableHealthCheck;
import com.atlassian.pipelines.runner.api.model.docker.ResourceLimits;
import com.atlassian.pipelines.runner.api.model.log.ContainerId;
import com.atlassian.pipelines.runner.api.model.log.ImmutableContainerId;
import com.atlassian.pipelines.runner.api.model.log.LogId;
import com.atlassian.pipelines.runner.api.model.log.LogLine;
import com.atlassian.pipelines.runner.api.model.runner.RunnerId;
import com.atlassian.pipelines.runner.api.model.step.ImmutableResult;
import com.atlassian.pipelines.runner.api.model.step.Result;
import com.atlassian.pipelines.runner.api.model.step.Step;
import com.atlassian.pipelines.runner.api.model.step.service.Service;
import com.atlassian.pipelines.runner.api.runtime.ServicesStepRuntime;
import com.atlassian.pipelines.runner.api.service.StepService;
import com.atlassian.pipelines.runner.api.service.docker.DockerService;
import com.atlassian.pipelines.runner.api.service.docker.ImageService;
import com.atlassian.pipelines.runner.core.configuration.Runtime;
import com.atlassian.pipelines.runner.core.runtime.StepRuntimeAdapter;
import io.reactivex.Completable;
import io.reactivex.Observable;
import io.reactivex.Single;
import io.vavr.Value;
import io.vavr.collection.List;
import io.vavr.control.Either;
import io.vavr.control.Option;
import java.nio.file.Path;
import java.time.Duration;
import java.util.NoSuchElementException;
import java.util.function.Consumer;
import java.util.function.Function;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Profile;
import org.springframework.stereotype.Component;

@Profile({Runtime.Strings.LINUX_DOCKER})
@Component
/* loaded from: input_file:com/atlassian/pipelines/runner/core/runtime/linux/docker/LinuxDockerServicesStepRuntime.class */
public final class LinuxDockerServicesStepRuntime extends StepRuntimeAdapter implements ServicesStepRuntime {
    private static final HealthCheck CUSTOM_DOCKER_IN_DOCKER_CONTAINER_HEALTH_CHECK = ImmutableHealthCheck.builder("nc -zv 127.0.0.1 2375").withInterval(Duration.ofSeconds(1)).build();
    private static final EnvironmentVariable CUSTOM_DOCKER_IN_DOCKER_CONTAINER_ENV = ImmutableEnvironmentVariable.builder().withValue("DOCKER_TLS_CERTDIR=").build();
    private final DockerService dockerService;
    private final ImageService imageService;
    private final RunnerId runnerId;
    private final DirectoryFactory directoryFactory;

    private List<Bind> dockerInDockerContainerBinds() {
        return List.of((Object[]) new Bind[]{newBind(this.directoryFactory.ssh(), this.directoryFactory.sshMount().getPath()), newBind(this.directoryFactory.repository(), this.directoryFactory.repositoryMount().getPath()), newBind(this.directoryFactory.repository(), this.directoryFactory.legacyRepository().getPath())});
    }

    @Autowired
    public LinuxDockerServicesStepRuntime(RunnerConfiguration runnerConfiguration, StepService stepService, DockerService dockerService, ImageService imageService, DirectoryFactory directoryFactory) {
        super(stepService);
        this.dockerService = dockerService;
        this.runnerId = runnerConfiguration.getRunnerId();
        this.imageService = imageService;
        this.directoryFactory = directoryFactory;
    }

    @Override // com.atlassian.pipelines.runner.core.runtime.StepRuntimeAdapter, com.atlassian.pipelines.runner.api.runtime.StepRuntime
    public Single<Result> execute(Step step) {
        List<Service> filter = step.getServices().filter(service -> {
            return (service.isClone() || service.isBuild() || service.isPause()) ? false : true;
        });
        return runPauseContainer(step.getServices().find((v0) -> {
            return v0.isPause();
        }), step).andThen(filter.isEmpty() ? Single.never() : Observable.fromIterable(filter).flatMapSingle(service2 -> {
            return executeService(step, service2);
        }).map(containerState -> {
            return newResult(step, containerState);
        }).filter(result -> {
            return !result.getStatus().equals(Result.Status.PASSED);
        }).firstOrError());
    }

    @Override // com.atlassian.pipelines.runner.core.runtime.StepRuntimeAdapter, com.atlassian.pipelines.runner.api.runtime.StepRuntime
    public Single<Either<Throwable, Result>> teardown(Step step, Either<Throwable, Result> either) {
        return Observable.fromIterable(step.getServices()).flatMapCompletable(service -> {
            return this.dockerService.forceRemoveContainer(service.getContainerName(this.runnerId, step.getId()));
        }).andThen(Single.just(either));
    }

    private Completable runPauseContainer(Option<Service> option, Step step) {
        return (Completable) option.map(service -> {
            return this.dockerService.run(getPauseContainerArgs(service, step), str -> {
                return Completable.complete();
            }, logLine -> {
            }).ignoreElement();
        }).getOrElse((Value) Completable.complete());
    }

    private CreateContainerArgs getPauseContainerArgs(Service service, Step step) {
        return ImmutableCreateContainerArgs.builder().withImage(Image.from(service.getImage())).withName(service.getContainerName(this.runnerId, step.getId())).withEntrypoint(List.of("/pause")).build();
    }

    private static Bind newBind(Directory directory, Path path) {
        return ImmutableBind.builder().withHostPath(directory.getPath()).withContainerPath(path).build();
    }

    private Single<ContainerState> executeService(Step step, Service service) {
        return (service.isSystemDocker() ? Single.just(newCreateContainerArgsForSystemDocker(step, service)) : service.isCustomDocker() ? newCreateContainerArgsForCustomDocker(step, service) : Single.just(newCreateContainerArgsForService(step, service))).flatMap(createContainerArgs -> {
            return this.dockerService.runAndWait(createContainerArgs, newOnStartServiceContainerAddServiceContainerLogs(step, service), newWarningsLogConsumer(step, service));
        });
    }

    private Consumer<LogLine> newWarningsLogConsumer(Step step, Service service) {
        return step.getLogContext().getLogLineConsumerFactory().createLogConsumer(service, LogId.serviceContainerWarnings(service));
    }

    private CreateContainerArgs newCreateContainerArgsForService(Step step, Service service) {
        ImmutableCreateContainerArgs.Builder withResourceLimits = ImmutableCreateContainerArgs.builder().withName(service.getContainerName(this.runnerId, step.getId())).withImage(Image.from(service.getImage())).withEnvironmentVariables(service.getEnvironmentVariables().map(EnvironmentVariable::from)).withNetworkMode("container:" + step.getServices().filter((v0) -> {
            return v0.isPause();
        }).last().getContainerName(this.runnerId, step.getId())).withResourceLimits((Option<ResourceLimits>) service.getResourceLimits().map(ResourceLimits::from));
        if (service.getOrigin() == Service.Origin.YML) {
            withResourceLimits.withTemporaryFilesystems(List.of(this.directoryFactory.sharedMemoryMount().getPath()));
        }
        return withResourceLimits.build();
    }

    private CreateContainerArgs newCreateContainerArgsForSystemDocker(Step step, Service service) {
        return ImmutableCreateContainerArgs.builder().from(newCreateContainerArgsForService(step, service)).withBinds(dockerInDockerContainerBinds()).withReadonlyRootfs((Boolean) false).withPrivileged((Boolean) true).build();
    }

    private Single<CreateContainerArgs> newCreateContainerArgsForCustomDocker(Step step, Service service) {
        ImmutableCreateContainerArgs.Builder withPrivileged = ImmutableCreateContainerArgs.builder().from(newCreateContainerArgsForService(step, service)).withBinds(dockerInDockerContainerBinds()).addEnvironmentVariable(CUSTOM_DOCKER_IN_DOCKER_CONTAINER_ENV).withPrivileged((Boolean) true);
        return this.imageService.isHealthcheckProvided(Image.from(service.getImage())).map(bool -> {
            if (!bool.booleanValue()) {
                withPrivileged.withHealthCheck(CUSTOM_DOCKER_IN_DOCKER_CONTAINER_HEALTH_CHECK);
            }
            return withPrivileged;
        }).map((v0) -> {
            return v0.build();
        });
    }

    private Function<String, Completable> newOnStartServiceContainerAddServiceContainerLogs(Step step, Service service) {
        return str -> {
            return step.getLogContext().getLogManager().addContainerLog(this.directoryFactory.dockerContainers().getPath(), LogId.service(service.getUuid()), ImmutableContainerId.builder().withType(ContainerId.Type.DOCKER).withId(str).withName(service.getContainerName(this.runnerId, step.getId())).build());
        };
    }

    private Result newResult(Step step, ContainerState containerState) {
        boolean booleanValue = containerState.isOomKilled().getOrElse((Option<Boolean>) false).booleanValue();
        if (containerState.getExitCode().isEmpty()) {
            return ImmutableResult.builder().withStatus(Result.Status.ERROR).withError(Error.builder(ErrorKeys.ErrorKey.SERVICE_CONTAINER_FAILURE.getKey(), String.format("Service %s did not have an exit code.", getService(step, containerState.getNormalisedName()).getName())).build()).build();
        }
        if (containerState.getExitCode().get().intValue() == 0) {
            return ImmutableResult.builder().withStatus(Result.Status.PASSED).build();
        }
        if (booleanValue) {
            return ImmutableResult.builder().withStatus(Result.Status.FAILED).withError(Error.builder(ErrorKeys.ErrorKey.SERVICE_MEMORY_LIMIT_EXCEEDED.getKey(), String.format("Service '%s' exceeded memory limit.", getService(step, containerState.getNormalisedName()).getName())).build()).build();
        }
        if (containerState.getExitCode().get().intValue() == 0) {
            return ImmutableResult.builder().withStatus(Result.Status.FAILED).build();
        }
        return ImmutableResult.builder().withStatus(Result.Status.FAILED).withError(Error.builder(ErrorKeys.ErrorKey.SERVICE_CONTAINER_FAILURE.getKey(), String.format("Service '%s' exited with exit code: %s.", getService(step, containerState.getNormalisedName()).getName(), containerState.getExitCode().get())).build()).build();
    }

    private Service getService(Step step, String str) {
        return step.getServices().find(service -> {
            return service.getContainerName(this.runnerId, step.getId()).equals(str);
        }).getOrElseThrow(() -> {
            return new NoSuchElementException("No service with name provided.");
        });
    }
}
