package com.bigstep.bdl.gke.firewall;

import com.bigstep.bdl.credentials.common.model.Credential;
import com.bigstep.bdl.datalakes.common.backends.providers.GKE.credentials.GKECredentials;
import com.bigstep.bdl.datalakes.common.model.FirewallRule;
import com.bigstep.bdl.gke.client.GKEClientFactory;
import com.google.api.client.googleapis.json.GoogleJsonResponseException;
import com.google.api.services.compute.Compute;
import com.google.api.services.compute.model.Firewall;
import java.util.Arrays;
import org.apache.tomcat.util.net.Constants;

/* loaded from: input_file:BOOT-INF/lib/bdl-gke-lib-0.1.0.4.jar:com/bigstep/bdl/gke/firewall/FirewallOperations.class */
public class FirewallOperations {
    public static void createFirewallRule(Credential credential, FirewallRule firewallRule, String str) throws Exception {
        Compute computeClient = GKEClientFactory.getComputeClient(credential);
        String projectId = ((GKECredentials) credential.getCredentials()).getProjectId();
        Firewall firewall = new Firewall();
        firewall.setName(str);
        firewall.setDescription(firewallRule.getDescription());
        firewall.setDirection("Ingress");
        if (firewallRule.getProtocol().equals(Constants.SSL_PROTO_ALL)) {
            firewall.setAllowed(Arrays.asList(new Firewall.Allowed().setIPProtocol(Constants.SSL_PROTO_ALL)));
        } else if (firewallRule.getPorts() != null) {
            firewall.setAllowed(Arrays.asList(new Firewall.Allowed().setIPProtocol(firewallRule.getProtocol()).setPorts(Arrays.asList(firewallRule.getPorts().split(",")))));
        } else {
            firewall.setAllowed(Arrays.asList(new Firewall.Allowed().setIPProtocol(firewallRule.getProtocol())));
        }
        firewall.setSourceRanges(Arrays.asList(firewallRule.getIps().split(",")));
        computeClient.firewalls().insert(projectId, firewall).execute();
    }

    public static void deleteFirewallRule(Credential credential, String str) throws Exception {
        Compute computeClient = GKEClientFactory.getComputeClient(credential);
        try {
            computeClient.firewalls().delete(((GKECredentials) credential.getCredentials()).getProjectId(), str).execute();
        } catch (GoogleJsonResponseException e) {
            if (e.getDetails().getCode() != 404) {
                throw e;
            }
        }
    }

    public static void updateFirewallRule(Credential credential, FirewallRule firewallRule, String str, String str2) throws Exception {
        Compute computeClient = GKEClientFactory.getComputeClient(credential);
        String projectId = ((GKECredentials) credential.getCredentials()).getProjectId();
        Firewall firewall = new Firewall();
        firewall.setName(str);
        firewall.setDescription(firewallRule.getDescription());
        firewall.setDirection("Ingress");
        if (firewallRule.getProtocol().equals(Constants.SSL_PROTO_ALL)) {
            firewall.setAllowed(Arrays.asList(new Firewall.Allowed().setIPProtocol(Constants.SSL_PROTO_ALL)));
        } else if (firewallRule.getPorts() != null) {
            firewall.setAllowed(Arrays.asList(new Firewall.Allowed().setIPProtocol(firewallRule.getProtocol()).setPorts(Arrays.asList(firewallRule.getPorts().split(",")))));
        } else {
            firewall.setAllowed(Arrays.asList(new Firewall.Allowed().setIPProtocol(firewallRule.getProtocol())));
        }
        firewall.setSourceRanges(Arrays.asList(firewallRule.getIps().split(",")));
        computeClient.firewalls().update(projectId, str2, firewall).execute();
    }
}
