package com.bigstep.bdl.gke.account;

import com.bigstep.bdl.credentials.common.model.Credential;
import com.bigstep.bdl.datalakes.common.backends.providers.GKE.credentials.GKECredentials;
import com.bigstep.bdl.datalakes.common.backends.providers.GKE.credentials.GKEJSONCredentials;
import com.bigstep.bdl.gke.client.GKEClientFactory;
import com.google.api.services.iam.v1.Iam;
import com.google.api.services.iam.v1.model.CreateServiceAccountKeyRequest;
import com.google.api.services.iam.v1.model.CreateServiceAccountRequest;
import com.google.api.services.iam.v1.model.ServiceAccount;
import io.sundr.codegen.model.Node;
import java.util.Base64;

/* loaded from: input_file:BOOT-INF/lib/bdl-gke-lib-0.1.0.4.jar:com/bigstep/bdl/gke/account/AccountOperations.class */
public class AccountOperations {
    public static void createServiceAccount(Credential credential, String str, String str2) throws Exception {
        Iam iamClient = GKEClientFactory.getIamClient(credential);
        String projectId = ((GKECredentials) credential.getCredentials()).getProjectId();
        ServiceAccount serviceAccount = new ServiceAccount();
        serviceAccount.setDisplayName(str2);
        CreateServiceAccountRequest createServiceAccountRequest = new CreateServiceAccountRequest();
        createServiceAccountRequest.setAccountId(str);
        createServiceAccountRequest.setServiceAccount(serviceAccount);
        iamClient.projects().serviceAccounts().create("projects/" + projectId, createServiceAccountRequest).execute();
    }

    public static GKEJSONCredentials createServiceAccountKey(Credential credential, String str) throws Exception {
        Iam iamClient = GKEClientFactory.getIamClient(credential);
        String projectId = ((GKECredentials) credential.getCredentials()).getProjectId();
        byte[] decode = Base64.getMimeDecoder().decode(iamClient.projects().serviceAccounts().keys().create("projects/-/serviceAccounts/" + str + Node.AT + projectId + ".iam.gserviceaccount.com", new CreateServiceAccountKeyRequest()).execute().getPrivateKeyData());
        GKEJSONCredentials gKEJSONCredentials = new GKEJSONCredentials();
        gKEJSONCredentials.setJson(new String(decode));
        gKEJSONCredentials.setProjectId(projectId);
        return gKEJSONCredentials;
    }

    public static void deleteServiceAccount(Credential credential, String str) throws Exception {
        GKEClientFactory.getIamClient(credential).projects().serviceAccounts().delete("projects/-/serviceAccounts/" + str + Node.AT + ((GKECredentials) credential.getCredentials()).getProjectId() + ".iam.gserviceaccount.com").execute();
    }
}
