UNPKG

@cdklabs/cdk-amazonmq

Version:

<!--BEGIN STABILITY BANNER-->

github.com/cdklabs/cdk-amazonmq

cdklabs/cdk-amazonmq

131 lines 22.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.EventSourceBase = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); /* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ const aws_cdk_lib_1 = require("aws-cdk-lib"); const aws_iam_1 = require("aws-cdk-lib/aws-iam"); const aws_lambda_1 = require("aws-cdk-lib/aws-lambda"); const custom_resources_1 = require("aws-cdk-lib/custom-resources"); const esm_deleter_is_complete_function_1 = require("./esm-deleter.is-complete-function"); const esm_deleter_on_event_function_1 = require("./esm-deleter.on-event-function"); /** * Represents an AWS Lambda Event Source Mapping for RabbitMQ. This event source will add additional permissions to * the AWS Lambda function's IAM Role following https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#events-mq-permissions */ class EventSourceBase { /** * Instantiates an AWS Lambda Event Source Mapping for RabbitMQ. This event source will add additional permissions to * the AWS Lambda function's IAM Role following https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#events-mq-permissions * * @param props properties of the RabbitMQ event source */ constructor(props, mqType) { this.props = props; this.mqType = mqType; this.sourceAccessConfigurations = []; this.props.batchSize !== undefined && (0, aws_cdk_lib_1.withResolved)(this.props.batchSize, (batchSize) => { if (batchSize < 1 || batchSize > 10000) { throw new Error(`Maximum batch size must be between 1 and 10000 inclusive (given ${this.props.batchSize})`); } }); } bind(target) { if (this.props.addPermissions === undefined || this.props.addPermissions) { this.props.credentials.grantRead(target); target.node.addMetadata("function-mq-permissions", "Additional permissions following https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#events-mq-permissions"); if (!target.isBoundToVpc) { // INFO: if the target is VPC bound then CDK attaches // managed policy AWSLambdaVPCAccessExecutionRole // which contains the necessary permissions. target.addToRolePolicy(new aws_iam_1.PolicyStatement({ effect: aws_iam_1.Effect.ALLOW, actions: [ "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeNetworkInterfaces", "ec2:DescribeSubnets", ], resources: ["*"], })); } target.addToRolePolicy(new aws_iam_1.PolicyStatement({ effect: aws_iam_1.Effect.ALLOW, actions: ["mq:DescribeBroker"], resources: [this.props.broker.arn], })); target.addToRolePolicy(new aws_iam_1.PolicyStatement({ effect: aws_iam_1.Effect.ALLOW, actions: ["ec2:DescribeVpcs", "ec2:DescribeSecurityGroups"], resources: ["*"], })); } this.sourceAccessConfigurations.push({ type: aws_lambda_1.SourceAccessConfigurationType.BASIC_AUTH, uri: this.props.credentials.secretArn, }); // TODO: move ID generation outside as an abstract protected method const mapping = target.addEventSourceMapping(`MqEventSource:${aws_cdk_lib_1.Names.nodeUniqueId(this.props.broker.node)}${this.props.queueName}`, { batchSize: this.props.batchSize, maxBatchingWindow: this.props.maxBatchingWindow, enabled: this.props.enabled, eventSourceArn: this.props.broker.arn, sourceAccessConfigurations: this.sourceAccessConfigurations, }); const esMapping = mapping.node.defaultChild; // INFO: even though the property allows an array of items // there can be no more than one queue esMapping.addPropertyOverride("Queues", [this.props.queueName]); // INFO: This is a (hopefully) temporary workaround due to the fact that ESM notifies CFN too early its deletion // completion and as a result, target's IAM Role is being deleted before ESM is able to assume it to delete the ENIs. // This in turn causes a deletion failure that requires manual ENIs' deletion to recover. if (target.role) { const provider = new custom_resources_1.Provider(mapping, `MqEsmDeleter:${aws_cdk_lib_1.Names.uniqueId(mapping)}`, { onEventHandler: new esm_deleter_on_event_function_1.EsmDeleterOnEventFunction(mapping, "onevent", { initialPolicy: [ new aws_iam_1.PolicyStatement({ actions: ["lambda:DeleteEventSourceMapping"], effect: aws_iam_1.Effect.ALLOW, resources: [ `arn:${aws_cdk_lib_1.Aws.PARTITION}:lambda:${aws_cdk_lib_1.Aws.REGION}:${aws_cdk_lib_1.Aws.ACCOUNT_ID}:event-source-mapping:${mapping.eventSourceMappingId}`, ], }), ], }), isCompleteHandler: new esm_deleter_is_complete_function_1.EsmDeleterIsCompleteFunction(mapping, "iscomplete", { initialPolicy: [ new aws_iam_1.PolicyStatement({ actions: ["ec2:DescribeNetworkInterfaces"], effect: aws_iam_1.Effect.ALLOW, resources: ["*"], }), ], }), queryInterval: aws_cdk_lib_1.Duration.minutes(1), }); const cr = new aws_cdk_lib_1.CustomResource(mapping, `MqEsmDeleterCR:${aws_cdk_lib_1.Names.nodeUniqueId(mapping.node)}`, { serviceToken: provider.serviceToken, properties: { MqType: this.mqType, EsmId: mapping.eventSourceMappingId, AccountId: aws_cdk_lib_1.Aws.ACCOUNT_ID, }, }); // INFO: the Amazon MQ service uses this role to provision/deprovision the ESM. // we need it to remain until the ESM is deleted. cr.node.addDependency(target.role); } } addToSourceAccessConfigurations(config) { this.sourceAccessConfigurations.push(config); } } exports.EventSourceBase = EventSourceBase; _a = JSII_RTTI_SYMBOL_1; EventSourceBase[_a] = { fqn: "@cdklabs/cdk-amazonmq.EventSourceBase", version: "0.1.8" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXZlbnQtc291cmNlLWJhc2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbXEtZXNtL2V2ZW50LXNvdXJjZS1iYXNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUE7OztFQUdFO0FBQ0YsNkNBTXFCO0FBQ3JCLGlEQUE4RDtBQUM5RCx1REFNZ0M7QUFFaEMsbUVBQXdEO0FBQ3hELHlGQUFrRjtBQUNsRixtRkFBNEU7QUErRDVFOzs7R0FHRztBQUNILE1BQXNCLGVBQWU7SUFHbkM7Ozs7O09BS0c7SUFDSCxZQUNxQixLQUEyQixFQUMzQixNQUFjO1FBRGQsVUFBSyxHQUFMLEtBQUssQ0FBc0I7UUFDM0IsV0FBTSxHQUFOLE1BQU0sQ0FBUTtRQVYzQiwrQkFBMEIsR0FBZ0MsRUFBRSxDQUFDO1FBWW5FLElBQUksQ0FBQyxLQUFLLENBQUMsU0FBUyxLQUFLLFNBQVM7WUFDaEMsSUFBQSwwQkFBWSxFQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsU0FBUyxFQUFFLENBQUMsU0FBUyxFQUFFLEVBQUU7Z0JBQy9DLElBQUksU0FBUyxHQUFHLENBQUMsSUFBSSxTQUFTLEdBQUcsS0FBSyxFQUFFLENBQUM7b0JBQ3ZDLE1BQU0sSUFBSSxLQUFLLENBQ2IsbUVBQW1FLElBQUksQ0FBQyxLQUFLLENBQUMsU0FBUyxHQUFHLENBQzNGLENBQUM7Z0JBQ0osQ0FBQztZQUNILENBQUMsQ0FBQyxDQUFDO0lBQ1AsQ0FBQztJQUVELElBQUksQ0FBQyxNQUFpQjtRQUNwQixJQUFJLElBQUksQ0FBQyxLQUFLLENBQUMsY0FBYyxLQUFLLFNBQVMsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLGNBQWMsRUFBRSxDQUFDO1lBQ3pFLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUV6QyxNQUFNLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FDckIseUJBQXlCLEVBQ3pCLGtIQUFrSCxDQUNuSCxDQUFDO1lBRUYsSUFBSSxDQUFDLE1BQU0sQ0FBQyxZQUFZLEVBQUUsQ0FBQztnQkFDekIscURBQXFEO2dCQUNyRCx1REFBdUQ7Z0JBQ3ZELGtEQUFrRDtnQkFDbEQsTUFBTSxDQUFDLGVBQWUsQ0FDcEIsSUFBSSx5QkFBZSxDQUFDO29CQUNsQixNQUFNLEVBQUUsZ0JBQU0sQ0FBQyxLQUFLO29CQUNwQixPQUFPLEVBQUU7d0JBQ1AsNEJBQTRCO3dCQUM1Qiw0QkFBNEI7d0JBQzVCLCtCQUErQjt3QkFDL0IscUJBQXFCO3FCQUN0QjtvQkFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7aUJBQ2pCLENBQUMsQ0FDSCxDQUFDO1lBQ0osQ0FBQztZQUVELE1BQU0sQ0FBQyxlQUFlLENBQ3BCLElBQUkseUJBQWUsQ0FBQztnQkFDbEIsTUFBTSxFQUFFLGdCQUFNLENBQUMsS0FBSztnQkFDcEIsT0FBTyxFQUFFLENBQUMsbUJBQW1CLENBQUM7Z0JBQzlCLFNBQVMsRUFBRSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLEdBQUcsQ0FBQzthQUNuQyxDQUFDLENBQ0gsQ0FBQztZQUVGLE1BQU0sQ0FBQyxlQUFlLENBQ3BCLElBQUkseUJBQWUsQ0FBQztnQkFDbEIsTUFBTSxFQUFFLGdCQUFNLENBQUMsS0FBSztnQkFDcEIsT0FBTyxFQUFFLENBQUMsa0JBQWtCLEVBQUUsNEJBQTRCLENBQUM7Z0JBQzNELFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQzthQUNqQixDQUFDLENBQ0gsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUFJLENBQUMsMEJBQTBCLENBQUMsSUFBSSxDQUFDO1lBQ25DLElBQUksRUFBRSwwQ0FBNkIsQ0FBQyxVQUFVO1lBQzlDLEdBQUcsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxTQUFTO1NBQ3RDLENBQUMsQ0FBQztRQUVILG1FQUFtRTtRQUNuRSxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMscUJBQXFCLENBQzFDLGlCQUFpQixtQkFBSyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVMsRUFBRSxFQUNwRjtZQUNFLFNBQVMsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVM7WUFDL0IsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxpQkFBaUI7WUFDL0MsT0FBTyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTztZQUMzQixjQUFjLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsR0FBRztZQUNyQywwQkFBMEIsRUFBRSxJQUFJLENBQUMsMEJBQTBCO1NBQzVELENBQ0YsQ0FBQztRQUVGLE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsWUFBcUMsQ0FBQztRQUVyRSwwREFBMEQ7UUFDMUQsNENBQTRDO1FBQzVDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUM7UUFFaEUsZ0hBQWdIO1FBQ2hILDJIQUEySDtRQUMzSCwrRkFBK0Y7UUFDL0YsSUFBSSxNQUFNLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDaEIsTUFBTSxRQUFRLEdBQUcsSUFBSSwyQkFBUSxDQUMzQixPQUFPLEVBQ1AsZ0JBQWdCLG1CQUFLLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLEVBQ3pDO2dCQUNFLGNBQWMsRUFBRSxJQUFJLHlEQUF5QixDQUFDLE9BQU8sRUFBRSxTQUFTLEVBQUU7b0JBQ2hFLGFBQWEsRUFBRTt3QkFDYixJQUFJLHlCQUFlLENBQUM7NEJBQ2xCLE9BQU8sRUFBRSxDQUFDLGlDQUFpQyxDQUFDOzRCQUM1QyxNQUFNLEVBQUUsZ0JBQU0sQ0FBQyxLQUFLOzRCQUNwQixTQUFTLEVBQUU7Z0NBQ1QsT0FBTyxpQkFBRyxDQUFDLFNBQVMsV0FBVyxpQkFBRyxDQUFDLE1BQU0sSUFBSSxpQkFBRyxDQUFDLFVBQVUseUJBQXlCLE9BQU8sQ0FBQyxvQkFBb0IsRUFBRTs2QkFDbkg7eUJBQ0YsQ0FBQztxQkFDSDtpQkFDRixDQUFDO2dCQUNGLGlCQUFpQixFQUFFLElBQUksK0RBQTRCLENBQ2pELE9BQU8sRUFDUCxZQUFZLEVBQ1o7b0JBQ0UsYUFBYSxFQUFFO3dCQUNiLElBQUkseUJBQWUsQ0FBQzs0QkFDbEIsT0FBTyxFQUFFLENBQUMsK0JBQStCLENBQUM7NEJBQzFDLE1BQU0sRUFBRSxnQkFBTSxDQUFDLEtBQUs7NEJBQ3BCLFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQzt5QkFDakIsQ0FBQztxQkFDSDtpQkFDRixDQUNGO2dCQUNELGFBQWEsRUFBRSxzQkFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7YUFDbkMsQ0FDRixDQUFDO1lBRUYsTUFBTSxFQUFFLEdBQUcsSUFBSSw0QkFBYyxDQUMzQixPQUFPLEVBQ1Asa0JBQWtCLG1CQUFLLENBQUMsWUFBWSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsRUFBRSxFQUNwRDtnQkFDRSxZQUFZLEVBQUUsUUFBUSxDQUFDLFlBQVk7Z0JBQ25DLFVBQVUsRUFBRTtvQkFDVixNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07b0JBQ25CLEtBQUssRUFBRSxPQUFPLENBQUMsb0JBQW9CO29CQUNuQyxTQUFTLEVBQUUsaUJBQUcsQ0FBQyxVQUFVO2lCQUMxQjthQUNGLENBQ0YsQ0FBQztZQUVGLCtFQUErRTtZQUMvRSx1REFBdUQ7WUFDdkQsRUFBRSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3JDLENBQUM7SUFDSCxDQUFDO0lBRVMsK0JBQStCLENBQUMsTUFBaUM7UUFDekUsSUFBSSxDQUFDLDBCQUEwQixDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUMvQyxDQUFDOztBQW5KSCwwQ0FvSkMiLCJzb3VyY2VzQ29udGVudCI6WyIvKlxuQ29weXJpZ2h0IEFtYXpvbi5jb20sIEluYy4gb3IgaXRzIGFmZmlsaWF0ZXMuIEFsbCBSaWdodHMgUmVzZXJ2ZWQuXG5TUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMFxuKi9cbmltcG9ydCB7XG4gIEF3cyxcbiAgQ3VzdG9tUmVzb3VyY2UsXG4gIER1cmF0aW9uLFxuICBOYW1lcyxcbiAgd2l0aFJlc29sdmVkLFxufSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IEVmZmVjdCwgUG9saWN5U3RhdGVtZW50IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIjtcbmltcG9ydCB7XG4gIENmbkV2ZW50U291cmNlTWFwcGluZyxcbiAgSUV2ZW50U291cmNlLFxuICBJRnVuY3Rpb24sXG4gIFNvdXJjZUFjY2Vzc0NvbmZpZ3VyYXRpb24sXG4gIFNvdXJjZUFjY2Vzc0NvbmZpZ3VyYXRpb25UeXBlLFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxhbWJkYVwiO1xuaW1wb3J0IHsgSVNlY3JldCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtc2VjcmV0c21hbmFnZXJcIjtcbmltcG9ydCB7IFByb3ZpZGVyIH0gZnJvbSBcImF3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXNcIjtcbmltcG9ydCB7IEVzbURlbGV0ZXJJc0NvbXBsZXRlRnVuY3Rpb24gfSBmcm9tIFwiLi9lc20tZGVsZXRlci5pcy1jb21wbGV0ZS1mdW5jdGlvblwiO1xuaW1wb3J0IHsgRXNtRGVsZXRlck9uRXZlbnRGdW5jdGlvbiB9IGZyb20gXCIuL2VzbS1kZWxldGVyLm9uLWV2ZW50LWZ1bmN0aW9uXCI7XG5pbXBvcnQgeyBJQnJva2VyRGVwbG95bWVudCB9IGZyb20gXCIuLi9icm9rZXItZGVwbG95bWVudFwiO1xuXG5leHBvcnQgaW50ZXJmYWNlIEV2ZW50U291cmNlUHJvcHMge1xuICAvKipcbiAgICogc291cmNlIGF0IHRoZSB0aW1lIG9mIGludm9raW5nIHlvdXIgZnVuY3Rpb24uIFlvdXIgZnVuY3Rpb24gcmVjZWl2ZXMgYW5cbiAgICogVGhlIGxhcmdlc3QgbnVtYmVyIG9mIHJlY29yZHMgdGhhdCBBV1MgTGFtYmRhIHdpbGwgcmV0cmlldmUgZnJvbSB5b3VyIGV2ZW50XG4gICAqIGV2ZW50IHdpdGggYWxsIHRoZSByZXRyaWV2ZWQgcmVjb3Jkcy5cbiAgICpcbiAgICogVmFsaWQgUmFuZ2U6XG4gICAqICogTWluaW11bSB2YWx1ZSBvZiAxXG4gICAqICogTWF4aW11bSB2YWx1ZSBvZjogMTAwMDBcbiAgICpcbiAgICogQGRlZmF1bHQgMTAwXG4gICAqL1xuICByZWFkb25seSBiYXRjaFNpemU/OiBudW1iZXI7XG5cbiAgLyoqXG4gICAqIFRoZSBtYXhpbXVtIGFtb3VudCBvZiB0aW1lIHRvIGdhdGhlciByZWNvcmRzIGJlZm9yZSBpbnZva2luZyB0aGUgZnVuY3Rpb24uXG4gICAqIE1heGltdW0gb2YgRHVyYXRpb24ubWludXRlcyg1KS5cbiAgICpcbiAgICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vbGFtYmRhL2xhdGVzdC9kZy9pbnZvY2F0aW9uLWV2ZW50c291cmNlbWFwcGluZy5odG1sI2ludm9jYXRpb24tZXZlbnRzb3VyY2VtYXBwaW5nLWJhdGNoaW5nXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gRHVyYXRpb24ubWlsbGlzKDUwMCkgZm9yIEFtYXpvbiBNUS5cbiAgICovXG4gIHJlYWRvbmx5IG1heEJhdGNoaW5nV2luZG93PzogRHVyYXRpb247XG5cbiAgLyoqXG4gICAqIElmIHRoZSBzdHJlYW0gZXZlbnQgc291cmNlIG1hcHBpbmcgc2hvdWxkIGJlIGVuYWJsZWQuXG4gICAqXG4gICAqIEBkZWZhdWx0IHRydWVcbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZWQ/OiBib29sZWFuO1xuXG4gIC8qKlxuICAgKiBBIHNlY3JldCB3aXRoIGNyZWRlbnRpYWxzIG9mIHRoZSB1c2VyIHRvIHVzZSB3aGVuIHJlY2VpdmluZyBtZXNzYWdlcy5cbiAgICpcbiAgICogVGhlIGNyZWRlbnRpYWxzIGluIHRoZSBzZWNyZXQgaGF2ZSBmaWVsZHMgcmVxdWlyZWQ6XG4gICAqICAqIHVzZXJuYW1lXG4gICAqICAqIHBhc3N3b3JkXG4gICAqL1xuICByZWFkb25seSBjcmVkZW50aWFsczogSVNlY3JldDtcblxuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIHF1ZXVlIHRoYXQgdGhlIGZ1bmN0aW9uIHdpbGwgcmVjZWl2ZSBtZXNzYWdlcyBmcm9tLlxuICAgKi9cbiAgcmVhZG9ubHkgcXVldWVOYW1lOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIElmIHRoZSBkZWZhdWx0IHBlcm1pc3Npb25zIHNob3VsZCBiZSBhZGRlZCB0byB0aGUgTGFtYmRhIGZ1bmN0aW9uJ3MgZXhlY3V0aW9uIHJvbGUuXG4gICAqXG4gICAqIEBkZWZhdWx0IHRydWVcbiAgICovXG4gIHJlYWRvbmx5IGFkZFBlcm1pc3Npb25zPzogYm9vbGVhbjtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBFdmVudFNvdXJjZUJhc2VQcm9wcyBleHRlbmRzIEV2ZW50U291cmNlUHJvcHMge1xuICAvKipcbiAgICogVGhlIEFtYXpvbiBNUSBicm9rZXIgZGVwbG95bWVudCB0byByZWNlaXZlIG1lc3NhZ2VzIGZyb20uXG4gICAqL1xuICByZWFkb25seSBicm9rZXI6IElCcm9rZXJEZXBsb3ltZW50O1xufVxuXG4vKipcbiAqIFJlcHJlc2VudHMgYW4gQVdTIExhbWJkYSBFdmVudCBTb3VyY2UgTWFwcGluZyBmb3IgUmFiYml0TVEuIFRoaXMgZXZlbnQgc291cmNlIHdpbGwgYWRkIGFkZGl0aW9uYWwgcGVybWlzc2lvbnMgdG9cbiAqIHRoZSBBV1MgTGFtYmRhIGZ1bmN0aW9uJ3MgSUFNIFJvbGUgZm9sbG93aW5nIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9sYW1iZGEvbGF0ZXN0L2RnL3dpdGgtbXEuaHRtbCNldmVudHMtbXEtcGVybWlzc2lvbnNcbiAqL1xuZXhwb3J0IGFic3RyYWN0IGNsYXNzIEV2ZW50U291cmNlQmFzZSBpbXBsZW1lbnRzIElFdmVudFNvdXJjZSB7XG4gIHByaXZhdGUgc291cmNlQWNjZXNzQ29uZmlndXJhdGlvbnM6IFNvdXJjZUFjY2Vzc0NvbmZpZ3VyYXRpb25bXSA9IFtdO1xuXG4gIC8qKlxuICAgKiBJbnN0YW50aWF0ZXMgYW4gQVdTIExhbWJkYSBFdmVudCBTb3VyY2UgTWFwcGluZyBmb3IgUmFiYml0TVEuIFRoaXMgZXZlbnQgc291cmNlIHdpbGwgYWRkIGFkZGl0aW9uYWwgcGVybWlzc2lvbnMgdG9cbiAgICogdGhlIEFXUyBMYW1iZGEgZnVuY3Rpb24ncyBJQU0gUm9sZSBmb2xsb3dpbmcgaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL2xhbWJkYS9sYXRlc3QvZGcvd2l0aC1tcS5odG1sI2V2ZW50cy1tcS1wZXJtaXNzaW9uc1xuICAgKlxuICAgKiBAcGFyYW0gcHJvcHMgcHJvcGVydGllcyBvZiB0aGUgUmFiYml0TVEgZXZlbnQgc291cmNlXG4gICAqL1xuICBjb25zdHJ1Y3RvcihcbiAgICBwcm90ZWN0ZWQgcmVhZG9ubHkgcHJvcHM6IEV2ZW50U291cmNlQmFzZVByb3BzLFxuICAgIHByb3RlY3RlZCByZWFkb25seSBtcVR5cGU6IHN0cmluZyxcbiAgKSB7XG4gICAgdGhpcy5wcm9wcy5iYXRjaFNpemUgIT09IHVuZGVmaW5lZCAmJlxuICAgICAgd2l0aFJlc29sdmVkKHRoaXMucHJvcHMuYmF0Y2hTaXplLCAoYmF0Y2hTaXplKSA9PiB7XG4gICAgICAgIGlmIChiYXRjaFNpemUgPCAxIHx8IGJhdGNoU2l6ZSA+IDEwMDAwKSB7XG4gICAgICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICAgICAgYE1heGltdW0gYmF0Y2ggc2l6ZSBtdXN0IGJlIGJldHdlZW4gMSBhbmQgMTAwMDAgaW5jbHVzaXZlIChnaXZlbiAke3RoaXMucHJvcHMuYmF0Y2hTaXplfSlgLFxuICAgICAgICAgICk7XG4gICAgICAgIH1cbiAgICAgIH0pO1xuICB9XG5cbiAgYmluZCh0YXJnZXQ6IElGdW5jdGlvbik6IHZvaWQge1xuICAgIGlmICh0aGlzLnByb3BzLmFkZFBlcm1pc3Npb25zID09PSB1bmRlZmluZWQgfHwgdGhpcy5wcm9wcy5hZGRQZXJtaXNzaW9ucykge1xuICAgICAgdGhpcy5wcm9wcy5jcmVkZW50aWFscy5ncmFudFJlYWQodGFyZ2V0KTtcblxuICAgICAgdGFyZ2V0Lm5vZGUuYWRkTWV0YWRhdGEoXG4gICAgICAgIFwiZnVuY3Rpb24tbXEtcGVybWlzc2lvbnNcIixcbiAgICAgICAgXCJBZGRpdGlvbmFsIHBlcm1pc3Npb25zIGZvbGxvd2luZyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vbGFtYmRhL2xhdGVzdC9kZy93aXRoLW1xLmh0bWwjZXZlbnRzLW1xLXBlcm1pc3Npb25zXCIsXG4gICAgICApO1xuXG4gICAgICBpZiAoIXRhcmdldC5pc0JvdW5kVG9WcGMpIHtcbiAgICAgICAgLy8gSU5GTzogaWYgdGhlIHRhcmdldCBpcyBWUEMgYm91bmQgdGhlbiBDREsgYXR0YWNoZXNcbiAgICAgICAgLy8gICAgICAgbWFuYWdlZCBwb2xpY3kgQVdTTGFtYmRhVlBDQWNjZXNzRXhlY3V0aW9uUm9sZVxuICAgICAgICAvLyAgICAgICB3aGljaCBjb250YWlucyB0aGUgbmVjZXNzYXJ5IHBlcm1pc3Npb25zLlxuICAgICAgICB0YXJnZXQuYWRkVG9Sb2xlUG9saWN5KFxuICAgICAgICAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgICAgICBhY3Rpb25zOiBbXG4gICAgICAgICAgICAgIFwiZWMyOkNyZWF0ZU5ldHdvcmtJbnRlcmZhY2VcIixcbiAgICAgICAgICAgICAgXCJlYzI6RGVsZXRlTmV0d29ya0ludGVyZmFjZVwiLFxuICAgICAgICAgICAgICBcImVjMjpEZXNjcmliZU5ldHdvcmtJbnRlcmZhY2VzXCIsXG4gICAgICAgICAgICAgIFwiZWMyOkRlc2NyaWJlU3VibmV0c1wiLFxuICAgICAgICAgICAgXSxcbiAgICAgICAgICAgIHJlc291cmNlczogW1wiKlwiXSxcbiAgICAgICAgICB9KSxcbiAgICAgICAgKTtcbiAgICAgIH1cblxuICAgICAgdGFyZ2V0LmFkZFRvUm9sZVBvbGljeShcbiAgICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgICAgYWN0aW9uczogW1wibXE6RGVzY3JpYmVCcm9rZXJcIl0sXG4gICAgICAgICAgcmVzb3VyY2VzOiBbdGhpcy5wcm9wcy5icm9rZXIuYXJuXSxcbiAgICAgICAgfSksXG4gICAgICApO1xuXG4gICAgICB0YXJnZXQuYWRkVG9Sb2xlUG9saWN5KFxuICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBlZmZlY3Q6IEVmZmVjdC5BTExPVyxcbiAgICAgICAgICBhY3Rpb25zOiBbXCJlYzI6RGVzY3JpYmVWcGNzXCIsIFwiZWMyOkRlc2NyaWJlU2VjdXJpdHlHcm91cHNcIl0sXG4gICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdLFxuICAgICAgICB9KSxcbiAgICAgICk7XG4gICAgfVxuXG4gICAgdGhpcy5zb3VyY2VBY2Nlc3NDb25maWd1cmF0aW9ucy5wdXNoKHtcbiAgICAgIHR5cGU6IFNvdXJjZUFjY2Vzc0NvbmZpZ3VyYXRpb25UeXBlLkJBU0lDX0FVVEgsXG4gICAgICB1cmk6IHRoaXMucHJvcHMuY3JlZGVudGlhbHMuc2VjcmV0QXJuLFxuICAgIH0pO1xuXG4gICAgLy8gVE9ETzogbW92ZSBJRCBnZW5lcmF0aW9uIG91dHNpZGUgYXMgYW4gYWJzdHJhY3QgcHJvdGVjdGVkIG1ldGhvZFxuICAgIGNvbnN0IG1hcHBpbmcgPSB0YXJnZXQuYWRkRXZlbnRTb3VyY2VNYXBwaW5nKFxuICAgICAgYE1xRXZlbnRTb3VyY2U6JHtOYW1lcy5ub2RlVW5pcXVlSWQodGhpcy5wcm9wcy5icm9rZXIubm9kZSl9JHt0aGlzLnByb3BzLnF1ZXVlTmFtZX1gLFxuICAgICAge1xuICAgICAgICBiYXRjaFNpemU6IHRoaXMucHJvcHMuYmF0Y2hTaXplLFxuICAgICAgICBtYXhCYXRjaGluZ1dpbmRvdzogdGhpcy5wcm9wcy5tYXhCYXRjaGluZ1dpbmRvdyxcbiAgICAgICAgZW5hYmxlZDogdGhpcy5wcm9wcy5lbmFibGVkLFxuICAgICAgICBldmVudFNvdXJjZUFybjogdGhpcy5wcm9wcy5icm9rZXIuYXJuLFxuICAgICAgICBzb3VyY2VBY2Nlc3NDb25maWd1cmF0aW9uczogdGhpcy5zb3VyY2VBY2Nlc3NDb25maWd1cmF0aW9ucyxcbiAgICAgIH0sXG4gICAgKTtcblxuICAgIGNvbnN0IGVzTWFwcGluZyA9IG1hcHBpbmcubm9kZS5kZWZhdWx0Q2hpbGQgYXMgQ2ZuRXZlbnRTb3VyY2VNYXBwaW5nO1xuXG4gICAgLy8gSU5GTzogZXZlbiB0aG91Z2ggdGhlIHByb3BlcnR5IGFsbG93cyBhbiBhcnJheSBvZiBpdGVtc1xuICAgIC8vICAgICAgIHRoZXJlIGNhbiBiZSBubyBtb3JlIHRoYW4gb25lIHF1ZXVlXG4gICAgZXNNYXBwaW5nLmFkZFByb3BlcnR5T3ZlcnJpZGUoXCJRdWV1ZXNcIiwgW3RoaXMucHJvcHMucXVldWVOYW1lXSk7XG5cbiAgICAvLyBJTkZPOiBUaGlzIGlzIGEgKGhvcGVmdWxseSkgdGVtcG9yYXJ5IHdvcmthcm91bmQgZHVlIHRvIHRoZSBmYWN0IHRoYXQgRVNNIG5vdGlmaWVzIENGTiB0b28gZWFybHkgaXRzIGRlbGV0aW9uXG4gICAgLy8gICAgICAgY29tcGxldGlvbiBhbmQgYXMgYSByZXN1bHQsIHRhcmdldCdzIElBTSBSb2xlIGlzIGJlaW5nIGRlbGV0ZWQgYmVmb3JlIEVTTSBpcyBhYmxlIHRvIGFzc3VtZSBpdCB0byBkZWxldGUgdGhlIEVOSXMuXG4gICAgLy8gICAgICAgVGhpcyBpbiB0dXJuIGNhdXNlcyBhIGRlbGV0aW9uIGZhaWx1cmUgdGhhdCByZXF1aXJlcyBtYW51YWwgRU5JcycgZGVsZXRpb24gdG8gcmVjb3Zlci5cbiAgICBpZiAodGFyZ2V0LnJvbGUpIHtcbiAgICAgIGNvbnN0IHByb3ZpZGVyID0gbmV3IFByb3ZpZGVyKFxuICAgICAgICBtYXBwaW5nLFxuICAgICAgICBgTXFFc21EZWxldGVyOiR7TmFtZXMudW5pcXVlSWQobWFwcGluZyl9YCxcbiAgICAgICAge1xuICAgICAgICAgIG9uRXZlbnRIYW5kbGVyOiBuZXcgRXNtRGVsZXRlck9uRXZlbnRGdW5jdGlvbihtYXBwaW5nLCBcIm9uZXZlbnRcIiwge1xuICAgICAgICAgICAgaW5pdGlhbFBvbGljeTogW1xuICAgICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICAgICAgICBhY3Rpb25zOiBbXCJsYW1iZGE6RGVsZXRlRXZlbnRTb3VyY2VNYXBwaW5nXCJdLFxuICAgICAgICAgICAgICAgIGVmZmVjdDogRWZmZWN0LkFMTE9XLFxuICAgICAgICAgICAgICAgIHJlc291cmNlczogW1xuICAgICAgICAgICAgICAgICAgYGFybjoke0F3cy5QQVJUSVRJT059OmxhbWJkYToke0F3cy5SRUdJT059OiR7QXdzLkFDQ09VTlRfSUR9OmV2ZW50LXNvdXJjZS1tYXBwaW5nOiR7bWFwcGluZy5ldmVudFNvdXJjZU1hcHBpbmdJZH1gLFxuICAgICAgICAgICAgICAgIF0sXG4gICAgICAgICAgICAgIH0pLFxuICAgICAgICAgICAgXSxcbiAgICAgICAgICB9KSxcbiAgICAgICAgICBpc0NvbXBsZXRlSGFuZGxlcjogbmV3IEVzbURlbGV0ZXJJc0NvbXBsZXRlRnVuY3Rpb24oXG4gICAgICAgICAgICBtYXBwaW5nLFxuICAgICAgICAgICAgXCJpc2NvbXBsZXRlXCIsXG4gICAgICAgICAgICB7XG4gICAgICAgICAgICAgIGluaXRpYWxQb2xpY3k6IFtcbiAgICAgICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICAgICAgICAgIGFjdGlvbnM6IFtcImVjMjpEZXNjcmliZU5ldHdvcmtJbnRlcmZhY2VzXCJdLFxuICAgICAgICAgICAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgICAgICAgICAgICByZXNvdXJjZXM6IFtcIipcIl0sXG4gICAgICAgICAgICAgICAgfSksXG4gICAgICAgICAgICAgIF0sXG4gICAgICAgICAgICB9LFxuICAgICAgICAgICksXG4gICAgICAgICAgcXVlcnlJbnRlcnZhbDogRHVyYXRpb24ubWludXRlcygxKSxcbiAgICAgICAgfSxcbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IGNyID0gbmV3IEN1c3RvbVJlc291cmNlKFxuICAgICAgICBtYXBwaW5nLFxuICAgICAgICBgTXFFc21EZWxldGVyQ1I6JHtOYW1lcy5ub2RlVW5pcXVlSWQobWFwcGluZy5ub2RlKX1gLFxuICAgICAgICB7XG4gICAgICAgICAgc2VydmljZVRva2VuOiBwcm92aWRlci5zZXJ2aWNlVG9rZW4sXG4gICAgICAgICAgcHJvcGVydGllczoge1xuICAgICAgICAgICAgTXFUeXBlOiB0aGlzLm1xVHlwZSxcbiAgICAgICAgICAgIEVzbUlkOiBtYXBwaW5nLmV2ZW50U291cmNlTWFwcGluZ0lkLFxuICAgICAgICAgICAgQWNjb3VudElkOiBBd3MuQUNDT1VOVF9JRCxcbiAgICAgICAgICB9LFxuICAgICAgICB9LFxuICAgICAgKTtcblxuICAgICAgLy8gSU5GTzogdGhlIEFtYXpvbiBNUSBzZXJ2aWNlIHVzZXMgdGhpcyByb2xlIHRvIHByb3Zpc2lvbi9kZXByb3Zpc2lvbiB0aGUgRVNNLlxuICAgICAgLy8gICAgICAgd2UgbmVlZCBpdCB0byByZW1haW4gdW50aWwgdGhlIEVTTSBpcyBkZWxldGVkLlxuICAgICAgY3Iubm9kZS5hZGREZXBlbmRlbmN5KHRhcmdldC5yb2xlKTtcbiAgICB9XG4gIH1cblxuICBwcm90ZWN0ZWQgYWRkVG9Tb3VyY2VBY2Nlc3NDb25maWd1cmF0aW9ucyhjb25maWc6IFNvdXJjZUFjY2Vzc0NvbmZpZ3VyYXRpb24pIHtcbiAgICB0aGlzLnNvdXJjZUFjY2Vzc0NvbmZpZ3VyYXRpb25zLnB1c2goY29uZmlnKTtcbiAgfVxufVxuIl19