UNPKG

@gammarers/aws-secure-bucket

Version:

This is a Simple S3 Secure Bucket.

github.com/gammarers/aws-secure-bucket

gammarers/aws-secure-bucket

121 lines 17.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.SecureBucket = exports.SecureBucketType = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const iam = require("aws-cdk-lib/aws-iam"); const s3 = require("aws-cdk-lib/aws-s3"); /** * @TODO: Not yet supported * https://github.com/aws/jsii/issues/4468 * type omitKeys = 'publicReadAccess|enforceSSL|blockPublicAccess'; * export interface CodePipelineStateChangeDetectionEventRuleProps extends Omit<s3.BucketProps, 'publicReadAccess'> {} */ var SecureBucketType; (function (SecureBucketType) { /** * @deprecated This property is deprecated. Use the bucketType property instead. */ SecureBucketType["SINGLE_PIPELINE_ARTIFACT"] = "single-pipeline-artifact"; /** * If you are setting a custom Qualifier and using it as the artifact bucket for the CDK pipeline, is it selected as the single region deployment pipeline artifact bucket. */ SecureBucketType["SINGLE_REGION_DEPLOYMENT_PIPELINE_ARTIFACT_BUCKET"] = "single-region-deployment-pipeline-artifact-bucket"; /** * @deprecated This property is deprecated. Use the bucketType property instead. */ SecureBucketType["MULTI_PIPELINE_ARTIFACT"] = "multi-pipeline-artifact"; /** * If you are setting a custom Qualifier and using it as the artifact bucket for the CDK pipeline, is it selected as the multi region deployment pipeline artifact bucket. */ SecureBucketType["MULTI_REGION_DEPLOYMENT_PIPELINE_ARTIFACT_BUCKET"] = "multi-region-deployment-pipeline-artifact-bucket"; /** * If you are using it as the CloudFront origin bucket, is it selected as the cloudfront origin bucket. * @deprecated This property is deprecated. Use the bucketType property instead. */ SecureBucketType["CLOUD_FRONT_ORIGIN"] = "cloudfront-origin"; /** * If you are using it as the CloudFront origin bucket, is it selected as the cloudfront origin bucket. */ SecureBucketType["CLOUD_FRONT_ORIGIN_BUCKET"] = "cloudfront-origin-bucket"; /** * If you are not setting a custom Qualifier and using it as the default bucket, is it selected as the default bucket. * @deprecated This property is deprecated. Use the bucketType property instead. */ SecureBucketType["DEFAULT"] = "default"; /** * If you are not setting a custom Qualifier and using it as the default bucket, is it selected as the default bucket. */ SecureBucketType["DEFAULT_BUCKET"] = "default-bucket"; })(SecureBucketType || (exports.SecureBucketType = SecureBucketType = {})); class SecureBucket extends s3.Bucket { constructor(scope, id, props) { const bucketType = props?.bucketType || SecureBucketType.DEFAULT; super(scope, id, { ...props, removalPolicy: aws_cdk_lib_1.RemovalPolicy.RETAIN, // encryption: props?.encryption || s3.BucketEncryption.KMS_MANAGED, encryption: (() => { if (props?.isCloudFrontOriginBucket === true || (bucketType === SecureBucketType.CLOUD_FRONT_ORIGIN || bucketType === SecureBucketType.CLOUD_FRONT_ORIGIN_BUCKET)) { return s3.BucketEncryption.S3_MANAGED; } return props?.encryption || s3.BucketEncryption.KMS_MANAGED; })(), accessControl: (() => { if (!props?.accessControl) { return s3.BucketAccessControl.PRIVATE; } return props.accessControl; })(), eventBridgeEnabled: undefined, publicReadAccess: false, blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, enforceSSL: true, versioned: props?.versioned !== undefined ? props.versioned : true, objectOwnership: (() => { if (props?.objectOwnership) { return props.objectOwnership; } return s3.ObjectOwnership.BUCKET_OWNER_ENFORCED; })(), }); // Get CfnBucket const cfnBucket = this.node.defaultChild; if (props?.eventBridgeEnabled === true) { cfnBucket.addPropertyOverride('NotificationConfiguration.EventBridgeConfiguration.EventBridgeEnabled', true); } // 👇 Get account & region const account = aws_cdk_lib_1.Stack.of(this).account; const region = aws_cdk_lib_1.Stack.of(this).region; if (props?.isPipelineArtifactBucket || bucketType === SecureBucketType.SINGLE_PIPELINE_ARTIFACT || bucketType === SecureBucketType.MULTI_PIPELINE_ARTIFACT || bucketType === SecureBucketType.SINGLE_REGION_DEPLOYMENT_PIPELINE_ARTIFACT_BUCKET || bucketType === SecureBucketType.MULTI_REGION_DEPLOYMENT_PIPELINE_ARTIFACT_BUCKET) { // 👇 Get qualifier // const qualifier = Stack.of(this).synthesizer.bootstrapQualifier || defaultQualifier; const qualifier = aws_cdk_lib_1.Stack.of(this).synthesizer.bootstrapQualifier; // add resource policy when custom qualifier if (qualifier && (qualifier != aws_cdk_lib_1.DefaultStackSynthesizer.DEFAULT_QUALIFIER)) { this.addToResourcePolicy(new iam.PolicyStatement({ actions: [ 's3:*', ], resources: [ `${this.bucketArn}`, `${this.bucketArn}/*`, ], principals: [ new iam.ArnPrincipal(`arn:aws:iam::${account}:role/cdk-${qualifier}-deploy-role-${account}-${region}`), ], })); } } } } exports.SecureBucket = SecureBucket; _a = JSII_RTTI_SYMBOL_1; SecureBucket[_a] = { fqn: "@gammarers/aws-secure-bucket.SecureBucket", version: "2.5.7" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw2Q0FBNEU7QUFDNUUsMkNBQTJDO0FBQzNDLHlDQUF5QztBQUd6Qzs7Ozs7R0FLRztBQUVILElBQVksZ0JBbUNYO0FBbkNELFdBQVksZ0JBQWdCO0lBQzFCOztPQUVHO0lBQ0gseUVBQXFELENBQUE7SUFDckQ7O09BRUc7SUFDSCwySEFBdUcsQ0FBQTtJQUN2Rzs7T0FFRztJQUNILHVFQUFtRCxDQUFBO0lBQ25EOztPQUVHO0lBQ0gseUhBQXFHLENBQUE7SUFDckc7OztPQUdHO0lBQ0gsNERBQXdDLENBQUE7SUFDeEM7O09BRUc7SUFDSCwwRUFBc0QsQ0FBQTtJQUN0RDs7O09BR0c7SUFDSCx1Q0FBbUIsQ0FBQTtJQUNuQjs7T0FFRztJQUNILHFEQUFpQyxDQUFBO0FBQ25DLENBQUMsRUFuQ1csZ0JBQWdCLGdDQUFoQixnQkFBZ0IsUUFtQzNCO0FBeUJELE1BQWEsWUFBYSxTQUFRLEVBQUUsQ0FBQyxNQUFNO0lBQ3pDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBeUI7UUFDakUsTUFBTSxVQUFVLEdBQUcsS0FBSyxFQUFFLFVBQVUsSUFBSSxnQkFBZ0IsQ0FBQyxPQUFPLENBQUM7UUFDakUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDZixHQUFHLEtBQUs7WUFDUixhQUFhLEVBQUUsMkJBQWEsQ0FBQyxNQUFNO1lBQ25DLG9FQUFvRTtZQUNwRSxVQUFVLEVBQUUsQ0FBQyxHQUFHLEVBQUU7Z0JBQ2hCLElBQUksS0FBSyxFQUFFLHdCQUF3QixLQUFLLElBQUk7dUJBQ3ZDLENBQUMsVUFBVSxLQUFLLGdCQUFnQixDQUFDLGtCQUFrQixJQUFJLFVBQVUsS0FBSyxnQkFBZ0IsQ0FBQyx5QkFBeUIsQ0FBQyxFQUFFLENBQUM7b0JBQ3ZILE9BQU8sRUFBRSxDQUFDLGdCQUFnQixDQUFDLFVBQVUsQ0FBQztnQkFDeEMsQ0FBQztnQkFDRCxPQUFPLEtBQUssRUFBRSxVQUFVLElBQUksRUFBRSxDQUFDLGdCQUFnQixDQUFDLFdBQVcsQ0FBQztZQUM5RCxDQUFDLENBQUMsRUFBRTtZQUNKLGFBQWEsRUFBRSxDQUFDLEdBQUcsRUFBRTtnQkFDbkIsSUFBSSxDQUFDLEtBQUssRUFBRSxhQUFhLEVBQUUsQ0FBQztvQkFDMUIsT0FBTyxFQUFFLENBQUMsbUJBQW1CLENBQUMsT0FBTyxDQUFDO2dCQUN4QyxDQUFDO2dCQUNELE9BQU8sS0FBSyxDQUFDLGFBQWEsQ0FBQztZQUM3QixDQUFDLENBQUMsRUFBRTtZQUNKLGtCQUFrQixFQUFFLFNBQVM7WUFDN0IsZ0JBQWdCLEVBQUUsS0FBSztZQUN2QixpQkFBaUIsRUFBRSxFQUFFLENBQUMsaUJBQWlCLENBQUMsU0FBUztZQUNqRCxVQUFVLEVBQUUsSUFBSTtZQUNoQixTQUFTLEVBQUUsS0FBSyxFQUFFLFNBQVMsS0FBSyxTQUFTLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLElBQUk7WUFDbEUsZUFBZSxFQUFFLENBQUMsR0FBRyxFQUFFO2dCQUNyQixJQUFJLEtBQUssRUFBRSxlQUFlLEVBQUUsQ0FBQztvQkFDM0IsT0FBTyxLQUFLLENBQUMsZUFBZSxDQUFDO2dCQUMvQixDQUFDO2dCQUNELE9BQU8sRUFBRSxDQUFDLGVBQWUsQ0FBQyxxQkFBcUIsQ0FBQztZQUNsRCxDQUFDLENBQUMsRUFBRTtTQUNMLENBQUMsQ0FBQztRQUVILGdCQUFnQjtRQUNoQixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQTRCLENBQUM7UUFDekQsSUFBSSxLQUFLLEVBQUUsa0JBQWtCLEtBQUssSUFBSSxFQUFFLENBQUM7WUFDdkMsU0FBUyxDQUFDLG1CQUFtQixDQUFDLHVFQUF1RSxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQy9HLENBQUM7UUFFRCwwQkFBMEI7UUFDMUIsTUFBTSxPQUFPLEdBQUcsbUJBQUssQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsT0FBTyxDQUFDO1FBQ3ZDLE1BQU0sTUFBTSxHQUFHLG1CQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLE1BQU0sQ0FBQztRQUVyQyxJQUFJLEtBQUssRUFBRSx3QkFBd0I7ZUFDOUIsVUFBVSxLQUFLLGdCQUFnQixDQUFDLHdCQUF3QjtlQUN4RCxVQUFVLEtBQUssZ0JBQWdCLENBQUMsdUJBQXVCO2VBQ3ZELFVBQVUsS0FBSyxnQkFBZ0IsQ0FBQyxpREFBaUQ7ZUFDakYsVUFBVSxLQUFLLGdCQUFnQixDQUFDLGdEQUFnRCxFQUFFLENBQUM7WUFFdEYsbUJBQW1CO1lBQ25CLHVGQUF1RjtZQUN2RixNQUFNLFNBQVMsR0FBRyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxXQUFXLENBQUMsa0JBQWtCLENBQUM7WUFFaEUsNENBQTRDO1lBQzVDLElBQUksU0FBUyxJQUFJLENBQUMsU0FBUyxJQUFJLHFDQUF1QixDQUFDLGlCQUFpQixDQUFDLEVBQUUsQ0FBQztnQkFFMUUsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksR0FBRyxDQUFDLGVBQWUsQ0FBQztvQkFDL0MsT0FBTyxFQUFFO3dCQUNQLE1BQU07cUJBQ1A7b0JBQ0QsU0FBUyxFQUFFO3dCQUNULEdBQUcsSUFBSSxDQUFDLFNBQVMsRUFBRTt3QkFDbkIsR0FBRyxJQUFJLENBQUMsU0FBUyxJQUFJO3FCQUN0QjtvQkFDRCxVQUFVLEVBQUU7d0JBQ1YsSUFBSSxHQUFHLENBQUMsWUFBWSxDQUFDLGdCQUFnQixPQUFPLGFBQWEsU0FBUyxnQkFBZ0IsT0FBTyxJQUFJLE1BQU0sRUFBRSxDQUFDO3FCQUN2RztpQkFDRixDQUFDLENBQUMsQ0FBQztZQUNOLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQzs7QUF0RUgsb0NBdUVDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgRGVmYXVsdFN0YWNrU3ludGhlc2l6ZXIsIFJlbW92YWxQb2xpY3ksIFN0YWNrIH0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0ICogYXMgaWFtIGZyb20gJ2F3cy1jZGstbGliL2F3cy1pYW0nO1xuaW1wb3J0ICogYXMgczMgZnJvbSAnYXdzLWNkay1saWIvYXdzLXMzJztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuXG4vKipcbiAqIEBUT0RPOiBOb3QgeWV0IHN1cHBvcnRlZFxuICogaHR0cHM6Ly9naXRodWIuY29tL2F3cy9qc2lpL2lzc3Vlcy80NDY4XG4gKiB0eXBlIG9taXRLZXlzID0gJ3B1YmxpY1JlYWRBY2Nlc3N8ZW5mb3JjZVNTTHxibG9ja1B1YmxpY0FjY2Vzcyc7XG4gKiBleHBvcnQgaW50ZXJmYWNlIENvZGVQaXBlbGluZVN0YXRlQ2hhbmdlRGV0ZWN0aW9uRXZlbnRSdWxlUHJvcHMgZXh0ZW5kcyBPbWl0PHMzLkJ1Y2tldFByb3BzLCAncHVibGljUmVhZEFjY2Vzcyc+IHt9XG4gKi9cblxuZXhwb3J0IGVudW0gU2VjdXJlQnVja2V0VHlwZSB7XG4gIC8qKlxuICAgKiBAZGVwcmVjYXRlZCBUaGlzIHByb3BlcnR5IGlzIGRlcHJlY2F0ZWQuIFVzZSB0aGUgYnVja2V0VHlwZSBwcm9wZXJ0eSBpbnN0ZWFkLlxuICAgKi9cbiAgU0lOR0xFX1BJUEVMSU5FX0FSVElGQUNUID0gJ3NpbmdsZS1waXBlbGluZS1hcnRpZmFjdCcsXG4gIC8qKlxuICAgKiBJZiB5b3UgYXJlIHNldHRpbmcgYSBjdXN0b20gUXVhbGlmaWVyIGFuZCB1c2luZyBpdCBhcyB0aGUgYXJ0aWZhY3QgYnVja2V0IGZvciB0aGUgQ0RLIHBpcGVsaW5lLCBpcyBpdCBzZWxlY3RlZCBhcyB0aGUgc2luZ2xlIHJlZ2lvbiBkZXBsb3ltZW50IHBpcGVsaW5lIGFydGlmYWN0IGJ1Y2tldC5cbiAgICovXG4gIFNJTkdMRV9SRUdJT05fREVQTE9ZTUVOVF9QSVBFTElORV9BUlRJRkFDVF9CVUNLRVQgPSAnc2luZ2xlLXJlZ2lvbi1kZXBsb3ltZW50LXBpcGVsaW5lLWFydGlmYWN0LWJ1Y2tldCcsXG4gIC8qKlxuICAgKiBAZGVwcmVjYXRlZCBUaGlzIHByb3BlcnR5IGlzIGRlcHJlY2F0ZWQuIFVzZSB0aGUgYnVja2V0VHlwZSBwcm9wZXJ0eSBpbnN0ZWFkLlxuICAgKi9cbiAgTVVMVElfUElQRUxJTkVfQVJUSUZBQ1QgPSAnbXVsdGktcGlwZWxpbmUtYXJ0aWZhY3QnLFxuICAvKipcbiAgICogSWYgeW91IGFyZSBzZXR0aW5nIGEgY3VzdG9tIFF1YWxpZmllciBhbmQgdXNpbmcgaXQgYXMgdGhlIGFydGlmYWN0IGJ1Y2tldCBmb3IgdGhlIENESyBwaXBlbGluZSwgaXMgaXQgc2VsZWN0ZWQgYXMgdGhlIG11bHRpIHJlZ2lvbiBkZXBsb3ltZW50IHBpcGVsaW5lIGFydGlmYWN0IGJ1Y2tldC5cbiAgICovXG4gIE1VTFRJX1JFR0lPTl9ERVBMT1lNRU5UX1BJUEVMSU5FX0FSVElGQUNUX0JVQ0tFVCA9ICdtdWx0aS1yZWdpb24tZGVwbG95bWVudC1waXBlbGluZS1hcnRpZmFjdC1idWNrZXQnLFxuICAvKipcbiAgICogSWYgeW91IGFyZSB1c2luZyBpdCBhcyB0aGUgQ2xvdWRGcm9udCBvcmlnaW4gYnVja2V0LCBpcyBpdCBzZWxlY3RlZCBhcyB0aGUgY2xvdWRmcm9udCBvcmlnaW4gYnVja2V0LlxuICAgKiBAZGVwcmVjYXRlZCBUaGlzIHByb3BlcnR5IGlzIGRlcHJlY2F0ZWQuIFVzZSB0aGUgYnVja2V0VHlwZSBwcm9wZXJ0eSBpbnN0ZWFkLlxuICAgKi9cbiAgQ0xPVURfRlJPTlRfT1JJR0lOID0gJ2Nsb3VkZnJvbnQtb3JpZ2luJyxcbiAgLyoqXG4gICAqIElmIHlvdSBhcmUgdXNpbmcgaXQgYXMgdGhlIENsb3VkRnJvbnQgb3JpZ2luIGJ1Y2tldCwgaXMgaXQgc2VsZWN0ZWQgYXMgdGhlIGNsb3VkZnJvbnQgb3JpZ2luIGJ1Y2tldC5cbiAgICovXG4gIENMT1VEX0ZST05UX09SSUdJTl9CVUNLRVQgPSAnY2xvdWRmcm9udC1vcmlnaW4tYnVja2V0JyxcbiAgLyoqXG4gICAqIElmIHlvdSBhcmUgbm90IHNldHRpbmcgYSBjdXN0b20gUXVhbGlmaWVyIGFuZCB1c2luZyBpdCBhcyB0aGUgZGVmYXVsdCBidWNrZXQsIGlzIGl0IHNlbGVjdGVkIGFzIHRoZSBkZWZhdWx0IGJ1Y2tldC5cbiAgICogQGRlcHJlY2F0ZWQgVGhpcyBwcm9wZXJ0eSBpcyBkZXByZWNhdGVkLiBVc2UgdGhlIGJ1Y2tldFR5cGUgcHJvcGVydHkgaW5zdGVhZC5cbiAgICovXG4gIERFRkFVTFQgPSAnZGVmYXVsdCcsXG4gIC8qKlxuICAgKiBJZiB5b3UgYXJlIG5vdCBzZXR0aW5nIGEgY3VzdG9tIFF1YWxpZmllciBhbmQgdXNpbmcgaXQgYXMgdGhlIGRlZmF1bHQgYnVja2V0LCBpcyBpdCBzZWxlY3RlZCBhcyB0aGUgZGVmYXVsdCBidWNrZXQuXG4gICAqL1xuICBERUZBVUxUX0JVQ0tFVCA9ICdkZWZhdWx0LWJ1Y2tldCcsXG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgU2VjdXJlQnVja2V0UHJvcHMgZXh0ZW5kcyBzMy5CdWNrZXRQcm9wcyB7XG5cbiAgLyoqXG4gICAqIElmIHlvdSBhcmUgc2V0dGluZyBhIGN1c3RvbSBRdWFsaWZpZXIgYW5kIHVzaW5nIGl0IGFzIHRoZSBhcnRpZmFjdCBidWNrZXQgZm9yIHRoZSBDREsgcGlwZWxpbmUsIHNldCBpdCB0byB0cnVlLlxuICAgKiBAZGVwcmVjYXRlZCBUaGlzIHByb3BlcnR5IGlzIGRlcHJlY2F0ZWQuIFVzZSB0aGUgYnVja2V0VHlwZSBwcm9wZXJ0eSBpbnN0ZWFkLlxuICAgKiBAZGVmYXVsdCBmYWxzZVxuICAgKi9cbiAgcmVhZG9ubHkgaXNQaXBlbGluZUFydGlmYWN0QnVja2V0PzogYm9vbGVhbjtcblxuICAvKipcbiAgICogSWYgeW91ciBhcmUgdXNpbmcgaXQgYXMgdGhlIENsb3VkRnJvbnQgb3JpZ2luIGJ1Y2tldCwgc2V0IGl0IHRvIHRydWUuXG4gICAqIEBkZXByZWNhdGVkIFRoaXMgcHJvcGVydHkgaXMgZGVwcmVjYXRlZC4gVXNlIHRoZSBidWNrZXRUeXBlIHByb3BlcnR5IGluc3RlYWQuXG4gICAqIEBkZWZhdWx0IGZhbHNlXG4gICAqL1xuICByZWFkb25seSBpc0Nsb3VkRnJvbnRPcmlnaW5CdWNrZXQ/OiBib29sZWFuO1xuXG4gIC8qKlxuICAgKiBUaGUgdHlwZSBvZiB0aGUgYnVja2V0LlxuICAgKiBAZGVmYXVsdCBTZWN1cmVCdWNrZXRUeXBlLkRFRkFVTFRcbiAgICovXG4gIHJlYWRvbmx5IGJ1Y2tldFR5cGU/OiBTZWN1cmVCdWNrZXRUeXBlO1xufVxuXG5leHBvcnQgY2xhc3MgU2VjdXJlQnVja2V0IGV4dGVuZHMgczMuQnVja2V0IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBTZWN1cmVCdWNrZXRQcm9wcykge1xuICAgIGNvbnN0IGJ1Y2tldFR5cGUgPSBwcm9wcz8uYnVja2V0VHlwZSB8fCBTZWN1cmVCdWNrZXRUeXBlLkRFRkFVTFQ7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICAuLi5wcm9wcyxcbiAgICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuUkVUQUlOLFxuICAgICAgLy8gZW5jcnlwdGlvbjogcHJvcHM/LmVuY3J5cHRpb24gfHwgczMuQnVja2V0RW5jcnlwdGlvbi5LTVNfTUFOQUdFRCxcbiAgICAgIGVuY3J5cHRpb246ICgoKSA9PiB7XG4gICAgICAgIGlmIChwcm9wcz8uaXNDbG91ZEZyb250T3JpZ2luQnVja2V0ID09PSB0cnVlXG4gICAgICAgICAgfHwgKGJ1Y2tldFR5cGUgPT09IFNlY3VyZUJ1Y2tldFR5cGUuQ0xPVURfRlJPTlRfT1JJR0lOIHx8IGJ1Y2tldFR5cGUgPT09IFNlY3VyZUJ1Y2tldFR5cGUuQ0xPVURfRlJPTlRfT1JJR0lOX0JVQ0tFVCkpIHtcbiAgICAgICAgICByZXR1cm4gczMuQnVja2V0RW5jcnlwdGlvbi5TM19NQU5BR0VEO1xuICAgICAgICB9XG4gICAgICAgIHJldHVybiBwcm9wcz8uZW5jcnlwdGlvbiB8fCBzMy5CdWNrZXRFbmNyeXB0aW9uLktNU19NQU5BR0VEO1xuICAgICAgfSkoKSxcbiAgICAgIGFjY2Vzc0NvbnRyb2w6ICgoKSA9PiB7XG4gICAgICAgIGlmICghcHJvcHM/LmFjY2Vzc0NvbnRyb2wpIHtcbiAgICAgICAgICByZXR1cm4gczMuQnVja2V0QWNjZXNzQ29udHJvbC5QUklWQVRFO1xuICAgICAgICB9XG4gICAgICAgIHJldHVybiBwcm9wcy5hY2Nlc3NDb250cm9sO1xuICAgICAgfSkoKSxcbiAgICAgIGV2ZW50QnJpZGdlRW5hYmxlZDogdW5kZWZpbmVkLFxuICAgICAgcHVibGljUmVhZEFjY2VzczogZmFsc2UsXG4gICAgICBibG9ja1B1YmxpY0FjY2VzczogczMuQmxvY2tQdWJsaWNBY2Nlc3MuQkxPQ0tfQUxMLFxuICAgICAgZW5mb3JjZVNTTDogdHJ1ZSxcbiAgICAgIHZlcnNpb25lZDogcHJvcHM/LnZlcnNpb25lZCAhPT0gdW5kZWZpbmVkID8gcHJvcHMudmVyc2lvbmVkIDogdHJ1ZSxcbiAgICAgIG9iamVjdE93bmVyc2hpcDogKCgpID0+IHtcbiAgICAgICAgaWYgKHByb3BzPy5vYmplY3RPd25lcnNoaXApIHtcbiAgICAgICAgICByZXR1cm4gcHJvcHMub2JqZWN0T3duZXJzaGlwO1xuICAgICAgICB9XG4gICAgICAgIHJldHVybiBzMy5PYmplY3RPd25lcnNoaXAuQlVDS0VUX09XTkVSX0VORk9SQ0VEO1xuICAgICAgfSkoKSxcbiAgICB9KTtcblxuICAgIC8vIEdldCBDZm5CdWNrZXRcbiAgICBjb25zdCBjZm5CdWNrZXQgPSB0aGlzLm5vZGUuZGVmYXVsdENoaWxkIGFzIHMzLkNmbkJ1Y2tldDtcbiAgICBpZiAocHJvcHM/LmV2ZW50QnJpZGdlRW5hYmxlZCA9PT0gdHJ1ZSkge1xuICAgICAgY2ZuQnVja2V0LmFkZFByb3BlcnR5T3ZlcnJpZGUoJ05vdGlmaWNhdGlvbkNvbmZpZ3VyYXRpb24uRXZlbnRCcmlkZ2VDb25maWd1cmF0aW9uLkV2ZW50QnJpZGdlRW5hYmxlZCcsIHRydWUpO1xuICAgIH1cblxuICAgIC8vIPCfkYcgR2V0IGFjY291bnQgJiByZWdpb25cbiAgICBjb25zdCBhY2NvdW50ID0gU3RhY2sub2YodGhpcykuYWNjb3VudDtcbiAgICBjb25zdCByZWdpb24gPSBTdGFjay5vZih0aGlzKS5yZWdpb247XG5cbiAgICBpZiAocHJvcHM/LmlzUGlwZWxpbmVBcnRpZmFjdEJ1Y2tldFxuICAgICAgfHwgYnVja2V0VHlwZSA9PT0gU2VjdXJlQnVja2V0VHlwZS5TSU5HTEVfUElQRUxJTkVfQVJUSUZBQ1RcbiAgICAgIHx8IGJ1Y2tldFR5cGUgPT09IFNlY3VyZUJ1Y2tldFR5cGUuTVVMVElfUElQRUxJTkVfQVJUSUZBQ1RcbiAgICAgIHx8IGJ1Y2tldFR5cGUgPT09IFNlY3VyZUJ1Y2tldFR5cGUuU0lOR0xFX1JFR0lPTl9ERVBMT1lNRU5UX1BJUEVMSU5FX0FSVElGQUNUX0JVQ0tFVFxuICAgICAgfHwgYnVja2V0VHlwZSA9PT0gU2VjdXJlQnVja2V0VHlwZS5NVUxUSV9SRUdJT05fREVQTE9ZTUVOVF9QSVBFTElORV9BUlRJRkFDVF9CVUNLRVQpIHtcblxuICAgICAgLy8g8J+RhyBHZXQgcXVhbGlmaWVyXG4gICAgICAvLyBjb25zdCBxdWFsaWZpZXIgPSBTdGFjay5vZih0aGlzKS5zeW50aGVzaXplci5ib290c3RyYXBRdWFsaWZpZXIgfHwgZGVmYXVsdFF1YWxpZmllcjtcbiAgICAgIGNvbnN0IHF1YWxpZmllciA9IFN0YWNrLm9mKHRoaXMpLnN5bnRoZXNpemVyLmJvb3RzdHJhcFF1YWxpZmllcjtcblxuICAgICAgLy8gYWRkIHJlc291cmNlIHBvbGljeSB3aGVuIGN1c3RvbSBxdWFsaWZpZXJcbiAgICAgIGlmIChxdWFsaWZpZXIgJiYgKHF1YWxpZmllciAhPSBEZWZhdWx0U3RhY2tTeW50aGVzaXplci5ERUZBVUxUX1FVQUxJRklFUikpIHtcblxuICAgICAgICB0aGlzLmFkZFRvUmVzb3VyY2VQb2xpY3kobmV3IGlhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAgIGFjdGlvbnM6IFtcbiAgICAgICAgICAgICdzMzoqJyxcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogW1xuICAgICAgICAgICAgYCR7dGhpcy5idWNrZXRBcm59YCxcbiAgICAgICAgICAgIGAke3RoaXMuYnVja2V0QXJufS8qYCxcbiAgICAgICAgICBdLFxuICAgICAgICAgIHByaW5jaXBhbHM6IFtcbiAgICAgICAgICAgIG5ldyBpYW0uQXJuUHJpbmNpcGFsKGBhcm46YXdzOmlhbTo6JHthY2NvdW50fTpyb2xlL2Nkay0ke3F1YWxpZmllcn0tZGVwbG95LXJvbGUtJHthY2NvdW50fS0ke3JlZ2lvbn1gKSxcbiAgICAgICAgICBdLFxuICAgICAgICB9KSk7XG4gICAgICB9XG4gICAgfVxuICB9XG59Il19