UNPKG

aws-delivlib

Version:

A fabulous library for defining continuous pipelines for building, testing and releasing code libraries.

github.com/cdklabs/aws-delivlib

cdklabs/aws-delivlib

108 lines • 15.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.CertificateSigningRequest = void 0; const path = __importStar(require("path")); const aws_cdk_lib_1 = require("aws-cdk-lib"); const aws_ecr_assets_1 = require("aws-cdk-lib/aws-ecr-assets"); const constructs_1 = require("constructs"); const util_1 = require("../util"); /** * Creates a Certificate Signing Request (CSR), which will allow a Certificate Authority to provide a signed certificate * that uses the specified RSA Private Key. A CSR document can usually be shared publicly, however it must be noted that * the information provided in the ``dn`` fields, information about the public key and the intended ley usage will be * readable by anyone who can access the CSR. * * @see https://www.openssl.org/docs/manmaster/man1/req.html */ class CertificateSigningRequest extends constructs_1.Construct { constructor(parent, id, props) { super(parent, id); const codeLocation = path.resolve(__dirname, '..', 'custom-resource-handlers'); // change the resource id to force deleting existing function, and create new one, as Package type change is not allowed const customResource = new aws_cdk_lib_1.aws_lambda.SingletonFunction(this, 'ResourceHandlerV2', { // change the uuid to force deleting existing function, and create new one, as Package type change is not allowed uuid: 'F0641C15-2BC0-481E-94BA-7BF43F8BBDE3', lambdaPurpose: 'CreateCSR', description: 'Creates a Certificate Signing Request document for an x509 certificate', architecture: aws_cdk_lib_1.aws_lambda.Architecture.X86_64, runtime: aws_cdk_lib_1.aws_lambda.Runtime.FROM_IMAGE, handler: aws_cdk_lib_1.aws_lambda.Handler.FROM_IMAGE, code: new aws_cdk_lib_1.aws_lambda.AssetImageCode(codeLocation, { file: 'Dockerfile', platform: aws_ecr_assets_1.Platform.LINUX_AMD64, buildArgs: { FUN_SRC_DIR: 'certificate-signing-request', }, invalidation: { buildArgs: true, }, }), timeout: aws_cdk_lib_1.Duration.seconds(300), }); const outputBucket = new aws_cdk_lib_1.aws_s3.Bucket(this, 'Bucket', { // CSRs can be easily re-created if lost or corrupt, so we can let those get to a black hole, no worries. autoDeleteObjects: true, removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY, encryption: aws_cdk_lib_1.aws_s3.BucketEncryption.S3_MANAGED, enforceSSL: true, }); outputBucket.grantReadWrite(customResource); this.outputBucket = outputBucket; //change the custom resource id to force recreating new one because the change of the underneath lambda function const csr = new aws_cdk_lib_1.CustomResource(this, 'ResourceV2', { serviceToken: customResource.functionArn, resourceType: 'Custom::CertificateSigningRequest', pascalCaseProperties: true, properties: { resourceVersion: (0, util_1.hashFileOrDirectory)(codeLocation), // Private key privateKeySecretId: props.privateKey.secretArn, // Distinguished name dnCommonName: props.dn.commonName, dnCountry: props.dn.country, dnStateOrProvince: props.dn.stateOrProvince, dnLocality: props.dn.locality, dnOrganizationName: props.dn.organizationName, dnOrganizationalUnitName: props.dn.organizationalUnitName, dnEmailAddress: props.dn.emailAddress, // Key Usage extendedKeyUsage: props.extendedKeyUsage || '', keyUsage: props.keyUsage, // Ouput location outputBucket: outputBucket.bucketName, }, }); if (customResource.role) { // Make sure the permissions are all good before proceeding csr.node.addDependency(customResource.role); props.privateKey.grantGetSecretValue(customResource.role); } this.pemRequest = csr.getAtt('CSR').toString(); this.selfSignedPemCertificate = csr.getAtt('SelfSignedCertificate').toString(); } } exports.CertificateSigningRequest = CertificateSigningRequest; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGUtc2lnbmluZy1yZXF1ZXN0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY2VydGlmaWNhdGUtc2lnbmluZy1yZXF1ZXN0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsMkNBQTZCO0FBQzdCLDZDQU1xQjtBQUNyQiwrREFBc0Q7QUFDdEQsMkNBQXVDO0FBRXZDLGtDQUE4QztBQTBCOUM7Ozs7Ozs7R0FPRztBQUNILE1BQWEseUJBQTBCLFNBQVEsc0JBQVM7SUFnQnRELFlBQVksTUFBaUIsRUFBRSxFQUFVLEVBQUUsS0FBcUM7UUFDOUUsS0FBSyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVsQixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsRUFBRSxJQUFJLEVBQUUsMEJBQTBCLENBQUMsQ0FBQztRQUMvRSx3SEFBd0g7UUFDeEgsTUFBTSxjQUFjLEdBQUcsSUFBSSx3QkFBTSxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRTtZQUM3RSxpSEFBaUg7WUFDakgsSUFBSSxFQUFFLHNDQUFzQztZQUM1QyxhQUFhLEVBQUUsV0FBVztZQUMxQixXQUFXLEVBQUUsd0VBQXdFO1lBQ3JGLFlBQVksRUFBRSx3QkFBTSxDQUFDLFlBQVksQ0FBQyxNQUFNO1lBQ3hDLE9BQU8sRUFBRSx3QkFBTSxDQUFDLE9BQU8sQ0FBQyxVQUFVO1lBQ2xDLE9BQU8sRUFBRSx3QkFBTSxDQUFDLE9BQU8sQ0FBQyxVQUFVO1lBQ2xDLElBQUksRUFBRSxJQUFJLHdCQUFNLENBQUMsY0FBYyxDQUFDLFlBQVksRUFBRTtnQkFDNUMsSUFBSSxFQUFFLFlBQVk7Z0JBQ2xCLFFBQVEsRUFBRSx5QkFBUSxDQUFDLFdBQVc7Z0JBQzlCLFNBQVMsRUFBRTtvQkFDVCxXQUFXLEVBQUUsNkJBQTZCO2lCQUMzQztnQkFDRCxZQUFZLEVBQUU7b0JBQ1osU0FBUyxFQUFFLElBQUk7aUJBQ2hCO2FBQ0YsQ0FBQztZQUNGLE9BQU8sRUFBRSxzQkFBUSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUM7U0FDL0IsQ0FBQyxDQUFDO1FBRUgsTUFBTSxZQUFZLEdBQUcsSUFBSSxvQkFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFO1lBQ2pELHlHQUF5RztZQUN6RyxpQkFBaUIsRUFBRSxJQUFJO1lBQ3ZCLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87WUFDcEMsVUFBVSxFQUFFLG9CQUFFLENBQUMsZ0JBQWdCLENBQUMsVUFBVTtZQUMxQyxVQUFVLEVBQUUsSUFBSTtTQUNqQixDQUFDLENBQUM7UUFDSCxZQUFZLENBQUMsY0FBYyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQzVDLElBQUksQ0FBQyxZQUFZLEdBQUcsWUFBWSxDQUFDO1FBRWpDLGdIQUFnSDtRQUNoSCxNQUFNLEdBQUcsR0FBRyxJQUFJLDRCQUFjLENBQUMsSUFBSSxFQUFFLFlBQVksRUFBRTtZQUNqRCxZQUFZLEVBQUUsY0FBYyxDQUFDLFdBQVc7WUFDeEMsWUFBWSxFQUFFLG1DQUFtQztZQUNqRCxvQkFBb0IsRUFBRSxJQUFJO1lBQzFCLFVBQVUsRUFBRTtnQkFDVixlQUFlLEVBQUUsSUFBQSwwQkFBbUIsRUFBQyxZQUFZLENBQUM7Z0JBQ2xELGNBQWM7Z0JBQ2Qsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLFVBQVUsQ0FBQyxTQUFTO2dCQUM5QyxxQkFBcUI7Z0JBQ3JCLFlBQVksRUFBRSxLQUFLLENBQUMsRUFBRSxDQUFDLFVBQVU7Z0JBQ2pDLFNBQVMsRUFBRSxLQUFLLENBQUMsRUFBRSxDQUFDLE9BQU87Z0JBQzNCLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxFQUFFLENBQUMsZUFBZTtnQkFDM0MsVUFBVSxFQUFFLEtBQUssQ0FBQyxFQUFFLENBQUMsUUFBUTtnQkFDN0Isa0JBQWtCLEVBQUUsS0FBSyxDQUFDLEVBQUUsQ0FBQyxnQkFBZ0I7Z0JBQzdDLHdCQUF3QixFQUFFLEtBQUssQ0FBQyxFQUFFLENBQUMsc0JBQXNCO2dCQUN6RCxjQUFjLEVBQUUsS0FBSyxDQUFDLEVBQUUsQ0FBQyxZQUFZO2dCQUNyQyxZQUFZO2dCQUNaLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxnQkFBZ0IsSUFBSSxFQUFFO2dCQUM5QyxRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7Z0JBQ3hCLGlCQUFpQjtnQkFDakIsWUFBWSxFQUFFLFlBQVksQ0FBQyxVQUFVO2FBQ3RDO1NBQ0YsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxjQUFjLENBQUMsSUFBSSxFQUFFO1lBQ3ZCLDJEQUEyRDtZQUMzRCxHQUFHLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxtQkFBbUIsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7U0FDM0Q7UUFFRCxJQUFJLENBQUMsVUFBVSxHQUFHLEdBQUcsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDL0MsSUFBSSxDQUFDLHdCQUF3QixHQUFHLEdBQUcsQ0FBQyxNQUFNLENBQUMsdUJBQXVCLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztJQUNqRixDQUFDO0NBQ0Y7QUFyRkQsOERBcUZDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgcGF0aCBmcm9tICdwYXRoJztcbmltcG9ydCB7XG4gIER1cmF0aW9uLFxuICBDdXN0b21SZXNvdXJjZSxcbiAgYXdzX2xhbWJkYSBhcyBsYW1iZGEsXG4gIGF3c19zMyBhcyBzMyxcbiAgUmVtb3ZhbFBvbGljeSxcbn0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0IHsgUGxhdGZvcm0gfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtZWNyLWFzc2V0cyc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCB7IFJzYVByaXZhdGVLZXlTZWNyZXQgfSBmcm9tICcuL3ByaXZhdGUta2V5JztcbmltcG9ydCB7IGhhc2hGaWxlT3JEaXJlY3RvcnkgfSBmcm9tICcuLi91dGlsJztcblxuXG5leHBvcnQgaW50ZXJmYWNlIENlcnRpZmljYXRlU2lnbmluZ1JlcXVlc3RQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgUlNBIFByaXZhdGUgS2V5IHRvIHVzZSBmb3IgdGhpcyBDU1IuXG4gICAqL1xuICBwcml2YXRlS2V5OiBSc2FQcml2YXRlS2V5U2VjcmV0O1xuICAvKipcbiAgICogVGhlIERpc3Rpbmd1aXNoZWQgTmFtZSBmb3IgdGhpcyBDU1IuXG4gICAqL1xuICBkbjogRGlzdGluZ3Vpc2hlZE5hbWU7XG4gIC8qKlxuICAgKiBUaGUga2V5IHVzYWdlIHJlcXVlc3RzIGZvciB0aGlzIENTUi5cbiAgICpcbiAgICogQGV4YW1wbGUgY3JpdGljYWwsZGlnaXRhbFNpZ25hdHVyZVxuICAgKi9cbiAga2V5VXNhZ2U6IHN0cmluZztcbiAgLyoqXG4gICAqIFRoZSBleHRlbmRlZCBrZXkgdXNhZ2UgcmVxdWVzdHMgZm9yIHRoaXMgQ1NSLlxuICAgKlxuICAgKiBAZXhhbXBsZSBjcml0aWNhbCxjb2RlU2lnbmluZ1xuICAgKi9cbiAgZXh0ZW5kZWRLZXlVc2FnZT86IHN0cmluZztcbn1cblxuLyoqXG4gKiBDcmVhdGVzIGEgQ2VydGlmaWNhdGUgU2lnbmluZyBSZXF1ZXN0IChDU1IpLCB3aGljaCB3aWxsIGFsbG93IGEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IHRvIHByb3ZpZGUgYSBzaWduZWQgY2VydGlmaWNhdGVcbiAqIHRoYXQgdXNlcyB0aGUgc3BlY2lmaWVkIFJTQSBQcml2YXRlIEtleS4gQSBDU1IgZG9jdW1lbnQgY2FuIHVzdWFsbHkgYmUgc2hhcmVkIHB1YmxpY2x5LCBob3dldmVyIGl0IG11c3QgYmUgbm90ZWQgdGhhdFxuICogdGhlIGluZm9ybWF0aW9uIHByb3ZpZGVkIGluIHRoZSBgYGRuYGAgZmllbGRzLCBpbmZvcm1hdGlvbiBhYm91dCB0aGUgcHVibGljIGtleSBhbmQgdGhlIGludGVuZGVkIGxleSB1c2FnZSB3aWxsIGJlXG4gKiByZWFkYWJsZSBieSBhbnlvbmUgd2hvIGNhbiBhY2Nlc3MgdGhlIENTUi5cbiAqXG4gKiBAc2VlIGh0dHBzOi8vd3d3Lm9wZW5zc2wub3JnL2RvY3MvbWFubWFzdGVyL21hbjEvcmVxLmh0bWxcbiAqL1xuZXhwb3J0IGNsYXNzIENlcnRpZmljYXRlU2lnbmluZ1JlcXVlc3QgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICAvKipcbiAgICogVGhlIFMzIFVSTCB0byB0aGUgQ1NSIGRvY3VtZW50LlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHBlbVJlcXVlc3Q6IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIFMzIFVSTCB0byBhIHNlbGYtc2lnbmVkIGNlcnRpZmljYXRlIHRoYXQgY29ycmVzcG9uZHMgd2l0aCB0aGlzIENTUi5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBzZWxmU2lnbmVkUGVtQ2VydGlmaWNhdGU6IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIFMzIGJ1Y2tldCB3aGVyZSB0aGUgc2VsZi1zaWduZWQgY2VydGlmaWNhdGUgaXMgc3RvcmVkLlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IG91dHB1dEJ1Y2tldDogczMuSUJ1Y2tldDtcblxuICBjb25zdHJ1Y3RvcihwYXJlbnQ6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IENlcnRpZmljYXRlU2lnbmluZ1JlcXVlc3RQcm9wcykge1xuICAgIHN1cGVyKHBhcmVudCwgaWQpO1xuXG4gICAgY29uc3QgY29kZUxvY2F0aW9uID0gcGF0aC5yZXNvbHZlKF9fZGlybmFtZSwgJy4uJywgJ2N1c3RvbS1yZXNvdXJjZS1oYW5kbGVycycpO1xuICAgIC8vIGNoYW5nZSB0aGUgcmVzb3VyY2UgaWQgdG8gZm9yY2UgZGVsZXRpbmcgZXhpc3RpbmcgZnVuY3Rpb24sIGFuZCBjcmVhdGUgbmV3IG9uZSwgYXMgUGFja2FnZSB0eXBlIGNoYW5nZSBpcyBub3QgYWxsb3dlZFxuICAgIGNvbnN0IGN1c3RvbVJlc291cmNlID0gbmV3IGxhbWJkYS5TaW5nbGV0b25GdW5jdGlvbih0aGlzLCAnUmVzb3VyY2VIYW5kbGVyVjInLCB7XG4gICAgICAvLyBjaGFuZ2UgdGhlIHV1aWQgdG8gZm9yY2UgZGVsZXRpbmcgZXhpc3RpbmcgZnVuY3Rpb24sIGFuZCBjcmVhdGUgbmV3IG9uZSwgYXMgUGFja2FnZSB0eXBlIGNoYW5nZSBpcyBub3QgYWxsb3dlZFxuICAgICAgdXVpZDogJ0YwNjQxQzE1LTJCQzAtNDgxRS05NEJBLTdCRjQzRjhCQkRFMycsXG4gICAgICBsYW1iZGFQdXJwb3NlOiAnQ3JlYXRlQ1NSJyxcbiAgICAgIGRlc2NyaXB0aW9uOiAnQ3JlYXRlcyBhIENlcnRpZmljYXRlIFNpZ25pbmcgUmVxdWVzdCBkb2N1bWVudCBmb3IgYW4geDUwOSBjZXJ0aWZpY2F0ZScsXG4gICAgICBhcmNoaXRlY3R1cmU6IGxhbWJkYS5BcmNoaXRlY3R1cmUuWDg2XzY0LFxuICAgICAgcnVudGltZTogbGFtYmRhLlJ1bnRpbWUuRlJPTV9JTUFHRSxcbiAgICAgIGhhbmRsZXI6IGxhbWJkYS5IYW5kbGVyLkZST01fSU1BR0UsXG4gICAgICBjb2RlOiBuZXcgbGFtYmRhLkFzc2V0SW1hZ2VDb2RlKGNvZGVMb2NhdGlvbiwge1xuICAgICAgICBmaWxlOiAnRG9ja2VyZmlsZScsXG4gICAgICAgIHBsYXRmb3JtOiBQbGF0Zm9ybS5MSU5VWF9BTUQ2NCxcbiAgICAgICAgYnVpbGRBcmdzOiB7XG4gICAgICAgICAgRlVOX1NSQ19ESVI6ICdjZXJ0aWZpY2F0ZS1zaWduaW5nLXJlcXVlc3QnLFxuICAgICAgICB9LFxuICAgICAgICBpbnZhbGlkYXRpb246IHtcbiAgICAgICAgICBidWlsZEFyZ3M6IHRydWUsXG4gICAgICAgIH0sXG4gICAgICB9KSxcbiAgICAgIHRpbWVvdXQ6IER1cmF0aW9uLnNlY29uZHMoMzAwKSxcbiAgICB9KTtcblxuICAgIGNvbnN0IG91dHB1dEJ1Y2tldCA9IG5ldyBzMy5CdWNrZXQodGhpcywgJ0J1Y2tldCcsIHtcbiAgICAgIC8vIENTUnMgY2FuIGJlIGVhc2lseSByZS1jcmVhdGVkIGlmIGxvc3Qgb3IgY29ycnVwdCwgc28gd2UgY2FuIGxldCB0aG9zZSBnZXQgdG8gYSBibGFjayBob2xlLCBubyB3b3JyaWVzLlxuICAgICAgYXV0b0RlbGV0ZU9iamVjdHM6IHRydWUsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1ksXG4gICAgICBlbmNyeXB0aW9uOiBzMy5CdWNrZXRFbmNyeXB0aW9uLlMzX01BTkFHRUQsXG4gICAgICBlbmZvcmNlU1NMOiB0cnVlLFxuICAgIH0pO1xuICAgIG91dHB1dEJ1Y2tldC5ncmFudFJlYWRXcml0ZShjdXN0b21SZXNvdXJjZSk7XG4gICAgdGhpcy5vdXRwdXRCdWNrZXQgPSBvdXRwdXRCdWNrZXQ7XG5cbiAgICAvL2NoYW5nZSB0aGUgY3VzdG9tIHJlc291cmNlIGlkIHRvIGZvcmNlIHJlY3JlYXRpbmcgbmV3IG9uZSBiZWNhdXNlIHRoZSBjaGFuZ2Ugb2YgdGhlIHVuZGVybmVhdGggbGFtYmRhIGZ1bmN0aW9uXG4gICAgY29uc3QgY3NyID0gbmV3IEN1c3RvbVJlc291cmNlKHRoaXMsICdSZXNvdXJjZVYyJywge1xuICAgICAgc2VydmljZVRva2VuOiBjdXN0b21SZXNvdXJjZS5mdW5jdGlvbkFybixcbiAgICAgIHJlc291cmNlVHlwZTogJ0N1c3RvbTo6Q2VydGlmaWNhdGVTaWduaW5nUmVxdWVzdCcsXG4gICAgICBwYXNjYWxDYXNlUHJvcGVydGllczogdHJ1ZSxcbiAgICAgIHByb3BlcnRpZXM6IHtcbiAgICAgICAgcmVzb3VyY2VWZXJzaW9uOiBoYXNoRmlsZU9yRGlyZWN0b3J5KGNvZGVMb2NhdGlvbiksXG4gICAgICAgIC8vIFByaXZhdGUga2V5XG4gICAgICAgIHByaXZhdGVLZXlTZWNyZXRJZDogcHJvcHMucHJpdmF0ZUtleS5zZWNyZXRBcm4sXG4gICAgICAgIC8vIERpc3Rpbmd1aXNoZWQgbmFtZVxuICAgICAgICBkbkNvbW1vbk5hbWU6IHByb3BzLmRuLmNvbW1vbk5hbWUsXG4gICAgICAgIGRuQ291bnRyeTogcHJvcHMuZG4uY291bnRyeSxcbiAgICAgICAgZG5TdGF0ZU9yUHJvdmluY2U6IHByb3BzLmRuLnN0YXRlT3JQcm92aW5jZSxcbiAgICAgICAgZG5Mb2NhbGl0eTogcHJvcHMuZG4ubG9jYWxpdHksXG4gICAgICAgIGRuT3JnYW5pemF0aW9uTmFtZTogcHJvcHMuZG4ub3JnYW5pemF0aW9uTmFtZSxcbiAgICAgICAgZG5Pcmdhbml6YXRpb25hbFVuaXROYW1lOiBwcm9wcy5kbi5vcmdhbml6YXRpb25hbFVuaXROYW1lLFxuICAgICAgICBkbkVtYWlsQWRkcmVzczogcHJvcHMuZG4uZW1haWxBZGRyZXNzLFxuICAgICAgICAvLyBLZXkgVXNhZ2VcbiAgICAgICAgZXh0ZW5kZWRLZXlVc2FnZTogcHJvcHMuZXh0ZW5kZWRLZXlVc2FnZSB8fCAnJyxcbiAgICAgICAga2V5VXNhZ2U6IHByb3BzLmtleVVzYWdlLFxuICAgICAgICAvLyBPdXB1dCBsb2NhdGlvblxuICAgICAgICBvdXRwdXRCdWNrZXQ6IG91dHB1dEJ1Y2tldC5idWNrZXROYW1lLFxuICAgICAgfSxcbiAgICB9KTtcbiAgICBpZiAoY3VzdG9tUmVzb3VyY2Uucm9sZSkge1xuICAgICAgLy8gTWFrZSBzdXJlIHRoZSBwZXJtaXNzaW9ucyBhcmUgYWxsIGdvb2QgYmVmb3JlIHByb2NlZWRpbmdcbiAgICAgIGNzci5ub2RlLmFkZERlcGVuZGVuY3koY3VzdG9tUmVzb3VyY2Uucm9sZSk7XG4gICAgICBwcm9wcy5wcml2YXRlS2V5LmdyYW50R2V0U2VjcmV0VmFsdWUoY3VzdG9tUmVzb3VyY2Uucm9sZSk7XG4gICAgfVxuXG4gICAgdGhpcy5wZW1SZXF1ZXN0ID0gY3NyLmdldEF0dCgnQ1NSJykudG9TdHJpbmcoKTtcbiAgICB0aGlzLnNlbGZTaWduZWRQZW1DZXJ0aWZpY2F0ZSA9IGNzci5nZXRBdHQoJ1NlbGZTaWduZWRDZXJ0aWZpY2F0ZScpLnRvU3RyaW5nKCk7XG4gIH1cbn1cblxuLyoqXG4gKiBGaWVsZHMgdGhhdCBjb21wb3NlIHRoZSBkaXN0aW5ndWlzaGVkIG5hbWUgb2YgYSBjZXJ0aWZpY2F0ZVxuICovXG5leHBvcnQgaW50ZXJmYWNlIERpc3Rpbmd1aXNoZWROYW1lIHtcbiAgLyoqIFRoZSBDb21tb24gTmFtZSAoQ04pICovXG4gIGNvbW1vbk5hbWU6IHN0cmluZztcbiAgLyoqIFRoZSBlbWFpbCBhZGRyZXNzIChlbWFpbEFkZHJlc3MpICovXG4gIGVtYWlsQWRkcmVzczogc3RyaW5nO1xuXG4gIC8qKiBUaGUgQ291bnRyeSAoQykgKi9cbiAgY291bnRyeTogc3RyaW5nO1xuICAvKiogVGhlIFN0YXRlIG9yIFByb3ZpbmNlIChTVCkgKi9cbiAgc3RhdGVPclByb3ZpbmNlOiBzdHJpbmc7XG4gIC8qKiBUaGUgbG9jYWxpdHkgKEwpICovXG4gIGxvY2FsaXR5OiBzdHJpbmc7XG5cbiAgLyoqIFRoZSBvcmdhbml6YXRpb24gbmFtZSAoTykgKi9cbiAgb3JnYW5pemF0aW9uTmFtZTogc3RyaW5nO1xuICAvKiogVGhlIG9yZ2FuaXphdGlvbmFsIHVuaXQgbmFtZSAoT1UpICovXG4gIG9yZ2FuaXphdGlvbmFsVW5pdE5hbWU6IHN0cmluZztcbn1cbiJdfQ==