UNPKG

cdk-rds-sql

Version:

A CDK construct that allows creating roles or users and databases on Aurora Serverless PostgreSQL or MySQL/MariaDB clusters, as well as AWS DSQL clusters.

github.com/berenddeboer/cdk-rds-sql

berenddeboer/cdk-rds-sql

153 lines 27.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.Role = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const iam = require("aws-cdk-lib/aws-iam"); const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager"); const ssm = require("aws-cdk-lib/aws-ssm"); const constructs_1 = require("constructs"); const enum_1 = require("./enum"); const provider_1 = require("./provider"); const role_custom_resource_1 = require("./role.custom-resource"); // Private Parameters construct (not exported) class Parameters extends constructs_1.Construct { constructor(scope, id, props) { super(scope, id); // Create parameters for each key-value pair Object.entries(props.paramData).forEach(([key, value]) => { if (value !== undefined) { new ssm.StringParameter(this, `Parameter-${key}`, { parameterName: `${props.parameterPrefix}${key}`, stringValue: value.toString(), }); } }); // For password, use the existing provider to store it in SSM // Skip password parameter for IAM auth roles (no passwordArn) if (props.passwordArn) { const passwordParameterName = `${props.parameterPrefix}password`; const password_parameter = new aws_cdk_lib_1.CustomResource(this, "PasswordParameter", { serviceToken: props.providerServiceToken, properties: { SecretArn: props.secretArn, Resource: enum_1.RdsSqlResource.PARAMETER_PASSWORD, PasswordArn: props.passwordArn, ParameterName: passwordParameterName, }, }); password_parameter.node.addDependency(props.provider); const paramArn = `arn:aws:ssm:${aws_cdk_lib_1.Stack.of(this).region}:${aws_cdk_lib_1.Stack.of(this).account}:parameter${passwordParameterName.startsWith("/") ? "" : "/"}${passwordParameterName}`; props.provider.handler.addToRolePolicy(new iam.PolicyStatement({ actions: ["ssm:PutParameter", "ssm:AddTagsToResource", "ssm:GetParameters"], resources: [paramArn], })); } } } class Role extends constructs_1.Construct { constructor(scope, id, props) { if (props.provider.engine !== provider_1.DatabaseEngine.DSQL) { if (props.database && props.databaseName) { throw "Specify either database or databaseName"; } if (!props.database && !props.databaseName) { // If neither is specified, we might need a default or throw an error depending on desired behavior. // For now, let's assume it's allowed but the secret won't have a dbname. // If it should be required, uncomment the line below: throw "Specify either database or databaseName"; } } super(scope, id); // Skip secret creation for DSQL (always uses IAM auth) or when enableIamAuth is true const useIamAuth = props.enableIamAuth || props.provider.engine === provider_1.DatabaseEngine.DSQL; // For non-DSQL providers, we need cluster info for secrets and/or parameters if (props.provider.engine !== provider_1.DatabaseEngine.DSQL) { // For imported providers without cluster details, provide helpful error message if (!props.provider.cluster) { throw new Error("Role creation requires cluster information. When importing a provider with " + "Provider.fromProviderAttributes(), include the 'cluster' property if you plan " + "to create new roles. Alternatively, use existing roles created with the original provider."); } // For RDS/Aurora clusters and instances, get endpoint details const host = props.provider.cluster.clusterEndpoint ? props.provider.cluster.clusterEndpoint.hostname : props.provider.cluster.instanceEndpoint.hostname; const port = props.provider.cluster.clusterEndpoint ? props.provider.cluster.clusterEndpoint.port : props.provider.cluster.instanceEndpoint.port; const identifier = props.provider.cluster.clusterIdentifier ? props.provider.cluster.clusterIdentifier : props.provider.cluster.instanceIdentifier; const databaseName = props.database ? props.database.databaseName : props.databaseName; // Create secret only for password auth (not IAM auth) if (!useIamAuth) { const secretTemplate = { dbClusterIdentifier: identifier, engine: props.provider.engine, host: host, port: port, username: props.roleName, dbname: databaseName, }; this.secret = new aws_secretsmanager_1.Secret(this, "Secret", { secretName: props.secretName, encryptionKey: props.encryptionKey, description: `Generated secret for ${props.provider.engine} role ${props.roleName}`, generateSecretString: { passwordLength: 30, // Oracle password cannot have more than 30 characters secretStringTemplate: JSON.stringify(secretTemplate), generateStringKey: "password", excludeCharacters: " %+~`#$&*()|[]{}:;<>?!'/@\"\\", }, removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY, }); } // Create Parameters if parameterPrefix is provided (for both password and IAM auth) if (props.parameterPrefix) { const paramData = { dbClusterIdentifier: identifier, engine: props.provider.engine, host: host, port: port, username: props.roleName, }; if (databaseName) { paramData.dbname = databaseName; } new Parameters(this, "Parameters", { secretArn: props.provider.secret?.secretArn || "", parameterPrefix: props.parameterPrefix, passwordArn: this.secret?.secretArn, // undefined for IAM auth - skips password param providerServiceToken: props.provider.serviceToken, provider: props.provider, paramData, }); } } const role = new role_custom_resource_1.Role(this, "PostgresRole", { provider: props.provider, roleName: props.roleName, passwordArn: useIamAuth ? "" : this.secret.secretArn, database: props.database, databaseName: props.databaseName, enableIamAuth: useIamAuth, }); if (this.secret) { role.node.addDependency(this.secret); this.secret.grantRead(props.provider.handler); if (this.secret.encryptionKey) { // It seems we need to grant explicit permission this.secret.encryptionKey.grantDecrypt(props.provider.handler); } } this.roleName = props.roleName; } } exports.Role = Role; _a = JSII_RTTI_SYMBOL_1; Role[_a] = { fqn: "cdk-rds-sql.Role", version: "8.0.1" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm9sZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9yb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsNkNBQWtFO0FBQ2xFLDJDQUEwQztBQUcxQyx1RUFBZ0U7QUFDaEUsMkNBQTBDO0FBQzFDLDJDQUFzQztBQUV0QyxpQ0FBdUM7QUFDdkMseUNBQXNEO0FBQ3RELGlFQUFtRTtBQStFbkUsOENBQThDO0FBQzlDLE1BQU0sVUFBVyxTQUFRLHNCQUFTO0lBQ2hDLFlBQ0UsS0FBZ0IsRUFDaEIsRUFBVSxFQUNWLEtBT0M7UUFFRCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBRWhCLDRDQUE0QztRQUM1QyxNQUFNLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFO1lBQ3ZELElBQUksS0FBSyxLQUFLLFNBQVMsRUFBRSxDQUFDO2dCQUN4QixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLGFBQWEsR0FBRyxFQUFFLEVBQUU7b0JBQ2hELGFBQWEsRUFBRSxHQUFHLEtBQUssQ0FBQyxlQUFlLEdBQUcsR0FBRyxFQUFFO29CQUMvQyxXQUFXLEVBQUUsS0FBSyxDQUFDLFFBQVEsRUFBRTtpQkFDOUIsQ0FBQyxDQUFBO1lBQ0osQ0FBQztRQUNILENBQUMsQ0FBQyxDQUFBO1FBRUYsNkRBQTZEO1FBQzdELDhEQUE4RDtRQUM5RCxJQUFJLEtBQUssQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN0QixNQUFNLHFCQUFxQixHQUFHLEdBQUcsS0FBSyxDQUFDLGVBQWUsVUFBVSxDQUFBO1lBQ2hFLE1BQU0sa0JBQWtCLEdBQUcsSUFBSSw0QkFBYyxDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRTtnQkFDdkUsWUFBWSxFQUFFLEtBQUssQ0FBQyxvQkFBb0I7Z0JBQ3hDLFVBQVUsRUFBRTtvQkFDVixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7b0JBQzFCLFFBQVEsRUFBRSxxQkFBYyxDQUFDLGtCQUFrQjtvQkFDM0MsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO29CQUM5QixhQUFhLEVBQUUscUJBQXFCO2lCQUNyQzthQUNGLENBQUMsQ0FBQTtZQUNGLGtCQUFrQixDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxDQUFBO1lBRXJELE1BQU0sUUFBUSxHQUFHLGVBQWUsbUJBQUssQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxJQUNuRCxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxPQUNqQixhQUNFLHFCQUFxQixDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxHQUMvQyxHQUFHLHFCQUFxQixFQUFFLENBQUE7WUFFMUIsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUNwQyxJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7Z0JBQ3RCLE9BQU8sRUFBRSxDQUFDLGtCQUFrQixFQUFFLHVCQUF1QixFQUFFLG1CQUFtQixDQUFDO2dCQUMzRSxTQUFTLEVBQUUsQ0FBQyxRQUFRLENBQUM7YUFDdEIsQ0FBQyxDQUNILENBQUE7UUFDSCxDQUFDO0lBQ0gsQ0FBQztDQUNGO0FBRUQsTUFBYSxJQUFLLFNBQVEsc0JBQVM7SUFrQmpDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBZ0I7UUFDeEQsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLE1BQU0sS0FBSyx5QkFBYyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ2xELElBQUksS0FBSyxDQUFDLFFBQVEsSUFBSSxLQUFLLENBQUMsWUFBWSxFQUFFLENBQUM7Z0JBQ3pDLE1BQU0seUNBQXlDLENBQUE7WUFDakQsQ0FBQztZQUNELElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksRUFBRSxDQUFDO2dCQUMzQyxvR0FBb0c7Z0JBQ3BHLHlFQUF5RTtnQkFDekUsc0RBQXNEO2dCQUN0RCxNQUFNLHlDQUF5QyxDQUFBO1lBQ2pELENBQUM7UUFDSCxDQUFDO1FBQ0QsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQTtRQUVoQixxRkFBcUY7UUFDckYsTUFBTSxVQUFVLEdBQ2QsS0FBSyxDQUFDLGFBQWEsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLE1BQU0sS0FBSyx5QkFBYyxDQUFDLElBQUksQ0FBQTtRQUV0RSw2RUFBNkU7UUFDN0UsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLE1BQU0sS0FBSyx5QkFBYyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ2xELGdGQUFnRjtZQUNoRixJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUFPLEVBQUUsQ0FBQztnQkFDNUIsTUFBTSxJQUFJLEtBQUssQ0FDYiw2RUFBNkU7b0JBQzNFLGdGQUFnRjtvQkFDaEYsNEZBQTRGLENBQy9GLENBQUE7WUFDSCxDQUFDO1lBRUQsOERBQThEO1lBQzlELE1BQU0sSUFBSSxHQUFJLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNEIsQ0FBQyxlQUFlO2dCQUN2RSxDQUFDLENBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUE0QixDQUFDLGVBQWUsQ0FBQyxRQUFRO2dCQUN2RSxDQUFDLENBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUE2QixDQUFDLGdCQUFnQixDQUFDLFFBQVEsQ0FBQTtZQUUzRSxNQUFNLElBQUksR0FBSSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQTRCLENBQUMsZUFBZTtnQkFDdkUsQ0FBQyxDQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNEIsQ0FBQyxlQUFlLENBQUMsSUFBSTtnQkFDbkUsQ0FBQyxDQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNkIsQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUE7WUFFdkUsTUFBTSxVQUFVLEdBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUE0QixDQUFDLGlCQUFpQjtnQkFDL0UsQ0FBQyxDQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBNEIsQ0FBQyxpQkFBaUI7Z0JBQ2hFLENBQUMsQ0FBRSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQTZCLENBQUMsa0JBQWtCLENBQUE7WUFFcEUsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLFFBQVE7Z0JBQ2pDLENBQUMsQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLFlBQVk7Z0JBQzdCLENBQUMsQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFBO1lBRXRCLHNEQUFzRDtZQUN0RCxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7Z0JBQ2hCLE1BQU0sY0FBYyxHQUFHO29CQUNyQixtQkFBbUIsRUFBRSxVQUFVO29CQUMvQixNQUFNLEVBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxNQUFNO29CQUM3QixJQUFJLEVBQUUsSUFBSTtvQkFDVixJQUFJLEVBQUUsSUFBSTtvQkFDVixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7b0JBQ3hCLE1BQU0sRUFBRSxZQUFZO2lCQUNyQixDQUFBO2dCQUVELElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSwyQkFBTSxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUU7b0JBQ3ZDLFVBQVUsRUFBRSxLQUFLLENBQUMsVUFBVTtvQkFDNUIsYUFBYSxFQUFFLEtBQUssQ0FBQyxhQUFhO29CQUNsQyxXQUFXLEVBQUUsd0JBQXdCLEtBQUssQ0FBQyxRQUFRLENBQUMsTUFBTSxTQUFTLEtBQUssQ0FBQyxRQUFRLEVBQUU7b0JBQ25GLG9CQUFvQixFQUFFO3dCQUNwQixjQUFjLEVBQUUsRUFBRSxFQUFFLHNEQUFzRDt3QkFDMUUsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUM7d0JBQ3BELGlCQUFpQixFQUFFLFVBQVU7d0JBQzdCLGlCQUFpQixFQUFFLCtCQUErQjtxQkFDbkQ7b0JBQ0QsYUFBYSxFQUFFLDJCQUFhLENBQUMsT0FBTztpQkFDckMsQ0FBQyxDQUFBO1lBQ0osQ0FBQztZQUVELG9GQUFvRjtZQUNwRixJQUFJLEtBQUssQ0FBQyxlQUFlLEVBQUUsQ0FBQztnQkFDMUIsTUFBTSxTQUFTLEdBQW9DO29CQUNqRCxtQkFBbUIsRUFBRSxVQUFVO29CQUMvQixNQUFNLEVBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxNQUFNO29CQUM3QixJQUFJLEVBQUUsSUFBSTtvQkFDVixJQUFJLEVBQUUsSUFBSTtvQkFDVixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7aUJBQ3pCLENBQUE7Z0JBQ0QsSUFBSSxZQUFZLEVBQUUsQ0FBQztvQkFDakIsU0FBUyxDQUFDLE1BQU0sR0FBRyxZQUFZLENBQUE7Z0JBQ2pDLENBQUM7Z0JBRUQsSUFBSSxVQUFVLENBQUMsSUFBSSxFQUFFLFlBQVksRUFBRTtvQkFDakMsU0FBUyxFQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsTUFBTSxFQUFFLFNBQVMsSUFBSSxFQUFFO29CQUNqRCxlQUFlLEVBQUUsS0FBSyxDQUFDLGVBQWU7b0JBQ3RDLFdBQVcsRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLFNBQVMsRUFBRSxnREFBZ0Q7b0JBQ3JGLG9CQUFvQixFQUFFLEtBQUssQ0FBQyxRQUFRLENBQUMsWUFBWTtvQkFDakQsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO29CQUN4QixTQUFTO2lCQUNWLENBQUMsQ0FBQTtZQUNKLENBQUM7UUFDSCxDQUFDO1FBRUQsTUFBTSxJQUFJLEdBQUcsSUFBSSwyQkFBa0IsQ0FBQyxJQUFJLEVBQUUsY0FBYyxFQUFFO1lBQ3hELFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtZQUN4QixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7WUFDeEIsV0FBVyxFQUFFLFVBQVUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTyxDQUFDLFNBQVM7WUFDckQsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1lBQ3hCLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWTtZQUNoQyxhQUFhLEVBQUUsVUFBVTtTQUMxQixDQUFDLENBQUE7UUFFRixJQUFJLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNoQixJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUE7WUFDcEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQTtZQUM3QyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBQzlCLGdEQUFnRDtnQkFDaEQsSUFBSSxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDaEUsQ0FBQztRQUNILENBQUM7UUFFRCxJQUFJLENBQUMsUUFBUSxHQUFHLEtBQUssQ0FBQyxRQUFRLENBQUE7SUFDaEMsQ0FBQzs7QUFwSUgsb0JBcUlDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ3VzdG9tUmVzb3VyY2UsIFJlbW92YWxQb2xpY3ksIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCJcbmltcG9ydCAqIGFzIGlhbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiXG5pbXBvcnQgKiBhcyBrbXMgZnJvbSBcImF3cy1jZGstbGliL2F3cy1rbXNcIlxuaW1wb3J0IHsgSURhdGFiYXNlQ2x1c3RlciwgSURhdGFiYXNlSW5zdGFuY2UgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXJkc1wiXG5pbXBvcnQgeyBJU2VjcmV0LCBTZWNyZXQgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCJcbmltcG9ydCAqIGFzIHNzbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNzbVwiXG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiXG5pbXBvcnQgeyBJRGF0YWJhc2UgfSBmcm9tIFwiLi9kYXRhYmFzZVwiXG5pbXBvcnQgeyBSZHNTcWxSZXNvdXJjZSB9IGZyb20gXCIuL2VudW1cIlxuaW1wb3J0IHsgSVByb3ZpZGVyLCBEYXRhYmFzZUVuZ2luZSB9IGZyb20gXCIuL3Byb3ZpZGVyXCJcbmltcG9ydCB7IFJvbGUgYXMgQ3VzdG9tUmVzb3VyY2VSb2xlIH0gZnJvbSBcIi4vcm9sZS5jdXN0b20tcmVzb3VyY2VcIlxuXG5leHBvcnQgaW50ZXJmYWNlIFJvbGVQcm9wcyB7XG4gIC8qKlxuICAgKiBQcm92aWRlci5cbiAgICovXG4gIHJlYWRvbmx5IHByb3ZpZGVyOiBJUHJvdmlkZXJcblxuICAvKipcbiAgICogU1FMLlxuICAgKi9cbiAgcmVhZG9ubHkgcm9sZU5hbWU6IHN0cmluZ1xuXG4gIC8qKlxuICAgKiBPcHRpb25hbCBkYXRhYmFzZSB0aGlzIHVzZXIgaXMgZXhwZWN0ZWQgdG8gdXNlLlxuICAgKlxuICAgKiBJZiB0aGUgZGF0YWJhc2UgZXhpc3RzLCBjb25uZWN0IHByaXZpbGVnZXMgYXJlIGdyYW50ZWQuXG4gICAqXG4gICAqIFNwZWNpZnkgb25lIG9mIGBkYXRhYmFzZWAgb3IgYGRhdGFiYXNlTmFtZWAuIFRoaXMgaXMgdGhlIG5hbWVcbiAgICogdGhhdCB3aWxsIGJlIHN0b3JlZCBpbiB0aGUgcm9sZSdzIHNlY3JldCBhcyB0aGUgZGF0YWJhc2UgbmFtZSB0b1xuICAgKiB1c2UuXG4gICAqL1xuICByZWFkb25seSBkYXRhYmFzZT86IElEYXRhYmFzZVxuXG4gIC8qKlxuICAgKiBPcHRpb25hbCBkYXRhYmFzZSBuYW1lIHRoaXMgdXNlciBpcyBleHBlY3RlZCB0byB1c2UuXG4gICAqXG4gICAqIElmIHRoZSBkYXRhYmFzZSBleGlzdHMsIGNvbm5lY3QgcHJpdmlsZWdlcyBhcmUgZ3JhbnRlZC5cbiAgICpcbiAgICogU3BlY2lmeSBvbmUgb2YgYGRhdGFiYXNlYCBvciBgZGF0YWJhc2VOYW1lYC4gVGhpcyBpcyB0aGUgbmFtZVxuICAgKiB0aGF0IHdpbGwgYmUgc3RvcmVkIGluIHRoZSByb2xlJ3Mgc2VjcmV0IGFzIHRoZSBkYXRhYmFzZSBuYW1lIHRvXG4gICAqIHVzZS5cbiAgICovXG4gIHJlYWRvbmx5IGRhdGFiYXNlTmFtZT86IHN0cmluZ1xuXG4gIC8qKlxuICAgKiBBIG5ldyBzZWNyZXQgaXMgY3JlYXRlZCBmb3IgdGhpcyB1c2VyLlxuICAgKlxuICAgKiBPcHRpb25hbGx5IGVuY3J5cHQgaXQgd2l0aCB0aGUgZ2l2ZW4ga2V5LlxuICAgKi9cbiAgcmVhZG9ubHkgZW5jcnlwdGlvbktleT86IGttcy5JS2V5XG5cbiAgLyoqXG4gICAqIEEgbmV3IHNlY3JldCBpcyBjcmVhdGVkIGZvciB0aGlzIHVzZXIuXG4gICAqXG4gICAqIE9wdGlvbmFsbHkgYWRkIHNlY3JldCBuYW1lIHRvIHRoZSBzZWNyZXQuXG4gICAqL1xuICByZWFkb25seSBzZWNyZXROYW1lPzogc3RyaW5nXG5cbiAgLyoqXG4gICAqIFByZWZpeCBmb3IgU1NNIHBhcmFtZXRlcnMgdG8gc3RvcmUgY3JlZGVudGlhbHMgaW4gUGFyYW1ldGVyIFN0b3JlLlxuICAgKiBXaGVuIGRlZmluZWQsIGNyZWRlbnRpYWxzIHdpbGwgYWxzbyBiZSBzdG9yZWQgYXMgcGFyYW1ldGVycy5cbiAgICpcbiAgICogVGhlIHBhcmFtZXRlciBuYW1lcyBzdWNoIGFzIFwicGFzc3dvcmRcIiBpcyBzaW1wbHkgYXBwZW5kZWQgdG9cbiAgICogYHBhcmFtZXRlclByZWZpeGAsIHNvIG1ha2Ugc3VyZSB0aGUgcHJlZml4IGVuZHMgd2l0aCBhIHNsYXNoIGlmXG4gICAqICB5b3UgaGF2ZSB5b3VyIHBhcmFtZXRlciBuYW1lcyBzbGFzaCBzZXBhcmF0ZWQuXG4gICAqXG4gICAqIE5vdGUgdGhhdCB0aGUgcGFzc3dvcmQgZnJvbSB0aGUgc2VjcmV0IGlzIGNvcGllZCBqdXN0IG9uY2UsIHRoZXlcbiAgICogYXJlIG5vdCBrZXB0IGluIHN5bmMuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gY3JlZGVudGlhbHMgYXJlIG9ubHkgc3RvcmVkIGluIFNlY3JldHMgTWFuYWdlclxuICAgKi9cbiAgcmVhZG9ubHkgcGFyYW1ldGVyUHJlZml4Pzogc3RyaW5nXG5cbiAgLyoqXG4gICAqIEVuYWJsZSBJQU0gYXV0aGVudGljYXRpb24gZm9yIHRoaXMgcm9sZS5cbiAgICpcbiAgICogV2hlbiBlbmFibGVkLCB0aGUgcm9sZSB3aWxsIGJlIGNyZWF0ZWQgd2l0aG91dCBhIHBhc3N3b3JkIGFuZFxuICAgKiBjb25maWd1cmVkIGZvciBBV1MgSUFNIGRhdGFiYXNlIGF1dGhlbnRpY2F0aW9uLiBObyBzZWNyZXQgd2lsbFxuICAgKiBiZSBjcmVhdGVkIGZvciB0aGlzIHJvbGUuXG4gICAqXG4gICAqIE5vdGU6IEZvciBEU1FMIGNsdXN0ZXJzLCB0aGlzIHByb3BlcnR5IGlzIGlnbm9yZWQgYXMgRFNRTCBhbHdheXNcbiAgICogdXNlcyBJQU0gYXV0aGVudGljYXRpb24uXG4gICAqXG4gICAqIEBkZWZhdWx0IGZhbHNlIC0gdXNlIHBhc3N3b3JkIGF1dGhlbnRpY2F0aW9uXG4gICAqL1xuICByZWFkb25seSBlbmFibGVJYW1BdXRoPzogYm9vbGVhblxufVxuXG4vLyBQcml2YXRlIFBhcmFtZXRlcnMgY29uc3RydWN0IChub3QgZXhwb3J0ZWQpXG5jbGFzcyBQYXJhbWV0ZXJzIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IENvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiB7XG4gICAgICBwcm92aWRlcjogSVByb3ZpZGVyXG4gICAgICBzZWNyZXRBcm46IHN0cmluZ1xuICAgICAgcGFyYW1ldGVyUHJlZml4OiBzdHJpbmdcbiAgICAgIHBhc3N3b3JkQXJuPzogc3RyaW5nXG4gICAgICBwcm92aWRlclNlcnZpY2VUb2tlbjogc3RyaW5nXG4gICAgICBwYXJhbURhdGE6IFJlY29yZDxzdHJpbmcsIHN0cmluZyB8IG51bWJlcj5cbiAgICB9XG4gICkge1xuICAgIHN1cGVyKHNjb3BlLCBpZClcblxuICAgIC8vIENyZWF0ZSBwYXJhbWV0ZXJzIGZvciBlYWNoIGtleS12YWx1ZSBwYWlyXG4gICAgT2JqZWN0LmVudHJpZXMocHJvcHMucGFyYW1EYXRhKS5mb3JFYWNoKChba2V5LCB2YWx1ZV0pID0+IHtcbiAgICAgIGlmICh2YWx1ZSAhPT0gdW5kZWZpbmVkKSB7XG4gICAgICAgIG5ldyBzc20uU3RyaW5nUGFyYW1ldGVyKHRoaXMsIGBQYXJhbWV0ZXItJHtrZXl9YCwge1xuICAgICAgICAgIHBhcmFtZXRlck5hbWU6IGAke3Byb3BzLnBhcmFtZXRlclByZWZpeH0ke2tleX1gLFxuICAgICAgICAgIHN0cmluZ1ZhbHVlOiB2YWx1ZS50b1N0cmluZygpLFxuICAgICAgICB9KVxuICAgICAgfVxuICAgIH0pXG5cbiAgICAvLyBGb3IgcGFzc3dvcmQsIHVzZSB0aGUgZXhpc3RpbmcgcHJvdmlkZXIgdG8gc3RvcmUgaXQgaW4gU1NNXG4gICAgLy8gU2tpcCBwYXNzd29yZCBwYXJhbWV0ZXIgZm9yIElBTSBhdXRoIHJvbGVzIChubyBwYXNzd29yZEFybilcbiAgICBpZiAocHJvcHMucGFzc3dvcmRBcm4pIHtcbiAgICAgIGNvbnN0IHBhc3N3b3JkUGFyYW1ldGVyTmFtZSA9IGAke3Byb3BzLnBhcmFtZXRlclByZWZpeH1wYXNzd29yZGBcbiAgICAgIGNvbnN0IHBhc3N3b3JkX3BhcmFtZXRlciA9IG5ldyBDdXN0b21SZXNvdXJjZSh0aGlzLCBcIlBhc3N3b3JkUGFyYW1ldGVyXCIsIHtcbiAgICAgICAgc2VydmljZVRva2VuOiBwcm9wcy5wcm92aWRlclNlcnZpY2VUb2tlbixcbiAgICAgICAgcHJvcGVydGllczoge1xuICAgICAgICAgIFNlY3JldEFybjogcHJvcHMuc2VjcmV0QXJuLFxuICAgICAgICAgIFJlc291cmNlOiBSZHNTcWxSZXNvdXJjZS5QQVJBTUVURVJfUEFTU1dPUkQsXG4gICAgICAgICAgUGFzc3dvcmRBcm46IHByb3BzLnBhc3N3b3JkQXJuLFxuICAgICAgICAgIFBhcmFtZXRlck5hbWU6IHBhc3N3b3JkUGFyYW1ldGVyTmFtZSxcbiAgICAgICAgfSxcbiAgICAgIH0pXG4gICAgICBwYXNzd29yZF9wYXJhbWV0ZXIubm9kZS5hZGREZXBlbmRlbmN5KHByb3BzLnByb3ZpZGVyKVxuXG4gICAgICBjb25zdCBwYXJhbUFybiA9IGBhcm46YXdzOnNzbToke1N0YWNrLm9mKHRoaXMpLnJlZ2lvbn06JHtcbiAgICAgICAgU3RhY2sub2YodGhpcykuYWNjb3VudFxuICAgICAgfTpwYXJhbWV0ZXIke1xuICAgICAgICBwYXNzd29yZFBhcmFtZXRlck5hbWUuc3RhcnRzV2l0aChcIi9cIikgPyBcIlwiIDogXCIvXCJcbiAgICAgIH0ke3Bhc3N3b3JkUGFyYW1ldGVyTmFtZX1gXG5cbiAgICAgIHByb3BzLnByb3ZpZGVyLmhhbmRsZXIuYWRkVG9Sb2xlUG9saWN5KFxuICAgICAgICBuZXcgaWFtLlBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgYWN0aW9uczogW1wic3NtOlB1dFBhcmFtZXRlclwiLCBcInNzbTpBZGRUYWdzVG9SZXNvdXJjZVwiLCBcInNzbTpHZXRQYXJhbWV0ZXJzXCJdLFxuICAgICAgICAgIHJlc291cmNlczogW3BhcmFtQXJuXSxcbiAgICAgICAgfSlcbiAgICAgIClcbiAgICB9XG4gIH1cbn1cblxuZXhwb3J0IGNsYXNzIFJvbGUgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICAvKipcbiAgICogVGhlIHJvbGUgbmFtZS5cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSByb2xlTmFtZTogc3RyaW5nXG5cbiAgLyoqXG4gICAqIFRoZSBnZW5lcmF0ZWQgc2VjcmV0IGNvbnRhaW5pbmcgY29ubmVjdGlvbiBpbmZvcm1hdGlvbiBhbmQgcGFzc3dvcmQuXG4gICAqXG4gICAqIFRoaXMgaXMgb25seSBhdmFpbGFibGUgd2hlbjpcbiAgICogLSBUaGUgcHJvdmlkZXIgaXMgbm90IGEgRFNRTCBjbHVzdGVyIChEU1FMIHVzZXMgSUFNIGF1dGhlbnRpY2F0aW9uKVxuICAgKiAtIGBlbmFibGVJYW1BdXRoYCBpcyBub3Qgc2V0IHRvIGB0cnVlYFxuICAgKlxuICAgKiBXaGVuIHVzaW5nIElBTSBhdXRoZW50aWNhdGlvbiwgbm8gc2VjcmV0IGlzIGNyZWF0ZWQgYXMgdGhlIHBhc3N3b3JkXG4gICAqIGlzIGdlbmVyYXRlZCBkeW5hbWljYWxseSB1c2luZyBJQU0gY3JlZGVudGlhbHMuXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgc2VjcmV0PzogSVNlY3JldFxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBSb2xlUHJvcHMpIHtcbiAgICBpZiAocHJvcHMucHJvdmlkZXIuZW5naW5lICE9PSBEYXRhYmFzZUVuZ2luZS5EU1FMKSB7XG4gICAgICBpZiAocHJvcHMuZGF0YWJhc2UgJiYgcHJvcHMuZGF0YWJhc2VOYW1lKSB7XG4gICAgICAgIHRocm93IFwiU3BlY2lmeSBlaXRoZXIgZGF0YWJhc2Ugb3IgZGF0YWJhc2VOYW1lXCJcbiAgICAgIH1cbiAgICAgIGlmICghcHJvcHMuZGF0YWJhc2UgJiYgIXByb3BzLmRhdGFiYXNlTmFtZSkge1xuICAgICAgICAvLyBJZiBuZWl0aGVyIGlzIHNwZWNpZmllZCwgd2UgbWlnaHQgbmVlZCBhIGRlZmF1bHQgb3IgdGhyb3cgYW4gZXJyb3IgZGVwZW5kaW5nIG9uIGRlc2lyZWQgYmVoYXZpb3IuXG4gICAgICAgIC8vIEZvciBub3csIGxldCdzIGFzc3VtZSBpdCdzIGFsbG93ZWQgYnV0IHRoZSBzZWNyZXQgd29uJ3QgaGF2ZSBhIGRibmFtZS5cbiAgICAgICAgLy8gSWYgaXQgc2hvdWxkIGJlIHJlcXVpcmVkLCB1bmNvbW1lbnQgdGhlIGxpbmUgYmVsb3c6XG4gICAgICAgIHRocm93IFwiU3BlY2lmeSBlaXRoZXIgZGF0YWJhc2Ugb3IgZGF0YWJhc2VOYW1lXCJcbiAgICAgIH1cbiAgICB9XG4gICAgc3VwZXIoc2NvcGUsIGlkKVxuXG4gICAgLy8gU2tpcCBzZWNyZXQgY3JlYXRpb24gZm9yIERTUUwgKGFsd2F5cyB1c2VzIElBTSBhdXRoKSBvciB3aGVuIGVuYWJsZUlhbUF1dGggaXMgdHJ1ZVxuICAgIGNvbnN0IHVzZUlhbUF1dGggPVxuICAgICAgcHJvcHMuZW5hYmxlSWFtQXV0aCB8fCBwcm9wcy5wcm92aWRlci5lbmdpbmUgPT09IERhdGFiYXNlRW5naW5lLkRTUUxcblxuICAgIC8vIEZvciBub24tRFNRTCBwcm92aWRlcnMsIHdlIG5lZWQgY2x1c3RlciBpbmZvIGZvciBzZWNyZXRzIGFuZC9vciBwYXJhbWV0ZXJzXG4gICAgaWYgKHByb3BzLnByb3ZpZGVyLmVuZ2luZSAhPT0gRGF0YWJhc2VFbmdpbmUuRFNRTCkge1xuICAgICAgLy8gRm9yIGltcG9ydGVkIHByb3ZpZGVycyB3aXRob3V0IGNsdXN0ZXIgZGV0YWlscywgcHJvdmlkZSBoZWxwZnVsIGVycm9yIG1lc3NhZ2VcbiAgICAgIGlmICghcHJvcHMucHJvdmlkZXIuY2x1c3Rlcikge1xuICAgICAgICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgICAgICAgXCJSb2xlIGNyZWF0aW9uIHJlcXVpcmVzIGNsdXN0ZXIgaW5mb3JtYXRpb24uIFdoZW4gaW1wb3J0aW5nIGEgcHJvdmlkZXIgd2l0aCBcIiArXG4gICAgICAgICAgICBcIlByb3ZpZGVyLmZyb21Qcm92aWRlckF0dHJpYnV0ZXMoKSwgaW5jbHVkZSB0aGUgJ2NsdXN0ZXInIHByb3BlcnR5IGlmIHlvdSBwbGFuIFwiICtcbiAgICAgICAgICAgIFwidG8gY3JlYXRlIG5ldyByb2xlcy4gQWx0ZXJuYXRpdmVseSwgdXNlIGV4aXN0aW5nIHJvbGVzIGNyZWF0ZWQgd2l0aCB0aGUgb3JpZ2luYWwgcHJvdmlkZXIuXCJcbiAgICAgICAgKVxuICAgICAgfVxuXG4gICAgICAvLyBGb3IgUkRTL0F1cm9yYSBjbHVzdGVycyBhbmQgaW5zdGFuY2VzLCBnZXQgZW5kcG9pbnQgZGV0YWlsc1xuICAgICAgY29uc3QgaG9zdCA9IChwcm9wcy5wcm92aWRlci5jbHVzdGVyIGFzIElEYXRhYmFzZUNsdXN0ZXIpLmNsdXN0ZXJFbmRwb2ludFxuICAgICAgICA/IChwcm9wcy5wcm92aWRlci5jbHVzdGVyIGFzIElEYXRhYmFzZUNsdXN0ZXIpLmNsdXN0ZXJFbmRwb2ludC5ob3N0bmFtZVxuICAgICAgICA6IChwcm9wcy5wcm92aWRlci5jbHVzdGVyIGFzIElEYXRhYmFzZUluc3RhbmNlKS5pbnN0YW5jZUVuZHBvaW50Lmhvc3RuYW1lXG5cbiAgICAgIGNvbnN0IHBvcnQgPSAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VDbHVzdGVyKS5jbHVzdGVyRW5kcG9pbnRcbiAgICAgICAgPyAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VDbHVzdGVyKS5jbHVzdGVyRW5kcG9pbnQucG9ydFxuICAgICAgICA6IChwcm9wcy5wcm92aWRlci5jbHVzdGVyIGFzIElEYXRhYmFzZUluc3RhbmNlKS5pbnN0YW5jZUVuZHBvaW50LnBvcnRcblxuICAgICAgY29uc3QgaWRlbnRpZmllciA9IChwcm9wcy5wcm92aWRlci5jbHVzdGVyIGFzIElEYXRhYmFzZUNsdXN0ZXIpLmNsdXN0ZXJJZGVudGlmaWVyXG4gICAgICAgID8gKHByb3BzLnByb3ZpZGVyLmNsdXN0ZXIgYXMgSURhdGFiYXNlQ2x1c3RlcikuY2x1c3RlcklkZW50aWZpZXJcbiAgICAgICAgOiAocHJvcHMucHJvdmlkZXIuY2x1c3RlciBhcyBJRGF0YWJhc2VJbnN0YW5jZSkuaW5zdGFuY2VJZGVudGlmaWVyXG5cbiAgICAgIGNvbnN0IGRhdGFiYXNlTmFtZSA9IHByb3BzLmRhdGFiYXNlXG4gICAgICAgID8gcHJvcHMuZGF0YWJhc2UuZGF0YWJhc2VOYW1lXG4gICAgICAgIDogcHJvcHMuZGF0YWJhc2VOYW1lXG5cbiAgICAgIC8vIENyZWF0ZSBzZWNyZXQgb25seSBmb3IgcGFzc3dvcmQgYXV0aCAobm90IElBTSBhdXRoKVxuICAgICAgaWYgKCF1c2VJYW1BdXRoKSB7XG4gICAgICAgIGNvbnN0IHNlY3JldFRlbXBsYXRlID0ge1xuICAgICAgICAgIGRiQ2x1c3RlcklkZW50aWZpZXI6IGlkZW50aWZpZXIsXG4gICAgICAgICAgZW5naW5lOiBwcm9wcy5wcm92aWRlci5lbmdpbmUsXG4gICAgICAgICAgaG9zdDogaG9zdCxcbiAgICAgICAgICBwb3J0OiBwb3J0LFxuICAgICAgICAgIHVzZXJuYW1lOiBwcm9wcy5yb2xlTmFtZSxcbiAgICAgICAgICBkYm5hbWU6IGRhdGFiYXNlTmFtZSxcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMuc2VjcmV0ID0gbmV3IFNlY3JldCh0aGlzLCBcIlNlY3JldFwiLCB7XG4gICAgICAgICAgc2VjcmV0TmFtZTogcHJvcHMuc2VjcmV0TmFtZSxcbiAgICAgICAgICBlbmNyeXB0aW9uS2V5OiBwcm9wcy5lbmNyeXB0aW9uS2V5LFxuICAgICAgICAgIGRlc2NyaXB0aW9uOiBgR2VuZXJhdGVkIHNlY3JldCBmb3IgJHtwcm9wcy5wcm92aWRlci5lbmdpbmV9IHJvbGUgJHtwcm9wcy5yb2xlTmFtZX1gLFxuICAgICAgICAgIGdlbmVyYXRlU2VjcmV0U3RyaW5nOiB7XG4gICAgICAgICAgICBwYXNzd29yZExlbmd0aDogMzAsIC8vIE9yYWNsZSBwYXNzd29yZCBjYW5ub3QgaGF2ZSBtb3JlIHRoYW4gMzAgY2hhcmFjdGVyc1xuICAgICAgICAgICAgc2VjcmV0U3RyaW5nVGVtcGxhdGU6IEpTT04uc3RyaW5naWZ5KHNlY3JldFRlbXBsYXRlKSxcbiAgICAgICAgICAgIGdlbmVyYXRlU3RyaW5nS2V5OiBcInBhc3N3b3JkXCIsXG4gICAgICAgICAgICBleGNsdWRlQ2hhcmFjdGVyczogXCIgJSt+YCMkJiooKXxbXXt9Ojs8Pj8hJy9AXFxcIlxcXFxcIixcbiAgICAgICAgICB9LFxuICAgICAgICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICAgICAgfSlcbiAgICAgIH1cblxuICAgICAgLy8gQ3JlYXRlIFBhcmFtZXRlcnMgaWYgcGFyYW1ldGVyUHJlZml4IGlzIHByb3ZpZGVkIChmb3IgYm90aCBwYXNzd29yZCBhbmQgSUFNIGF1dGgpXG4gICAgICBpZiAocHJvcHMucGFyYW1ldGVyUHJlZml4KSB7XG4gICAgICAgIGNvbnN0IHBhcmFtRGF0YTogUmVjb3JkPHN0cmluZywgc3RyaW5nIHwgbnVtYmVyPiA9IHtcbiAgICAgICAgICBkYkNsdXN0ZXJJZGVudGlmaWVyOiBpZGVudGlmaWVyLFxuICAgICAgICAgIGVuZ2luZTogcHJvcHMucHJvdmlkZXIuZW5naW5lLFxuICAgICAgICAgIGhvc3Q6IGhvc3QsXG4gICAgICAgICAgcG9ydDogcG9ydCxcbiAgICAgICAgICB1c2VybmFtZTogcHJvcHMucm9sZU5hbWUsXG4gICAgICAgIH1cbiAgICAgICAgaWYgKGRhdGFiYXNlTmFtZSkge1xuICAgICAgICAgIHBhcmFtRGF0YS5kYm5hbWUgPSBkYXRhYmFzZU5hbWVcbiAgICAgICAgfVxuXG4gICAgICAgIG5ldyBQYXJhbWV0ZXJzKHRoaXMsIFwiUGFyYW1ldGVyc1wiLCB7XG4gICAgICAgICAgc2VjcmV0QXJuOiBwcm9wcy5wcm92aWRlci5zZWNyZXQ/LnNlY3JldEFybiB8fCBcIlwiLFxuICAgICAgICAgIHBhcmFtZXRlclByZWZpeDogcHJvcHMucGFyYW1ldGVyUHJlZml4LFxuICAgICAgICAgIHBhc3N3b3JkQXJuOiB0aGlzLnNlY3JldD8uc2VjcmV0QXJuLCAvLyB1bmRlZmluZWQgZm9yIElBTSBhdXRoIC0gc2tpcHMgcGFzc3dvcmQgcGFyYW1cbiAgICAgICAgICBwcm92aWRlclNlcnZpY2VUb2tlbjogcHJvcHMucHJvdmlkZXIuc2VydmljZVRva2VuLFxuICAgICAgICAgIHByb3ZpZGVyOiBwcm9wcy5wcm92aWRlcixcbiAgICAgICAgICBwYXJhbURhdGEsXG4gICAgICAgIH0pXG4gICAgICB9XG4gICAgfVxuXG4gICAgY29uc3Qgcm9sZSA9IG5ldyBDdXN0b21SZXNvdXJjZVJvbGUodGhpcywgXCJQb3N0Z3Jlc1JvbGVcIiwge1xuICAgICAgcHJvdmlkZXI6IHByb3BzLnByb3ZpZGVyLFxuICAgICAgcm9sZU5hbWU6IHByb3BzLnJvbGVOYW1lLFxuICAgICAgcGFzc3dvcmRBcm46IHVzZUlhbUF1dGggPyBcIlwiIDogdGhpcy5zZWNyZXQhLnNlY3JldEFybixcbiAgICAgIGRhdGFiYXNlOiBwcm9wcy5kYXRhYmFzZSxcbiAgICAgIGRhdGFiYXNlTmFtZTogcHJvcHMuZGF0YWJhc2VOYW1lLFxuICAgICAgZW5hYmxlSWFtQXV0aDogdXNlSWFtQXV0aCxcbiAgICB9KVxuXG4gICAgaWYgKHRoaXMuc2VjcmV0KSB7XG4gICAgICByb2xlLm5vZGUuYWRkRGVwZW5kZW5jeSh0aGlzLnNlY3JldClcbiAgICAgIHRoaXMuc2VjcmV0LmdyYW50UmVhZChwcm9wcy5wcm92aWRlci5oYW5kbGVyKVxuICAgICAgaWYgKHRoaXMuc2VjcmV0LmVuY3J5cHRpb25LZXkpIHtcbiAgICAgICAgLy8gSXQgc2VlbXMgd2UgbmVlZCB0byBncmFudCBleHBsaWNpdCBwZXJtaXNzaW9uXG4gICAgICAgIHRoaXMuc2VjcmV0LmVuY3J5cHRpb25LZXkuZ3JhbnREZWNyeXB0KHByb3BzLnByb3ZpZGVyLmhhbmRsZXIpXG4gICAgICB9XG4gICAgfVxuXG4gICAgdGhpcy5yb2xlTmFtZSA9IHByb3BzLnJvbGVOYW1lXG4gIH1cbn1cbiJdfQ==