UNPKG

cdk-sops-secrets

Version:

CDK Constructs that syncs your sops secrets into AWS SecretsManager secrets.

constructs.dev/packages/cdk-sops-secrets

dbsystel/cdk-sops-secrets

108 lines • 16.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.MultiStringParameter = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const fs = require("fs"); const aws_ssm_1 = require("aws-cdk-lib/aws-ssm"); const core_1 = require("aws-cdk-lib/core"); const constructs_1 = require("constructs"); const YAML = require("yaml"); const SopsSync_1 = require("./SopsSync"); function flattenJSON(data, parentKey = '', result = {}, keySeparator = '') { for (let key in data) { if (data.hasOwnProperty(key)) { let newKey = parentKey ? `${parentKey}${keySeparator}${key}` : key; if (Array.isArray(data[key])) { data[key].forEach((item, index) => { let arrayKey = `${newKey}[${index}]`; if (typeof item === 'object' && item !== null) { flattenJSON(item, arrayKey, result, keySeparator); } else { result[arrayKey] = item; } }); } else if (typeof data[key] === 'object' && data[key] !== null) { flattenJSON(data[key], newKey, result, keySeparator); } else { result[newKey] = data[key]; } } } return result; } class MultiStringParameter extends constructs_1.Construct { constructor(scope, id, props) { super(scope, id); this.encryptionKey = props.encryptionKey; this.stack = core_1.Stack.of(scope); this.env = { account: this.stack.account, region: this.stack.region, }; this.keyPrefix = props.keyPrefix ?? '/'; this.keySeparator = props.keySeparator ?? '/'; const keys = this.parseFile(props.sopsFilePath, this.keySeparator) .filter((key) => !key.startsWith('sops')) .map((value) => { // Ass we flatten array to [number] path notations, we have to fix this for parameter store let fixedKey = value.replace('[', this.keySeparator); fixedKey = fixedKey.replace(']', this.keySeparator); if (fixedKey.endsWith(this.keySeparator)) { fixedKey = fixedKey.slice(0, -1); } fixedKey = fixedKey.replace(this.keySeparator + this.keySeparator, this.keySeparator); // The secret name can contain ASCII letters, numbers, and the following characters: /_+=.@- const allowedChars = '/_+=.@-'; for (let i = 0; i < fixedKey.length; i++) { const char = fixedKey[i]; if (!((char >= 'a' && char <= 'z') || (char >= 'A' && char <= 'Z') || (char >= '0' && char <= '9') || allowedChars.includes(char))) { fixedKey = fixedKey.slice(0, i) + '_' + fixedKey.slice(i + 1); } } return `${this.keyPrefix}${fixedKey}`; }); keys.forEach((key) => { new aws_ssm_1.StringParameter(this, 'Resource' + key, { parameterName: key, description: props.description, tier: aws_ssm_1.ParameterTier.STANDARD, stringValue: ' ', }); }); this.sync = new SopsSync_1.SopsSync(this, 'SopsSync', { encryptionKey: this.encryptionKey, resourceType: SopsSync_1.ResourceType.PARAMETER_MULTI, flattenSeparator: this.keySeparator, parameterNames: keys, target: this.keyPrefix, ...props, }); } parseFile(sopsFilePath, keySeparator) { const _sopsFileFormat = sopsFilePath.split('.').pop(); switch (_sopsFileFormat) { case 'json': { return Object.keys(flattenJSON(JSON.parse(fs.readFileSync(sopsFilePath, 'utf-8')), '', undefined, keySeparator)); } case 'yaml': { const content = fs.readFileSync(sopsFilePath, 'utf-8'); const data = YAML.parse(content); return Object.keys(flattenJSON(data, '', undefined, keySeparator)); } default: { throw new Error(`Unsupported sopsFileFormat for multiple parameters: ${_sopsFileFormat}`); } } } } exports.MultiStringParameter = MultiStringParameter; _a = JSII_RTTI_SYMBOL_1; MultiStringParameter[_a] = { fqn: "cdk-sops-secrets.MultiStringParameter", version: "2.2.4" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiTXVsdGlTdHJpbmdQYXJhbWV0ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvTXVsdGlTdHJpbmdQYXJhbWV0ZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSx5QkFBeUI7QUFFekIsaURBQXFFO0FBQ3JFLDJDQUE4RDtBQUM5RCwyQ0FBdUM7QUFDdkMsNkJBQTZCO0FBRTdCLHlDQUFxRTtBQXFCckUsU0FBUyxXQUFXLENBQ2xCLElBQWdCLEVBQ2hCLFlBQW9CLEVBQUUsRUFDdEIsU0FBcUIsRUFBRSxFQUN2QixZQUFZLEdBQUcsRUFBRTtJQUVqQixLQUFLLElBQUksR0FBRyxJQUFJLElBQUksRUFBRSxDQUFDO1FBQ3JCLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQzdCLElBQUksTUFBTSxHQUFHLFNBQVMsQ0FBQyxDQUFDLENBQUMsR0FBRyxTQUFTLEdBQUcsWUFBWSxHQUFHLEdBQUcsRUFBRSxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDbkUsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQzdCLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxJQUF1QixFQUFFLEtBQVUsRUFBRSxFQUFFO29CQUN4RCxJQUFJLFFBQVEsR0FBRyxHQUFHLE1BQU0sSUFBSSxLQUFLLEdBQUcsQ0FBQztvQkFDckMsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRLElBQUksSUFBSSxLQUFLLElBQUksRUFBRSxDQUFDO3dCQUM5QyxXQUFXLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRSxNQUFNLEVBQUUsWUFBWSxDQUFDLENBQUM7b0JBQ3BELENBQUM7eUJBQU0sQ0FBQzt3QkFDTixNQUFNLENBQUMsUUFBUSxDQUFDLEdBQUcsSUFBSSxDQUFDO29CQUMxQixDQUFDO2dCQUNILENBQUMsQ0FBQyxDQUFDO1lBQ0wsQ0FBQztpQkFBTSxJQUFJLE9BQU8sSUFBSSxDQUFDLEdBQUcsQ0FBQyxLQUFLLFFBQVEsSUFBSSxJQUFJLENBQUMsR0FBRyxDQUFDLEtBQUssSUFBSSxFQUFFLENBQUM7Z0JBQy9ELFdBQVcsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxZQUFZLENBQUMsQ0FBQztZQUN2RCxDQUFDO2lCQUFNLENBQUM7Z0JBQ04sTUFBTSxDQUFDLE1BQU0sQ0FBQyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUM3QixDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFDRCxPQUFPLE1BQU0sQ0FBQztBQUNoQixDQUFDO0FBRUQsTUFBYSxvQkFBcUIsU0FBUSxzQkFBUztJQVFqRCxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWdDO1FBQ3hFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLGFBQWEsR0FBRyxLQUFLLENBQUMsYUFBYSxDQUFDO1FBQ3pDLElBQUksQ0FBQyxLQUFLLEdBQUcsWUFBSyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUM3QixJQUFJLENBQUMsR0FBRyxHQUFHO1lBQ1QsT0FBTyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTztZQUMzQixNQUFNLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxNQUFNO1NBQzFCLENBQUM7UUFDRixJQUFJLENBQUMsU0FBUyxHQUFHLEtBQUssQ0FBQyxTQUFTLElBQUksR0FBRyxDQUFDO1FBQ3hDLElBQUksQ0FBQyxZQUFZLEdBQUcsS0FBSyxDQUFDLFlBQVksSUFBSSxHQUFHLENBQUM7UUFFOUMsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsWUFBYSxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUM7YUFDaEUsTUFBTSxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7YUFDeEMsR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUU7WUFDYiwyRkFBMkY7WUFDM0YsSUFBSSxRQUFRLEdBQUcsS0FBSyxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQ3JELFFBQVEsR0FBRyxRQUFRLENBQUMsT0FBTyxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDcEQsSUFBSSxRQUFRLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDO2dCQUN6QyxRQUFRLEdBQUcsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUNuQyxDQUFDO1lBQ0QsUUFBUSxHQUFHLFFBQVEsQ0FBQyxPQUFPLENBQ3pCLElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSxDQUFDLFlBQVksRUFDckMsSUFBSSxDQUFDLFlBQVksQ0FDbEIsQ0FBQztZQUVGLDRGQUE0RjtZQUM1RixNQUFNLFlBQVksR0FBRyxTQUFTLENBQUM7WUFDL0IsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLFFBQVEsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQztnQkFDekMsTUFBTSxJQUFJLEdBQUcsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUN6QixJQUNFLENBQUMsQ0FDQyxDQUFDLElBQUksSUFBSSxHQUFHLElBQUksSUFBSSxJQUFJLEdBQUcsQ0FBQztvQkFDNUIsQ0FBQyxJQUFJLElBQUksR0FBRyxJQUFJLElBQUksSUFBSSxHQUFHLENBQUM7b0JBQzVCLENBQUMsSUFBSSxJQUFJLEdBQUcsSUFBSSxJQUFJLElBQUksR0FBRyxDQUFDO29CQUM1QixZQUFZLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxDQUM1QixFQUNELENBQUM7b0JBQ0QsUUFBUSxHQUFHLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxHQUFHLEdBQUcsR0FBRyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDaEUsQ0FBQztZQUNILENBQUM7WUFDRCxPQUFPLEdBQUcsSUFBSSxDQUFDLFNBQVMsR0FBRyxRQUFRLEVBQUUsQ0FBQztRQUN4QyxDQUFDLENBQUMsQ0FBQztRQUVMLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRTtZQUNuQixJQUFJLHlCQUFlLENBQUMsSUFBSSxFQUFFLFVBQVUsR0FBRyxHQUFHLEVBQUU7Z0JBQzFDLGFBQWEsRUFBRSxHQUFHO2dCQUNsQixXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7Z0JBQzlCLElBQUksRUFBRSx1QkFBYSxDQUFDLFFBQVE7Z0JBQzVCLFdBQVcsRUFBRSxHQUFHO2FBQ2pCLENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLG1CQUFRLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtZQUN6QyxhQUFhLEVBQUUsSUFBSSxDQUFDLGFBQWE7WUFDakMsWUFBWSxFQUFFLHVCQUFZLENBQUMsZUFBZTtZQUMxQyxnQkFBZ0IsRUFBRSxJQUFJLENBQUMsWUFBWTtZQUNuQyxjQUFjLEVBQUUsSUFBSTtZQUNwQixNQUFNLEVBQUUsSUFBSSxDQUFDLFNBQVM7WUFDdEIsR0FBSSxLQUF5QjtTQUM5QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU8sU0FBUyxDQUFDLFlBQW9CLEVBQUUsWUFBb0I7UUFDMUQsTUFBTSxlQUFlLEdBQUcsWUFBWSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUN0RCxRQUFRLGVBQWUsRUFBRSxDQUFDO1lBQ3hCLEtBQUssTUFBTSxDQUFDLENBQUMsQ0FBQztnQkFDWixPQUFPLE1BQU0sQ0FBQyxJQUFJLENBQ2hCLFdBQVcsQ0FDVCxJQUFJLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxZQUFZLENBQUMsWUFBWSxFQUFFLE9BQU8sQ0FBQyxDQUFDLEVBQ2xELEVBQUUsRUFDRixTQUFTLEVBQ1QsWUFBWSxDQUNiLENBQ0YsQ0FBQztZQUNKLENBQUM7WUFDRCxLQUFLLE1BQU0sQ0FBQyxDQUFDLENBQUM7Z0JBQ1osTUFBTSxPQUFPLEdBQUcsRUFBRSxDQUFDLFlBQVksQ0FBQyxZQUFZLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3ZELE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFlLENBQUM7Z0JBQy9DLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxFQUFFLEVBQUUsRUFBRSxTQUFTLEVBQUUsWUFBWSxDQUFDLENBQUMsQ0FBQztZQUNyRSxDQUFDO1lBQ0QsT0FBTyxDQUFDLENBQUMsQ0FBQztnQkFDUixNQUFNLElBQUksS0FBSyxDQUNiLHVEQUF1RCxlQUFlLEVBQUUsQ0FDekUsQ0FBQztZQUNKLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQzs7QUEvRkgsb0RBZ0dDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgZnMgZnJvbSAnZnMnO1xuaW1wb3J0IHsgSUtleSB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1rbXMnO1xuaW1wb3J0IHsgUGFyYW1ldGVyVGllciwgU3RyaW5nUGFyYW1ldGVyIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLXNzbSc7XG5pbXBvcnQgeyBSZXNvdXJjZUVudmlyb25tZW50LCBTdGFjayB9IGZyb20gJ2F3cy1jZGstbGliL2NvcmUnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5pbXBvcnQgKiBhcyBZQU1MIGZyb20gJ3lhbWwnO1xuaW1wb3J0IHsgU29wc0NvbW1vblBhcmFtZXRlclByb3BzIH0gZnJvbSAnLi9Tb3BzU3RyaW5nUGFyYW1ldGVyJztcbmltcG9ydCB7IFJlc291cmNlVHlwZSwgU29wc1N5bmMsIFNvcHNTeW5jT3B0aW9ucyB9IGZyb20gJy4vU29wc1N5bmMnO1xuXG5pbnRlcmZhY2UgSlNPTk9iamVjdCB7XG4gIFtrZXk6IHN0cmluZ106IGFueTtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBNdWx0aVN0cmluZ1BhcmFtZXRlclByb3BzIGV4dGVuZHMgU29wc0NvbW1vblBhcmFtZXRlclByb3BzIHtcbiAgLyoqXG4gICAqIFRoZSBzZXBlcmF0b3IgdXNlZCB0byBzZXBlcmF0ZSBrZXlzXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gJy8nXG4gICAqL1xuICByZWFkb25seSBrZXlTZXBhcmF0b3I/OiBzdHJpbmc7XG4gIC8qKlxuICAgKiBUaGUgcHJlZml4IHVzZWQgZm9yIGFsbCBwYXJhbWV0ZXJzXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gJy8nXG4gICAqL1xuICByZWFkb25seSBrZXlQcmVmaXg/OiBzdHJpbmc7XG59XG5cbmZ1bmN0aW9uIGZsYXR0ZW5KU09OKFxuICBkYXRhOiBKU09OT2JqZWN0LFxuICBwYXJlbnRLZXk6IHN0cmluZyA9ICcnLFxuICByZXN1bHQ6IEpTT05PYmplY3QgPSB7fSxcbiAga2V5U2VwYXJhdG9yID0gJycsXG4pOiBKU09OT2JqZWN0IHtcbiAgZm9yIChsZXQga2V5IGluIGRhdGEpIHtcbiAgICBpZiAoZGF0YS5oYXNPd25Qcm9wZXJ0eShrZXkpKSB7XG4gICAgICBsZXQgbmV3S2V5ID0gcGFyZW50S2V5ID8gYCR7cGFyZW50S2V5fSR7a2V5U2VwYXJhdG9yfSR7a2V5fWAgOiBrZXk7XG4gICAgICBpZiAoQXJyYXkuaXNBcnJheShkYXRhW2tleV0pKSB7XG4gICAgICAgIGRhdGFba2V5XS5mb3JFYWNoKChpdGVtOiBKU09OT2JqZWN0IHwgbnVsbCwgaW5kZXg6IGFueSkgPT4ge1xuICAgICAgICAgIGxldCBhcnJheUtleSA9IGAke25ld0tleX1bJHtpbmRleH1dYDtcbiAgICAgICAgICBpZiAodHlwZW9mIGl0ZW0gPT09ICdvYmplY3QnICYmIGl0ZW0gIT09IG51bGwpIHtcbiAgICAgICAgICAgIGZsYXR0ZW5KU09OKGl0ZW0sIGFycmF5S2V5LCByZXN1bHQsIGtleVNlcGFyYXRvcik7XG4gICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgIHJlc3VsdFthcnJheUtleV0gPSBpdGVtO1xuICAgICAgICAgIH1cbiAgICAgICAgfSk7XG4gICAgICB9IGVsc2UgaWYgKHR5cGVvZiBkYXRhW2tleV0gPT09ICdvYmplY3QnICYmIGRhdGFba2V5XSAhPT0gbnVsbCkge1xuICAgICAgICBmbGF0dGVuSlNPTihkYXRhW2tleV0sIG5ld0tleSwgcmVzdWx0LCBrZXlTZXBhcmF0b3IpO1xuICAgICAgfSBlbHNlIHtcbiAgICAgICAgcmVzdWx0W25ld0tleV0gPSBkYXRhW2tleV07XG4gICAgICB9XG4gICAgfVxuICB9XG4gIHJldHVybiByZXN1bHQ7XG59XG5cbmV4cG9ydCBjbGFzcyBNdWx0aVN0cmluZ1BhcmFtZXRlciBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHJlYWRvbmx5IHN5bmM6IFNvcHNTeW5jO1xuICByZWFkb25seSBlbmNyeXB0aW9uS2V5OiBJS2V5O1xuICByZWFkb25seSBzdGFjazogU3RhY2s7XG4gIHJlYWRvbmx5IGVudjogUmVzb3VyY2VFbnZpcm9ubWVudDtcbiAgcmVhZG9ubHkga2V5UHJlZml4OiBzdHJpbmc7XG4gIHJlYWRvbmx5IGtleVNlcGFyYXRvcjogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBNdWx0aVN0cmluZ1BhcmFtZXRlclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMuZW5jcnlwdGlvbktleSA9IHByb3BzLmVuY3J5cHRpb25LZXk7XG4gICAgdGhpcy5zdGFjayA9IFN0YWNrLm9mKHNjb3BlKTtcbiAgICB0aGlzLmVudiA9IHtcbiAgICAgIGFjY291bnQ6IHRoaXMuc3RhY2suYWNjb3VudCxcbiAgICAgIHJlZ2lvbjogdGhpcy5zdGFjay5yZWdpb24sXG4gICAgfTtcbiAgICB0aGlzLmtleVByZWZpeCA9IHByb3BzLmtleVByZWZpeCA/PyAnLyc7XG4gICAgdGhpcy5rZXlTZXBhcmF0b3IgPSBwcm9wcy5rZXlTZXBhcmF0b3IgPz8gJy8nO1xuXG4gICAgY29uc3Qga2V5cyA9IHRoaXMucGFyc2VGaWxlKHByb3BzLnNvcHNGaWxlUGF0aCEsIHRoaXMua2V5U2VwYXJhdG9yKVxuICAgICAgLmZpbHRlcigoa2V5KSA9PiAha2V5LnN0YXJ0c1dpdGgoJ3NvcHMnKSlcbiAgICAgIC5tYXAoKHZhbHVlKSA9PiB7XG4gICAgICAgIC8vIEFzcyB3ZSBmbGF0dGVuIGFycmF5IHRvIFtudW1iZXJdIHBhdGggbm90YXRpb25zLCB3ZSBoYXZlIHRvIGZpeCB0aGlzIGZvciBwYXJhbWV0ZXIgc3RvcmVcbiAgICAgICAgbGV0IGZpeGVkS2V5ID0gdmFsdWUucmVwbGFjZSgnWycsIHRoaXMua2V5U2VwYXJhdG9yKTtcbiAgICAgICAgZml4ZWRLZXkgPSBmaXhlZEtleS5yZXBsYWNlKCddJywgdGhpcy5rZXlTZXBhcmF0b3IpO1xuICAgICAgICBpZiAoZml4ZWRLZXkuZW5kc1dpdGgodGhpcy5rZXlTZXBhcmF0b3IpKSB7XG4gICAgICAgICAgZml4ZWRLZXkgPSBmaXhlZEtleS5zbGljZSgwLCAtMSk7XG4gICAgICAgIH1cbiAgICAgICAgZml4ZWRLZXkgPSBmaXhlZEtleS5yZXBsYWNlKFxuICAgICAgICAgIHRoaXMua2V5U2VwYXJhdG9yICsgdGhpcy5rZXlTZXBhcmF0b3IsXG4gICAgICAgICAgdGhpcy5rZXlTZXBhcmF0b3IsXG4gICAgICAgICk7XG5cbiAgICAgICAgLy8gVGhlIHNlY3JldCBuYW1lIGNhbiBjb250YWluIEFTQ0lJIGxldHRlcnMsIG51bWJlcnMsIGFuZCB0aGUgZm9sbG93aW5nIGNoYXJhY3RlcnM6IC9fKz0uQC1cbiAgICAgICAgY29uc3QgYWxsb3dlZENoYXJzID0gJy9fKz0uQC0nO1xuICAgICAgICBmb3IgKGxldCBpID0gMDsgaSA8IGZpeGVkS2V5Lmxlbmd0aDsgaSsrKSB7XG4gICAgICAgICAgY29uc3QgY2hhciA9IGZpeGVkS2V5W2ldO1xuICAgICAgICAgIGlmIChcbiAgICAgICAgICAgICEoXG4gICAgICAgICAgICAgIChjaGFyID49ICdhJyAmJiBjaGFyIDw9ICd6JykgfHxcbiAgICAgICAgICAgICAgKGNoYXIgPj0gJ0EnICYmIGNoYXIgPD0gJ1onKSB8fFxuICAgICAgICAgICAgICAoY2hhciA+PSAnMCcgJiYgY2hhciA8PSAnOScpIHx8XG4gICAgICAgICAgICAgIGFsbG93ZWRDaGFycy5pbmNsdWRlcyhjaGFyKVxuICAgICAgICAgICAgKVxuICAgICAgICAgICkge1xuICAgICAgICAgICAgZml4ZWRLZXkgPSBmaXhlZEtleS5zbGljZSgwLCBpKSArICdfJyArIGZpeGVkS2V5LnNsaWNlKGkgKyAxKTtcbiAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICAgICAgcmV0dXJuIGAke3RoaXMua2V5UHJlZml4fSR7Zml4ZWRLZXl9YDtcbiAgICAgIH0pO1xuXG4gICAga2V5cy5mb3JFYWNoKChrZXkpID0+IHtcbiAgICAgIG5ldyBTdHJpbmdQYXJhbWV0ZXIodGhpcywgJ1Jlc291cmNlJyArIGtleSwge1xuICAgICAgICBwYXJhbWV0ZXJOYW1lOiBrZXksXG4gICAgICAgIGRlc2NyaXB0aW9uOiBwcm9wcy5kZXNjcmlwdGlvbixcbiAgICAgICAgdGllcjogUGFyYW1ldGVyVGllci5TVEFOREFSRCxcbiAgICAgICAgc3RyaW5nVmFsdWU6ICcgJyxcbiAgICAgIH0pO1xuICAgIH0pO1xuXG4gICAgdGhpcy5zeW5jID0gbmV3IFNvcHNTeW5jKHRoaXMsICdTb3BzU3luYycsIHtcbiAgICAgIGVuY3J5cHRpb25LZXk6IHRoaXMuZW5jcnlwdGlvbktleSxcbiAgICAgIHJlc291cmNlVHlwZTogUmVzb3VyY2VUeXBlLlBBUkFNRVRFUl9NVUxUSSxcbiAgICAgIGZsYXR0ZW5TZXBhcmF0b3I6IHRoaXMua2V5U2VwYXJhdG9yLFxuICAgICAgcGFyYW1ldGVyTmFtZXM6IGtleXMsXG4gICAgICB0YXJnZXQ6IHRoaXMua2V5UHJlZml4LFxuICAgICAgLi4uKHByb3BzIGFzIFNvcHNTeW5jT3B0aW9ucyksXG4gICAgfSk7XG4gIH1cblxuICBwcml2YXRlIHBhcnNlRmlsZShzb3BzRmlsZVBhdGg6IHN0cmluZywga2V5U2VwYXJhdG9yOiBzdHJpbmcpOiBzdHJpbmdbXSB7XG4gICAgY29uc3QgX3NvcHNGaWxlRm9ybWF0ID0gc29wc0ZpbGVQYXRoLnNwbGl0KCcuJykucG9wKCk7XG4gICAgc3dpdGNoIChfc29wc0ZpbGVGb3JtYXQpIHtcbiAgICAgIGNhc2UgJ2pzb24nOiB7XG4gICAgICAgIHJldHVybiBPYmplY3Qua2V5cyhcbiAgICAgICAgICBmbGF0dGVuSlNPTihcbiAgICAgICAgICAgIEpTT04ucGFyc2UoZnMucmVhZEZpbGVTeW5jKHNvcHNGaWxlUGF0aCwgJ3V0Zi04JykpLFxuICAgICAgICAgICAgJycsXG4gICAgICAgICAgICB1bmRlZmluZWQsXG4gICAgICAgICAgICBrZXlTZXBhcmF0b3IsXG4gICAgICAgICAgKSxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICAgIGNhc2UgJ3lhbWwnOiB7XG4gICAgICAgIGNvbnN0IGNvbnRlbnQgPSBmcy5yZWFkRmlsZVN5bmMoc29wc0ZpbGVQYXRoLCAndXRmLTgnKTtcbiAgICAgICAgY29uc3QgZGF0YSA9IFlBTUwucGFyc2UoY29udGVudCkgYXMgSlNPTk9iamVjdDtcbiAgICAgICAgcmV0dXJuIE9iamVjdC5rZXlzKGZsYXR0ZW5KU09OKGRhdGEsICcnLCB1bmRlZmluZWQsIGtleVNlcGFyYXRvcikpO1xuICAgICAgfVxuICAgICAgZGVmYXVsdDoge1xuICAgICAgICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgICAgICAgYFVuc3VwcG9ydGVkIHNvcHNGaWxlRm9ybWF0IGZvciBtdWx0aXBsZSBwYXJhbWV0ZXJzOiAke19zb3BzRmlsZUZvcm1hdH1gLFxuICAgICAgICApO1xuICAgICAgfVxuICAgIH1cbiAgfVxufVxuIl19