UNPKG

cdk-twingate

Version:

![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/Hawxy/cdk-twingate/build.yml?label=Build%20%26%20Release&style=flat-square) [![npm](https://img.shields.io/npm/v/cdk-twingate?style=flat-square)](https://www.npmjs.com/package

github.com/Hawxy/cdk-twingate

Hawxy/cdk-twingate

67 lines 13.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.TwingateConnector = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const aws_ec2_1 = require("aws-cdk-lib/aws-ec2"); const constructs_1 = require("constructs"); var CredentialType; (function (CredentialType) { CredentialType[CredentialType["AccessToken"] = 0] = "AccessToken"; CredentialType[CredentialType["RefreshToken"] = 1] = "RefreshToken"; })(CredentialType || (CredentialType = {})); class TwingateConnector extends constructs_1.Construct { constructor(scope, id, props) { super(scope, id); const { twingateDomain, twingateCredentials, vpc, availabilityZone, instanceName, subnetSelection, securityGroup, instanceType, } = props; const userData = [ 'sudo mkdir -p /etc/twingate/', 'sudo snap install aws-cli --classic', 'sudo snap install jq', `echo TWINGATE_URL="${twingateDomain}" > /etc/twingate/connector.conf`, `echo TWINGATE_ACCESS_TOKEN=${this.computeCredentials(twingateCredentials, CredentialType.AccessToken)} >> /etc/twingate/connector.conf`, `echo TWINGATE_REFRESH_TOKEN=${this.computeCredentials(twingateCredentials, CredentialType.RefreshToken)} >> /etc/twingate/connector.conf`, 'echo TWINGATE_LABEL_HOSTNAME=$(curl http://169.254.169.254/latest/meta-data/local-hostname)', 'sudo systemctl enable --now twingate-connector', ]; const bastion = new aws_ec2_1.Instance(this, 'TwingateHost', { vpc: vpc, vpcSubnets: subnetSelection ?? { subnetType: aws_ec2_1.SubnetType.PUBLIC }, securityGroup: securityGroup, availabilityZone: availabilityZone, instanceName: instanceName, instanceType: instanceType ?? aws_ec2_1.InstanceType.of(aws_ec2_1.InstanceClass.T3A, aws_ec2_1.InstanceSize.MICRO), machineImage: aws_ec2_1.MachineImage.lookup({ name: 'twingate/images/hvm-ssd/twingate-amd64-*', windows: false, }), userDataCausesReplacement: true, requireImdsv2: true, ssmSessionPermissions: true, }); bastion.userData.addCommands(...userData); if (twingateCredentials.secretsManager) { twingateCredentials.secretsManager.secret.grantRead(bastion); } this.bastion = bastion; } computeCredentials(credentials, credentialType) { if (credentials.unsafeStringKeys) { return credentialType == CredentialType.AccessToken ? credentials.unsafeStringKeys.accessToken : credentials.unsafeStringKeys.refreshToken; } else if (credentials.secretsManager) { const sm = credentials.secretsManager; const lookup = credentialType == CredentialType.AccessToken ? sm.accessTokenKey : sm.refreshTokenKey; return `$(aws secretsmanager get-secret-value --region ${sm.secret.env.region} --secret-id ${sm.secret.secretArn} --query SecretString --output text | jq '."${lookup}"')`; } else { throw new Error('No Twingate credentials set'); } } } exports.TwingateConnector = TwingateConnector; _a = JSII_RTTI_SYMBOL_1; TwingateConnector[_a] = { fqn: "cdk-twingate.TwingateConnector", version: "1.1.0" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxpREFXNkI7QUFFN0IsMkNBQXVDO0FBZ0d2QyxJQUFLLGNBR0o7QUFIRCxXQUFLLGNBQWM7SUFDakIsaUVBQVcsQ0FBQTtJQUNYLG1FQUFZLENBQUE7QUFDZCxDQUFDLEVBSEksY0FBYyxLQUFkLGNBQWMsUUFHbEI7QUFFRCxNQUFhLGlCQUFrQixTQUFRLHNCQUFTO0lBRTlDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBNkI7UUFDckUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLEVBQ0osY0FBYyxFQUNkLG1CQUFtQixFQUNuQixHQUFHLEVBQ0gsZ0JBQWdCLEVBQ2hCLFlBQVksRUFDWixlQUFlLEVBQ2YsYUFBYSxFQUNiLFlBQVksR0FDYixHQUFHLEtBQUssQ0FBQztRQUVWLE1BQU0sUUFBUSxHQUFHO1lBQ2YsOEJBQThCO1lBQzlCLHFDQUFxQztZQUNyQyxzQkFBc0I7WUFDdEIsc0JBQXNCLGNBQWMsa0NBQWtDO1lBQ3RFLDhCQUE4QixJQUFJLENBQUMsa0JBQWtCLENBQUMsbUJBQW1CLEVBQUUsY0FBYyxDQUFDLFdBQVcsQ0FBQyxrQ0FBa0M7WUFDeEksK0JBQStCLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxtQkFBbUIsRUFBRSxjQUFjLENBQUMsWUFBWSxDQUFDLGtDQUFrQztZQUMxSSw2RkFBNkY7WUFDN0YsZ0RBQWdEO1NBQ2pELENBQUM7UUFFRixNQUFNLE9BQU8sR0FBRyxJQUFJLGtCQUFRLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRTtZQUNqRCxHQUFHLEVBQUUsR0FBRztZQUNSLFVBQVUsRUFBRSxlQUFlLElBQUksRUFBRSxVQUFVLEVBQUUsb0JBQVUsQ0FBQyxNQUFNLEVBQUU7WUFDaEUsYUFBYSxFQUFFLGFBQWE7WUFDNUIsZ0JBQWdCLEVBQUUsZ0JBQWdCO1lBQ2xDLFlBQVksRUFBRSxZQUFZO1lBQzFCLFlBQVksRUFBRSxZQUFZLElBQUksc0JBQVksQ0FBQyxFQUFFLENBQUMsdUJBQWEsQ0FBQyxHQUFHLEVBQUUsc0JBQVksQ0FBQyxLQUFLLENBQUM7WUFDcEYsWUFBWSxFQUFFLHNCQUFZLENBQUMsTUFBTSxDQUFDO2dCQUNoQyxJQUFJLEVBQUUsMENBQTBDO2dCQUNoRCxPQUFPLEVBQUUsS0FBSzthQUNmLENBQUM7WUFDRix5QkFBeUIsRUFBRSxJQUFJO1lBQy9CLGFBQWEsRUFBRSxJQUFJO1lBQ25CLHFCQUFxQixFQUFFLElBQUk7U0FDNUIsQ0FBQyxDQUFDO1FBRUgsT0FBTyxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsR0FBRyxRQUFRLENBQUMsQ0FBQztRQUUxQyxJQUFJLG1CQUFtQixDQUFDLGNBQWMsRUFBRSxDQUFDO1lBQ3ZDLG1CQUFtQixDQUFDLGNBQWMsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQy9ELENBQUM7UUFFRCxJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQztJQUV6QixDQUFDO0lBRU8sa0JBQWtCLENBQUMsV0FBZ0MsRUFBRSxjQUE4QjtRQUN6RixJQUFJLFdBQVcsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ2pDLE9BQU8sY0FBYyxJQUFJLGNBQWMsQ0FBQyxXQUFXO2dCQUNqRCxDQUFDLENBQUMsV0FBVyxDQUFDLGdCQUFnQixDQUFDLFdBQVc7Z0JBQzFDLENBQUMsQ0FBQyxXQUFXLENBQUMsZ0JBQWdCLENBQUMsWUFBWSxDQUFDO1FBQ2hELENBQUM7YUFBTSxJQUFJLFdBQVcsQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUN0QyxNQUFNLEVBQUUsR0FBRyxXQUFXLENBQUMsY0FBYyxDQUFDO1lBQ3RDLE1BQU0sTUFBTSxHQUFHLGNBQWMsSUFBSSxjQUFjLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsZUFBZSxDQUFDO1lBQ3JHLE9BQU8sa0RBQWtELEVBQUUsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sZ0JBQWdCLEVBQUUsQ0FBQyxNQUFNLENBQUMsU0FBUywrQ0FBK0MsTUFBTSxLQUFLLENBQUM7UUFDN0ssQ0FBQzthQUFNLENBQUM7WUFDTixNQUFNLElBQUksS0FBSyxDQUFDLDZCQUE2QixDQUFDLENBQUM7UUFDakQsQ0FBQztJQUNILENBQUM7O0FBakVILDhDQWtFQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7XG4gIEFtYXpvbkxpbnV4Q3B1VHlwZSxcbiAgSW5zdGFuY2UsXG4gIEluc3RhbmNlQ2xhc3MsXG4gIEluc3RhbmNlU2l6ZSxcbiAgSW5zdGFuY2VUeXBlLFxuICBJU2VjdXJpdHlHcm91cCxcbiAgSVZwYyxcbiAgTWFjaGluZUltYWdlLFxuICBTdWJuZXRTZWxlY3Rpb24sXG4gIFN1Ym5ldFR5cGUsXG59IGZyb20gJ2F3cy1jZGstbGliL2F3cy1lYzInO1xuaW1wb3J0IHsgSVNlY3JldCB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1zZWNyZXRzbWFuYWdlcic7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcblxuZXhwb3J0IGludGVyZmFjZSBTZWNyZXRzTWFuYWdlcktleXMge1xuICAvKipcbiAgKiBTZWNyZXQgbWFuYWdlciBsb2NhdGlvbiB3aGVyZSB0aGUgdHdpbmdhdGUgYXV0aCBrZXkgaXMgc3RvcmVkLiBNdXN0IGJlIGluIHRoZSBzdGFuZGFyZCBrZXkvdmFsdWUgSlNPTiBmb3JtYXQuXG4gICovXG4gIHJlYWRvbmx5IHNlY3JldDogSVNlY3JldDtcbiAgLyoqXG4gICAqIFRoZSBrZXkgb2YgdGhlIGFjY2VzcyB0b2tlbiB2YWx1ZSBsb2NhdGVkIHdpdGhpbiB0aGUgcHJvdmlkZWQgc2VjcmV0LlxuICAgKi9cbiAgcmVhZG9ubHkgYWNjZXNzVG9rZW5LZXk6IHN0cmluZztcbiAgLyoqXG4gICAqIFRoZSBrZXkgb2YgdGhlIHJlZnJlc2ggdG9rZW4gdmFsdWUgbG9jYXRlZCB3aXRoaW4gdGhlIHByb3ZpZGVkIHNlY3JldC5cbiAgICovXG4gIHJlYWRvbmx5IHJlZnJlc2hUb2tlbktleTogc3RyaW5nO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFVuc2FmZVN0cmluZ0tleXMge1xuICAvKipcbiAgICogUHJvdmlkZXMgYW4gYWNjZXNzIHRva2VuIGFzIGEgcGxhaW50ZXh0IHN0cmluZy5cbiAgICovXG4gIHJlYWRvbmx5IGFjY2Vzc1Rva2VuOiBzdHJpbmc7XG5cbiAgLyoqXG4gKiBQcm92aWRlcyBhbiBhcGkga2V5IGFzIGEgcGxhaW50ZXh0IHN0cmluZy5cbiAqL1xuICByZWFkb25seSByZWZyZXNoVG9rZW46IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBUd2luZ2F0ZUNyZWRlbnRpYWxzIHtcbiAgLyoqXG4gICAqIEZldGNoZXMgdGhlIGNyZWRlbnRpYWxzIGZyb20gc2VjcmV0cyBtYW5hZ2VyLiBUaGlzIHZhbHVlIHdpbGwgYmUgZmV0Y2hlZCBkdXJpbmcgRUMyIHN0YXJ0dXAuXG4gICAqL1xuICByZWFkb25seSBzZWNyZXRzTWFuYWdlcj86IFNlY3JldHNNYW5hZ2VyS2V5cztcbiAgLyoqXG4gICAqIFByb3ZpZGVzIGNyZWRlbnRpYWxzIGFzIHBsYWludGV4dCBzdHJpbmdzLlxuICAgKiBDQVVUSU9OOiBUaGlzIG9wdGlvbiB3aWxsIGV4cG9zZSB0aGUgY3JlZGVudGlhbHMgaW4geW91ciBDREsgdGVtcGxhdGUuXG4gICAqL1xuICByZWFkb25seSB1bnNhZmVTdHJpbmdLZXlzPzogVW5zYWZlU3RyaW5nS2V5cztcblxufVxuXG5leHBvcnQgaW50ZXJmYWNlIFR3aW5nYXRlQ29ubmVjdG9yUHJvcHMge1xuICAvKipcbiAgICAqIFZQQyB0byBsYXVuY2ggdGhlIGluc3RhbmNlIGluLlxuICAgICovXG4gIHJlYWRvbmx5IHZwYzogSVZwYztcblxuICAvKipcbiAgICogVGhlIGZ1bGwgZG9tYWluIG9mIHlvdXIgVHdpbmdhdGUgaW5zdGFuY2UsIGllIGh0dHBzOi8vbXljb21wYW55LnR3aW5nYXRlLmNvbVxuICAgKi9cbiAgcmVhZG9ubHkgdHdpbmdhdGVEb21haW46IHN0cmluZztcblxuICAvKipcbiAgICogQ3JlZGVudGlhbCBzZXR0aW5ncyBmb3IgdGhlIHR3aW5nYXRlIGF1dGgga2V5cy4gT25lIHR5cGUgbXVzdCBiZSB1c2VkLlxuICAgKi9cbiAgcmVhZG9ubHkgdHdpbmdhdGVDcmVkZW50aWFsczogVHdpbmdhdGVDcmVkZW50aWFscztcbiAgLyoqXG4gICAqIEluIHdoaWNoIEFaIHRvIHBsYWNlIHRoZSBpbnN0YW5jZSB3aXRoaW4gdGhlIFZQQy5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBSYW5kb20gem9uZS5cbiAgICovXG4gIHJlYWRvbmx5IGF2YWlsYWJpbGl0eVpvbmU/OiBzdHJpbmc7XG4gIC8qKlxuICAgKiBUaGUgbmFtZSBvZiB0aGUgaW5zdGFuY2UuXG4gICAqXG4gICAqIEBkZWZhdWx0IFJhbmRvbWx5R2VuZXJhdGVkXG4gICAqL1xuICByZWFkb25seSBpbnN0YW5jZU5hbWU/OiBzdHJpbmc7XG4gIC8qKlxuICAgKiBTZWxlY3QgdGhlIHN1Ym5ldHMgdG8gcnVuIHRoZSBFQzIgaW4uXG4gICAqIFBVQkxJQyBzdWJuZXRzIGFyZSB1c2VkIGJ5IGRlZmF1bHQgdG8gc3VwcG9ydCBQMlAgY29ubmVjdGlvbnMuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gUFVCTElDIHN1Ym5ldHMgb2YgdGhlIHN1cHBsaWVkIFZQQ1xuICAgKi9cbiAgcmVhZG9ubHkgc3VibmV0U2VsZWN0aW9uPzogU3VibmV0U2VsZWN0aW9uO1xuICAvKipcbiAgICogU2VjdXJpdHkgR3JvdXAgdG8gYXNzaWduIHRvIHRoaXMgaW5zdGFuY2UuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gQ3JlYXRlcyBhIG5ldyBzZWN1cml0eSBncm91cCB3aXRoIGFsbCBvdXRib3VuZCB0cmFmZmljIHBlcm1pdHRlZC5cbiAgICovXG4gIHJlYWRvbmx5IHNlY3VyaXR5R3JvdXA/OiBJU2VjdXJpdHlHcm91cDtcbiAgLyoqXG4gICAqIFR5cGUgb2YgaW5zdGFuY2UgdG8gbGF1bmNoLlxuICAgKlxuICAgKiBAZGVmYXVsdCAndDNhLm1pY3JvJ1xuICAgKi9cbiAgcmVhZG9ubHkgaW5zdGFuY2VUeXBlPzogSW5zdGFuY2VUeXBlO1xuICAvKipcbiAgICogIENQVSBUeXBlIG9mIHRoZSBpbnN0YW5jZS5cbiAgICpcbiAgICogIEBkZWZhdWx0IEFtYXpvbkxpbnV4Q3B1VHlwZS5YODZfNjRcbiAgICovXG4gIHJlYWRvbmx5IGNwdVR5cGU/OiBBbWF6b25MaW51eENwdVR5cGU7XG59XG5cbmVudW0gQ3JlZGVudGlhbFR5cGUge1xuICBBY2Nlc3NUb2tlbixcbiAgUmVmcmVzaFRva2VuLFxufVxuXG5leHBvcnQgY2xhc3MgVHdpbmdhdGVDb25uZWN0b3IgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICByZWFkb25seSBiYXN0aW9uOiBJbnN0YW5jZTtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFR3aW5nYXRlQ29ubmVjdG9yUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3Qge1xuICAgICAgdHdpbmdhdGVEb21haW4sXG4gICAgICB0d2luZ2F0ZUNyZWRlbnRpYWxzLFxuICAgICAgdnBjLFxuICAgICAgYXZhaWxhYmlsaXR5Wm9uZSxcbiAgICAgIGluc3RhbmNlTmFtZSxcbiAgICAgIHN1Ym5ldFNlbGVjdGlvbixcbiAgICAgIHNlY3VyaXR5R3JvdXAsXG4gICAgICBpbnN0YW5jZVR5cGUsXG4gICAgfSA9IHByb3BzO1xuXG4gICAgY29uc3QgdXNlckRhdGEgPSBbXG4gICAgICAnc3VkbyBta2RpciAtcCAvZXRjL3R3aW5nYXRlLycsXG4gICAgICAnc3VkbyBzbmFwIGluc3RhbGwgYXdzLWNsaSAtLWNsYXNzaWMnLFxuICAgICAgJ3N1ZG8gc25hcCBpbnN0YWxsIGpxJyxcbiAgICAgIGBlY2hvIFRXSU5HQVRFX1VSTD1cIiR7dHdpbmdhdGVEb21haW59XCIgPiAvZXRjL3R3aW5nYXRlL2Nvbm5lY3Rvci5jb25mYCxcbiAgICAgIGBlY2hvIFRXSU5HQVRFX0FDQ0VTU19UT0tFTj0ke3RoaXMuY29tcHV0ZUNyZWRlbnRpYWxzKHR3aW5nYXRlQ3JlZGVudGlhbHMsIENyZWRlbnRpYWxUeXBlLkFjY2Vzc1Rva2VuKX0gPj4gL2V0Yy90d2luZ2F0ZS9jb25uZWN0b3IuY29uZmAsXG4gICAgICBgZWNobyBUV0lOR0FURV9SRUZSRVNIX1RPS0VOPSR7dGhpcy5jb21wdXRlQ3JlZGVudGlhbHModHdpbmdhdGVDcmVkZW50aWFscywgQ3JlZGVudGlhbFR5cGUuUmVmcmVzaFRva2VuKX0gPj4gL2V0Yy90d2luZ2F0ZS9jb25uZWN0b3IuY29uZmAsXG4gICAgICAnZWNobyBUV0lOR0FURV9MQUJFTF9IT1NUTkFNRT0kKGN1cmwgaHR0cDovLzE2OS4yNTQuMTY5LjI1NC9sYXRlc3QvbWV0YS1kYXRhL2xvY2FsLWhvc3RuYW1lKScsXG4gICAgICAnc3VkbyBzeXN0ZW1jdGwgZW5hYmxlIC0tbm93IHR3aW5nYXRlLWNvbm5lY3RvcicsXG4gICAgXTtcblxuICAgIGNvbnN0IGJhc3Rpb24gPSBuZXcgSW5zdGFuY2UodGhpcywgJ1R3aW5nYXRlSG9zdCcsIHtcbiAgICAgIHZwYzogdnBjLFxuICAgICAgdnBjU3VibmV0czogc3VibmV0U2VsZWN0aW9uID8/IHsgc3VibmV0VHlwZTogU3VibmV0VHlwZS5QVUJMSUMgfSxcbiAgICAgIHNlY3VyaXR5R3JvdXA6IHNlY3VyaXR5R3JvdXAsXG4gICAgICBhdmFpbGFiaWxpdHlab25lOiBhdmFpbGFiaWxpdHlab25lLFxuICAgICAgaW5zdGFuY2VOYW1lOiBpbnN0YW5jZU5hbWUsXG4gICAgICBpbnN0YW5jZVR5cGU6IGluc3RhbmNlVHlwZSA/PyBJbnN0YW5jZVR5cGUub2YoSW5zdGFuY2VDbGFzcy5UM0EsIEluc3RhbmNlU2l6ZS5NSUNSTyksXG4gICAgICBtYWNoaW5lSW1hZ2U6IE1hY2hpbmVJbWFnZS5sb29rdXAoe1xuICAgICAgICBuYW1lOiAndHdpbmdhdGUvaW1hZ2VzL2h2bS1zc2QvdHdpbmdhdGUtYW1kNjQtKicsXG4gICAgICAgIHdpbmRvd3M6IGZhbHNlLFxuICAgICAgfSksXG4gICAgICB1c2VyRGF0YUNhdXNlc1JlcGxhY2VtZW50OiB0cnVlLFxuICAgICAgcmVxdWlyZUltZHN2MjogdHJ1ZSxcbiAgICAgIHNzbVNlc3Npb25QZXJtaXNzaW9uczogdHJ1ZSxcbiAgICB9KTtcblxuICAgIGJhc3Rpb24udXNlckRhdGEuYWRkQ29tbWFuZHMoLi4udXNlckRhdGEpO1xuXG4gICAgaWYgKHR3aW5nYXRlQ3JlZGVudGlhbHMuc2VjcmV0c01hbmFnZXIpIHtcbiAgICAgIHR3aW5nYXRlQ3JlZGVudGlhbHMuc2VjcmV0c01hbmFnZXIuc2VjcmV0LmdyYW50UmVhZChiYXN0aW9uKTtcbiAgICB9XG5cbiAgICB0aGlzLmJhc3Rpb24gPSBiYXN0aW9uO1xuXG4gIH1cblxuICBwcml2YXRlIGNvbXB1dGVDcmVkZW50aWFscyhjcmVkZW50aWFsczogVHdpbmdhdGVDcmVkZW50aWFscywgY3JlZGVudGlhbFR5cGU6IENyZWRlbnRpYWxUeXBlKSB7XG4gICAgaWYgKGNyZWRlbnRpYWxzLnVuc2FmZVN0cmluZ0tleXMpIHtcbiAgICAgIHJldHVybiBjcmVkZW50aWFsVHlwZSA9PSBDcmVkZW50aWFsVHlwZS5BY2Nlc3NUb2tlblxuICAgICAgICA/IGNyZWRlbnRpYWxzLnVuc2FmZVN0cmluZ0tleXMuYWNjZXNzVG9rZW5cbiAgICAgICAgOiBjcmVkZW50aWFscy51bnNhZmVTdHJpbmdLZXlzLnJlZnJlc2hUb2tlbjtcbiAgICB9IGVsc2UgaWYgKGNyZWRlbnRpYWxzLnNlY3JldHNNYW5hZ2VyKSB7XG4gICAgICBjb25zdCBzbSA9IGNyZWRlbnRpYWxzLnNlY3JldHNNYW5hZ2VyO1xuICAgICAgY29uc3QgbG9va3VwID0gY3JlZGVudGlhbFR5cGUgPT0gQ3JlZGVudGlhbFR5cGUuQWNjZXNzVG9rZW4gPyBzbS5hY2Nlc3NUb2tlbktleSA6IHNtLnJlZnJlc2hUb2tlbktleTtcbiAgICAgIHJldHVybiBgJChhd3Mgc2VjcmV0c21hbmFnZXIgZ2V0LXNlY3JldC12YWx1ZSAtLXJlZ2lvbiAke3NtLnNlY3JldC5lbnYucmVnaW9ufSAtLXNlY3JldC1pZCAke3NtLnNlY3JldC5zZWNyZXRBcm59IC0tcXVlcnkgU2VjcmV0U3RyaW5nIC0tb3V0cHV0IHRleHQgfCBqcSAnLlwiJHtsb29rdXB9XCInKWA7XG4gICAgfSBlbHNlIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcignTm8gVHdpbmdhdGUgY3JlZGVudGlhbHMgc2V0Jyk7XG4gICAgfVxuICB9XG59Il19