UNPKG

raindancers-network

Version:

Extensions to the ec2.Vpc Constructs

github.com/raindancers/raindancers-network.raindancers-cdk

raindancers/raindancers-network.raindancers-cdk

137 lines 20.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.CentralAccountAssnRole = exports.EnterpriseZone = void 0; const path = require("path"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const cdk = require("aws-cdk-lib"); const constructs = require("constructs"); const crossRegionParameters = require("../ssm/ssmParameterReader"); /** * create forwarding rules and associate them with a vpc. */ class EnterpriseZone extends constructs.Construct { constructor(scope, id, props) { super(scope, id); new cdk.CfnOutput(this, 'domain', { value: props.enterpriseDomainName }); // create a private zone. this.privateZone = new aws_cdk_lib_1.aws_route53.PrivateHostedZone(this, 'privatezone', { zoneName: props.enterpriseDomainName, vpc: props.localVpc, }); let vpcToAssociate = []; props.remoteVpc.forEach((remoteVpc) => { vpcToAssociate.push({ vpcId: remoteVpc.vpcId, vpcRegion: remoteVpc.vpcRegion, }); }); if (props.crossRegionVpc) { props.crossRegionVpc.forEach((crossRegionVpc, index) => { const crossRegionVpcID = new crossRegionParameters.CrossRegionParameterReader(this, `crossregionVpcID0${index}`, { region: crossRegionVpc.vpcRegion, parameterName: crossRegionVpc.vpcIdSSmParamter, }); // get the vpcId from SSM. vpcToAssociate.push({ vpcId: crossRegionVpcID.parameterValue(), vpcRegion: crossRegionVpc.vpcRegion, }); }); } ; vpcToAssociate.forEach((remoteVpc, index) => { // create an association authorisization tp a //aws route53 create-vpc-association-authorization --hosted-zone-id <hosted-zone-id> --vpc VPCRegion=<region>,VPCId=<vpc-id> --region us-east-1 const createAssn = new aws_cdk_lib_1.custom_resources.AwsCustomResource(this, `createR53Assn${index}`, { onCreate: { service: 'Route53', action: 'createVPCAssociationAuthorization', parameters: { HostedZoneId: this.privateZone.hostedZoneId, VPC: { VPCId: remoteVpc.vpcId, VPCRegion: remoteVpc.vpcRegion, }, }, physicalResourceId: aws_cdk_lib_1.custom_resources.PhysicalResourceId.of(props.enterpriseDomainName), }, onDelete: { service: 'Route53', action: 'deleteVPCAssociationAuthorization', parameters: { HostedZoneId: this.privateZone.hostedZoneId, VPC: { VPCId: remoteVpc.vpcId, VPCRegion: remoteVpc.vpcRegion, }, }, }, logRetention: aws_cdk_lib_1.aws_logs.RetentionDays.ONE_DAY, policy: aws_cdk_lib_1.custom_resources.AwsCustomResourcePolicy.fromSdkCalls({ resources: aws_cdk_lib_1.custom_resources.AwsCustomResourcePolicy.ANY_RESOURCE, }), }); const associateCentralVpcwithZone = new aws_cdk_lib_1.aws_lambda.Function(this, `${index}associateLambda`, { runtime: aws_cdk_lib_1.aws_lambda.Runtime.PYTHON_3_9, logRetention: aws_cdk_lib_1.aws_logs.RetentionDays.ONE_MONTH, handler: 'associateCentralVPC.on_event', code: aws_cdk_lib_1.aws_lambda.Code.fromAsset(path.join(__dirname, '../../lambda/dns')), timeout: cdk.Duration.seconds(899), }); // this lambda will assume a role in the central account, so it does not need any local permissions associateCentralVpcwithZone.addToRolePolicy(new aws_cdk_lib_1.aws_iam.PolicyStatement({ actions: ['sts:AssumeRole'], effect: aws_cdk_lib_1.aws_iam.Effect.ALLOW, resources: [props.centralAccount.roleArn], })); const associateVPCCustomResources = new cdk.CustomResource(this, `${index}associateVPCcustomResources`, { resourceType: 'Custom::AssociateInternalZone', properties: { ZoneId: this.privateZone.hostedZoneId, VPCId: remoteVpc.vpcId, VPCRegion: remoteVpc.vpcRegion, CentralAccountRole: props.centralAccount.roleArn, }, serviceToken: new aws_cdk_lib_1.custom_resources.Provider(this, `${index}associateProvider`, { onEventHandler: associateCentralVpcwithZone, }).serviceToken, }); associateVPCCustomResources.node.addDependency(createAssn); }); } } exports.EnterpriseZone = EnterpriseZone; class CentralAccountAssnRole extends constructs.Construct { constructor(scope, id, props) { super(scope, id); // no org has been supplied. Restrict the org to this account var assumedBy; if (!(props.orgId)) { assumedBy = new aws_cdk_lib_1.aws_iam.AccountPrincipal(cdk.Aws.ACCOUNT_ID); } else { assumedBy = new aws_cdk_lib_1.aws_iam.OrganizationPrincipal(props.orgId); } this.assnRole = new aws_cdk_lib_1.aws_iam.Role(this, 'r53assnrole', { assumedBy: assumedBy, description: 'Role is assumed by lambdas in accounts to associate their zone', roleName: (props.roleName ?? 'r53assnRole'), externalIds: ['R53Assn'], }); // add permissions this.assnRole.addToPolicy(new aws_cdk_lib_1.aws_iam.PolicyStatement({ effect: aws_cdk_lib_1.aws_iam.Effect.ALLOW, actions: [ 'route53:DisassociateVPCFromHostedZone', 'route53:AssociateVPCWithHostedZone', 'ec2:DescribeVpcs', ], resources: ['*'], })); new cdk.CfnOutput(this, 'R53RouteAssnRole', { value: this.assnRole.roleArn, }); } } exports.CentralAccountAssnRole = CentralAccountAssnRole; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW50ZXJwcmlzZVpvbmUgY29weS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9kbnMvZW50ZXJwcmlzZVpvbmUgY29weS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2QkFBNkI7QUFDN0IsNkNBT3FCO0FBRXJCLG1DQUFtQztBQUNuQyx5Q0FBeUM7QUFFekMsbUVBQW1FO0FBeUJuRTs7R0FFRztBQUNILE1BQWEsY0FBZSxTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBR3RELFlBQ0UsS0FBMkIsRUFDM0IsRUFBVSxFQUNWLEtBQTBCO1FBRTFCLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxHQUFHLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUUsRUFBRSxLQUFLLEVBQUUsS0FBSyxDQUFDLG9CQUFvQixFQUFFLENBQUMsQ0FBQztRQUV6RSx5QkFBeUI7UUFDekIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLHlCQUFHLENBQUMsaUJBQWlCLENBQUMsSUFBSSxFQUFFLGFBQWEsRUFBRTtZQUNoRSxRQUFRLEVBQUUsS0FBSyxDQUFDLG9CQUFvQjtZQUNwQyxHQUFHLEVBQUUsS0FBSyxDQUFDLFFBQVE7U0FDcEIsQ0FBQyxDQUFDO1FBRUgsSUFBSSxjQUFjLEdBQWdCLEVBQUUsQ0FBQztRQUNyQyxLQUFLLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDLFNBQVMsRUFBRSxFQUFFO1lBQ3BDLGNBQWMsQ0FBQyxJQUFJLENBQ2pCO2dCQUNFLEtBQUssRUFBRSxTQUFTLENBQUMsS0FBSztnQkFDdEIsU0FBUyxFQUFFLFNBQVMsQ0FBQyxTQUFTO2FBQy9CLENBQ0YsQ0FBQztRQUNKLENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxLQUFLLENBQUMsY0FBYyxFQUFFO1lBQ3hCLEtBQUssQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUMsY0FBYyxFQUFFLEtBQUssRUFBRSxFQUFFO2dCQUVyRCxNQUFNLGdCQUFnQixHQUFHLElBQUkscUJBQXFCLENBQUMsMEJBQTBCLENBQUMsSUFBSSxFQUFFLG9CQUFvQixLQUFLLEVBQUUsRUFBRTtvQkFDL0csTUFBTSxFQUFFLGNBQWMsQ0FBQyxTQUFTO29CQUNoQyxhQUFhLEVBQUUsY0FBYyxDQUFDLGdCQUFnQjtpQkFDL0MsQ0FBQyxDQUFDO2dCQUVILDBCQUEwQjtnQkFFMUIsY0FBYyxDQUFDLElBQUksQ0FDakI7b0JBQ0UsS0FBSyxFQUFFLGdCQUFnQixDQUFDLGNBQWMsRUFBRTtvQkFDeEMsU0FBUyxFQUFFLGNBQWMsQ0FBQyxTQUFTO2lCQUNwQyxDQUNGLENBQUM7WUFDSixDQUFDLENBQUMsQ0FBQztTQUNKO1FBQUEsQ0FBQztRQUdGLGNBQWMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxTQUFTLEVBQUUsS0FBSyxFQUFFLEVBQUU7WUFDMUMsNkNBQTZDO1lBQzdDLCtJQUErSTtZQUMvSSxNQUFNLFVBQVUsR0FBRyxJQUFJLDhCQUFFLENBQUMsaUJBQWlCLENBQ3pDLElBQUksRUFDSixnQkFBZ0IsS0FBSyxFQUFFLEVBQ3ZCO2dCQUNFLFFBQVEsRUFBRTtvQkFDUixPQUFPLEVBQUUsU0FBUztvQkFDbEIsTUFBTSxFQUFFLG1DQUFtQztvQkFDM0MsVUFBVSxFQUFFO3dCQUNWLFlBQVksRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLFlBQVk7d0JBQzNDLEdBQUcsRUFBRTs0QkFDSCxLQUFLLEVBQUUsU0FBUyxDQUFDLEtBQUs7NEJBQ3RCLFNBQVMsRUFBRSxTQUFTLENBQUMsU0FBUzt5QkFDL0I7cUJBQ0Y7b0JBQ0Qsa0JBQWtCLEVBQUUsOEJBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQzFDLEtBQUssQ0FBQyxvQkFBb0IsQ0FDM0I7aUJBQ0Y7Z0JBQ0QsUUFBUSxFQUFFO29CQUNSLE9BQU8sRUFBRSxTQUFTO29CQUNsQixNQUFNLEVBQUUsbUNBQW1DO29CQUMzQyxVQUFVLEVBQUU7d0JBQ1YsWUFBWSxFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsWUFBWTt3QkFDM0MsR0FBRyxFQUFFOzRCQUNILEtBQUssRUFBRSxTQUFTLENBQUMsS0FBSzs0QkFDdEIsU0FBUyxFQUFFLFNBQVMsQ0FBQyxTQUFTO3lCQUMvQjtxQkFDRjtpQkFDRjtnQkFDRCxZQUFZLEVBQUUsc0JBQUksQ0FBQyxhQUFhLENBQUMsT0FBTztnQkFDeEMsTUFBTSxFQUFFLDhCQUFFLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO29CQUM5QyxTQUFTLEVBQUUsOEJBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxZQUFZO2lCQUNuRCxDQUFDO2FBQ0gsQ0FDRixDQUFDO1lBRUYsTUFBTSwyQkFBMkIsR0FBRyxJQUFJLHdCQUFVLENBQUMsUUFBUSxDQUN6RCxJQUFJLEVBQ0osR0FBRyxLQUFLLGlCQUFpQixFQUN6QjtnQkFDRSxPQUFPLEVBQUUsd0JBQVUsQ0FBQyxPQUFPLENBQUMsVUFBVTtnQkFDdEMsWUFBWSxFQUFFLHNCQUFJLENBQUMsYUFBYSxDQUFDLFNBQVM7Z0JBQzFDLE9BQU8sRUFBRSw4QkFBOEI7Z0JBQ3ZDLElBQUksRUFBRSx3QkFBVSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztnQkFDekUsT0FBTyxFQUFFLEdBQUcsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQzthQUNuQyxDQUNGLENBQUM7WUFFRixtR0FBbUc7WUFDbkcsMkJBQTJCLENBQUMsZUFBZSxDQUN6QyxJQUFJLHFCQUFHLENBQUMsZUFBZSxDQUFDO2dCQUN0QixPQUFPLEVBQUUsQ0FBQyxnQkFBZ0IsQ0FBQztnQkFDM0IsTUFBTSxFQUFFLHFCQUFHLENBQUMsTUFBTSxDQUFDLEtBQUs7Z0JBQ3hCLFNBQVMsRUFBRSxDQUFDLEtBQUssQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDO2FBQzFDLENBQUMsQ0FDSCxDQUFDO1lBRUYsTUFBTSwyQkFBMkIsR0FBRyxJQUFJLEdBQUcsQ0FBQyxjQUFjLENBQ3hELElBQUksRUFDSixHQUFHLEtBQUssNkJBQTZCLEVBQ3JDO2dCQUNFLFlBQVksRUFBRSwrQkFBK0I7Z0JBQzdDLFVBQVUsRUFBRTtvQkFDVixNQUFNLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxZQUFZO29CQUNyQyxLQUFLLEVBQUUsU0FBUyxDQUFDLEtBQUs7b0JBQ3RCLFNBQVMsRUFBRSxTQUFTLENBQUMsU0FBUztvQkFDOUIsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGNBQWMsQ0FBQyxPQUFPO2lCQUNqRDtnQkFDRCxZQUFZLEVBQUUsSUFBSSw4QkFBRSxDQUFDLFFBQVEsQ0FBQyxJQUFJLEVBQUUsR0FBRyxLQUFLLG1CQUFtQixFQUFFO29CQUMvRCxjQUFjLEVBQUUsMkJBQTJCO2lCQUM1QyxDQUFDLENBQUMsWUFBWTthQUNoQixDQUNGLENBQUM7WUFFRiwyQkFBMkIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQzdELENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBaElELHdDQWdJQztBQVFELE1BQWEsc0JBQXVCLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFJOUQsWUFBWSxLQUEyQixFQUFFLEVBQVUsRUFBRSxLQUFrQztRQUN0RixLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWhCLDZEQUE2RDtRQUU3RCxJQUFJLFNBQXlCLENBQUM7UUFFOUIsSUFBSSxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxFQUFFO1lBQ2xCLFNBQVMsR0FBRyxJQUFJLHFCQUFHLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxVQUFVLENBQUMsQ0FBQztTQUMxRDthQUFNO1lBQ0wsU0FBUyxHQUFHLElBQUkscUJBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUM7U0FDeEQ7UUFFRCxJQUFJLENBQUMsUUFBUSxHQUFHLElBQUkscUJBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLGFBQWEsRUFBRTtZQUNoRCxTQUFTLEVBQUUsU0FBUztZQUNwQixXQUFXLEVBQUUsZ0VBQWdFO1lBQzdFLFFBQVEsRUFBRSxDQUFFLEtBQUssQ0FBQyxRQUFRLElBQUksYUFBYSxDQUFFO1lBQzdDLFdBQVcsRUFBRSxDQUFDLFNBQVMsQ0FBQztTQUN6QixDQUFDLENBQUM7UUFHSCxrQkFBa0I7UUFDbEIsSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQ3ZCLElBQUkscUJBQUcsQ0FBQyxlQUFlLENBQUM7WUFDdEIsTUFBTSxFQUFFLHFCQUFHLENBQUMsTUFBTSxDQUFDLEtBQUs7WUFDeEIsT0FBTyxFQUFFO2dCQUNQLHVDQUF1QztnQkFDdkMsb0NBQW9DO2dCQUNwQyxrQkFBa0I7YUFDbkI7WUFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7U0FDakIsQ0FBQyxDQUNILENBQUM7UUFFRixJQUFJLEdBQUcsQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFLGtCQUFrQixFQUFFO1lBQzFDLEtBQUssRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU87U0FDN0IsQ0FBQyxDQUFDO0lBRUwsQ0FBQztDQUVGO0FBNUNELHdEQTRDQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIHBhdGggZnJvbSAncGF0aCc7XG5pbXBvcnQge1xuICBhd3Nfcm91dGU1MyBhcyByNTMsXG4gIGF3c19lYzIgYXMgZWMyLFxuICBjdXN0b21fcmVzb3VyY2VzIGFzIGNyLFxuICBhd3NfbG9ncyBhcyBsb2dzLFxuICBhd3NfbGFtYmRhLFxuICBhd3NfaWFtIGFzIGlhbSxcbn0gZnJvbSAnYXdzLWNkay1saWInO1xuXG5pbXBvcnQgKiBhcyBjZGsgZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0ICogYXMgY29uc3RydWN0cyBmcm9tICdjb25zdHJ1Y3RzJztcblxuaW1wb3J0ICogYXMgY3Jvc3NSZWdpb25QYXJhbWV0ZXJzIGZyb20gJy4uL3NzbS9zc21QYXJhbWV0ZXJSZWFkZXInO1xuXG5leHBvcnQgaW50ZXJmYWNlIFJlbW90ZVZwYyB7XG4gIHJlYWRvbmx5IHZwY0lkOiBzdHJpbmc7XG4gIHJlYWRvbmx5IHZwY1JlZ2lvbjogc3RyaW5nO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIENyb3NzUmVnaW9uVnBjIHtcbiAgcmVhZG9ubHkgdnBjSWRTU21QYXJhbXRlcjogc3RyaW5nO1xuICByZWFkb25seSB2cGNSZWdpb246IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBDZW50cmFsQWNjb3VudCB7XG4gIHJlYWRvbmx5IGFjY291bnRJZDogc3RyaW5nO1xuICByZWFkb25seSByb2xlQXJuOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgRW50ZXJwcmlzZVpvbmVQcm9wcyB7XG4gIHJlYWRvbmx5IGVudGVycHJpc2VEb21haW5OYW1lOiBzdHJpbmc7XG4gIHJlYWRvbmx5IGxvY2FsVnBjOiBlYzIuVnBjO1xuICByZWFkb25seSByZW1vdGVWcGM6IFJlbW90ZVZwY1tdO1xuICByZWFkb25seSBjcm9zc1JlZ2lvblZwYz86IENyb3NzUmVnaW9uVnBjW107XG4gIHJlYWRvbmx5IGNlbnRyYWxBY2NvdW50OiBDZW50cmFsQWNjb3VudDtcbn1cblxuLyoqXG4gKiBjcmVhdGUgZm9yd2FyZGluZyBydWxlcyBhbmQgYXNzb2NpYXRlIHRoZW0gd2l0aCBhIHZwYy5cbiAqL1xuZXhwb3J0IGNsYXNzIEVudGVycHJpc2Vab25lIGV4dGVuZHMgY29uc3RydWN0cy5Db25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgcHJpdmF0ZVpvbmU6IHI1My5Qcml2YXRlSG9zdGVkWm9uZTtcblxuICBjb25zdHJ1Y3RvcihcbiAgICBzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsXG4gICAgaWQ6IHN0cmluZyxcbiAgICBwcm9wczogRW50ZXJwcmlzZVpvbmVQcm9wcyxcbiAgKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIG5ldyBjZGsuQ2ZuT3V0cHV0KHRoaXMsICdkb21haW4nLCB7IHZhbHVlOiBwcm9wcy5lbnRlcnByaXNlRG9tYWluTmFtZSB9KTtcblxuICAgIC8vIGNyZWF0ZSBhIHByaXZhdGUgem9uZS5cbiAgICB0aGlzLnByaXZhdGVab25lID0gbmV3IHI1My5Qcml2YXRlSG9zdGVkWm9uZSh0aGlzLCAncHJpdmF0ZXpvbmUnLCB7XG4gICAgICB6b25lTmFtZTogcHJvcHMuZW50ZXJwcmlzZURvbWFpbk5hbWUsXG4gICAgICB2cGM6IHByb3BzLmxvY2FsVnBjLFxuICAgIH0pO1xuXG4gICAgbGV0IHZwY1RvQXNzb2NpYXRlOiBSZW1vdGVWcGNbXSA9IFtdO1xuICAgIHByb3BzLnJlbW90ZVZwYy5mb3JFYWNoKChyZW1vdGVWcGMpID0+IHtcbiAgICAgIHZwY1RvQXNzb2NpYXRlLnB1c2goXG4gICAgICAgIHtcbiAgICAgICAgICB2cGNJZDogcmVtb3RlVnBjLnZwY0lkLFxuICAgICAgICAgIHZwY1JlZ2lvbjogcmVtb3RlVnBjLnZwY1JlZ2lvbixcbiAgICAgICAgfSxcbiAgICAgICk7XG4gICAgfSk7XG5cbiAgICBpZiAocHJvcHMuY3Jvc3NSZWdpb25WcGMpIHtcbiAgICAgIHByb3BzLmNyb3NzUmVnaW9uVnBjLmZvckVhY2goKGNyb3NzUmVnaW9uVnBjLCBpbmRleCkgPT4ge1xuXG4gICAgICAgIGNvbnN0IGNyb3NzUmVnaW9uVnBjSUQgPSBuZXcgY3Jvc3NSZWdpb25QYXJhbWV0ZXJzLkNyb3NzUmVnaW9uUGFyYW1ldGVyUmVhZGVyKHRoaXMsIGBjcm9zc3JlZ2lvblZwY0lEMCR7aW5kZXh9YCwge1xuICAgICAgICAgIHJlZ2lvbjogY3Jvc3NSZWdpb25WcGMudnBjUmVnaW9uLFxuICAgICAgICAgIHBhcmFtZXRlck5hbWU6IGNyb3NzUmVnaW9uVnBjLnZwY0lkU1NtUGFyYW10ZXIsXG4gICAgICAgIH0pO1xuXG4gICAgICAgIC8vIGdldCB0aGUgdnBjSWQgZnJvbSBTU00uXG5cbiAgICAgICAgdnBjVG9Bc3NvY2lhdGUucHVzaChcbiAgICAgICAgICB7XG4gICAgICAgICAgICB2cGNJZDogY3Jvc3NSZWdpb25WcGNJRC5wYXJhbWV0ZXJWYWx1ZSgpLFxuICAgICAgICAgICAgdnBjUmVnaW9uOiBjcm9zc1JlZ2lvblZwYy52cGNSZWdpb24sXG4gICAgICAgICAgfSxcbiAgICAgICAgKTtcbiAgICAgIH0pO1xuICAgIH07XG5cblxuICAgIHZwY1RvQXNzb2NpYXRlLmZvckVhY2goKHJlbW90ZVZwYywgaW5kZXgpID0+IHtcbiAgICAgIC8vIGNyZWF0ZSBhbiBhc3NvY2lhdGlvbiBhdXRob3Jpc2l6YXRpb24gdHAgYVxuICAgICAgLy9hd3Mgcm91dGU1MyBjcmVhdGUtdnBjLWFzc29jaWF0aW9uLWF1dGhvcml6YXRpb24gLS1ob3N0ZWQtem9uZS1pZCA8aG9zdGVkLXpvbmUtaWQ+IC0tdnBjIFZQQ1JlZ2lvbj08cmVnaW9uPixWUENJZD08dnBjLWlkPiAtLXJlZ2lvbiB1cy1lYXN0LTFcbiAgICAgIGNvbnN0IGNyZWF0ZUFzc24gPSBuZXcgY3IuQXdzQ3VzdG9tUmVzb3VyY2UoXG4gICAgICAgIHRoaXMsXG4gICAgICAgIGBjcmVhdGVSNTNBc3NuJHtpbmRleH1gLFxuICAgICAgICB7XG4gICAgICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgICAgIHNlcnZpY2U6ICdSb3V0ZTUzJyxcbiAgICAgICAgICAgIGFjdGlvbjogJ2NyZWF0ZVZQQ0Fzc29jaWF0aW9uQXV0aG9yaXphdGlvbicsXG4gICAgICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgICAgIEhvc3RlZFpvbmVJZDogdGhpcy5wcml2YXRlWm9uZS5ob3N0ZWRab25lSWQsXG4gICAgICAgICAgICAgIFZQQzoge1xuICAgICAgICAgICAgICAgIFZQQ0lkOiByZW1vdGVWcGMudnBjSWQsXG4gICAgICAgICAgICAgICAgVlBDUmVnaW9uOiByZW1vdGVWcGMudnBjUmVnaW9uLFxuICAgICAgICAgICAgICB9LFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogY3IuUGh5c2ljYWxSZXNvdXJjZUlkLm9mKFxuICAgICAgICAgICAgICBwcm9wcy5lbnRlcnByaXNlRG9tYWluTmFtZSxcbiAgICAgICAgICAgICksXG4gICAgICAgICAgfSxcbiAgICAgICAgICBvbkRlbGV0ZToge1xuICAgICAgICAgICAgc2VydmljZTogJ1JvdXRlNTMnLFxuICAgICAgICAgICAgYWN0aW9uOiAnZGVsZXRlVlBDQXNzb2NpYXRpb25BdXRob3JpemF0aW9uJyxcbiAgICAgICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICAgICAgSG9zdGVkWm9uZUlkOiB0aGlzLnByaXZhdGVab25lLmhvc3RlZFpvbmVJZCxcbiAgICAgICAgICAgICAgVlBDOiB7XG4gICAgICAgICAgICAgICAgVlBDSWQ6IHJlbW90ZVZwYy52cGNJZCxcbiAgICAgICAgICAgICAgICBWUENSZWdpb246IHJlbW90ZVZwYy52cGNSZWdpb24sXG4gICAgICAgICAgICAgIH0sXG4gICAgICAgICAgICB9LFxuICAgICAgICAgIH0sXG4gICAgICAgICAgbG9nUmV0ZW50aW9uOiBsb2dzLlJldGVudGlvbkRheXMuT05FX0RBWSxcbiAgICAgICAgICBwb2xpY3k6IGNyLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TZGtDYWxscyh7XG4gICAgICAgICAgICByZXNvdXJjZXM6IGNyLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LkFOWV9SRVNPVVJDRSxcbiAgICAgICAgICB9KSxcbiAgICAgICAgfSxcbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IGFzc29jaWF0ZUNlbnRyYWxWcGN3aXRoWm9uZSA9IG5ldyBhd3NfbGFtYmRhLkZ1bmN0aW9uKFxuICAgICAgICB0aGlzLFxuICAgICAgICBgJHtpbmRleH1hc3NvY2lhdGVMYW1iZGFgLFxuICAgICAgICB7XG4gICAgICAgICAgcnVudGltZTogYXdzX2xhbWJkYS5SdW50aW1lLlBZVEhPTl8zXzksXG4gICAgICAgICAgbG9nUmV0ZW50aW9uOiBsb2dzLlJldGVudGlvbkRheXMuT05FX01PTlRILFxuICAgICAgICAgIGhhbmRsZXI6ICdhc3NvY2lhdGVDZW50cmFsVlBDLm9uX2V2ZW50JyxcbiAgICAgICAgICBjb2RlOiBhd3NfbGFtYmRhLkNvZGUuZnJvbUFzc2V0KHBhdGguam9pbihfX2Rpcm5hbWUsICcuLi8uLi9sYW1iZGEvZG5zJykpLFxuICAgICAgICAgIHRpbWVvdXQ6IGNkay5EdXJhdGlvbi5zZWNvbmRzKDg5OSksXG4gICAgICAgIH0sXG4gICAgICApO1xuXG4gICAgICAvLyB0aGlzIGxhbWJkYSB3aWxsIGFzc3VtZSBhIHJvbGUgaW4gdGhlIGNlbnRyYWwgYWNjb3VudCwgc28gaXQgZG9lcyBub3QgbmVlZCBhbnkgbG9jYWwgcGVybWlzc2lvbnNcbiAgICAgIGFzc29jaWF0ZUNlbnRyYWxWcGN3aXRoWm9uZS5hZGRUb1JvbGVQb2xpY3koXG4gICAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbJ3N0czpBc3N1bWVSb2xlJ10sXG4gICAgICAgICAgZWZmZWN0OiBpYW0uRWZmZWN0LkFMTE9XLFxuICAgICAgICAgIHJlc291cmNlczogW3Byb3BzLmNlbnRyYWxBY2NvdW50LnJvbGVBcm5dLFxuICAgICAgICB9KSxcbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IGFzc29jaWF0ZVZQQ0N1c3RvbVJlc291cmNlcyA9IG5ldyBjZGsuQ3VzdG9tUmVzb3VyY2UoXG4gICAgICAgIHRoaXMsXG4gICAgICAgIGAke2luZGV4fWFzc29jaWF0ZVZQQ2N1c3RvbVJlc291cmNlc2AsXG4gICAgICAgIHtcbiAgICAgICAgICByZXNvdXJjZVR5cGU6ICdDdXN0b206OkFzc29jaWF0ZUludGVybmFsWm9uZScsXG4gICAgICAgICAgcHJvcGVydGllczoge1xuICAgICAgICAgICAgWm9uZUlkOiB0aGlzLnByaXZhdGVab25lLmhvc3RlZFpvbmVJZCwgLy8gdGhpcyBpcyB0aGUgem9uZVxuICAgICAgICAgICAgVlBDSWQ6IHJlbW90ZVZwYy52cGNJZCxcbiAgICAgICAgICAgIFZQQ1JlZ2lvbjogcmVtb3RlVnBjLnZwY1JlZ2lvbixcbiAgICAgICAgICAgIENlbnRyYWxBY2NvdW50Um9sZTogcHJvcHMuY2VudHJhbEFjY291bnQucm9sZUFybixcbiAgICAgICAgICB9LFxuICAgICAgICAgIHNlcnZpY2VUb2tlbjogbmV3IGNyLlByb3ZpZGVyKHRoaXMsIGAke2luZGV4fWFzc29jaWF0ZVByb3ZpZGVyYCwge1xuICAgICAgICAgICAgb25FdmVudEhhbmRsZXI6IGFzc29jaWF0ZUNlbnRyYWxWcGN3aXRoWm9uZSxcbiAgICAgICAgICB9KS5zZXJ2aWNlVG9rZW4sXG4gICAgICAgIH0sXG4gICAgICApO1xuXG4gICAgICBhc3NvY2lhdGVWUENDdXN0b21SZXNvdXJjZXMubm9kZS5hZGREZXBlbmRlbmN5KGNyZWF0ZUFzc24pO1xuICAgIH0pO1xuICB9XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2VudHJhbEFjY291bnRBc3NuUm9sZVByb3BzIHtcbiAgcmVhZG9ubHkgdnBjOiBlYzIuVnBjO1xuICByZWFkb25seSBvcmdJZDogc3RyaW5nO1xuICByZWFkb25seSByb2xlTmFtZT86IHN0cmluZyB8IHVuZGVmaW5lZDtcbn1cblxuZXhwb3J0IGNsYXNzIENlbnRyYWxBY2NvdW50QXNzblJvbGUgZXh0ZW5kcyBjb25zdHJ1Y3RzLkNvbnN0cnVjdCB7XG5cbiAgcHVibGljIHJlYWRvbmx5IGFzc25Sb2xlOiBpYW0uUm9sZTtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBDZW50cmFsQWNjb3VudEFzc25Sb2xlUHJvcHMpIHtcblx0ICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgLy8gbm8gb3JnIGhhcyBiZWVuIHN1cHBsaWVkLiBSZXN0cmljdCB0aGUgb3JnIHRvIHRoaXMgYWNjb3VudFxuXG4gICAgdmFyIGFzc3VtZWRCeTogaWFtLklQcmluY2lwYWw7XG5cbiAgICBpZiAoIShwcm9wcy5vcmdJZCkpIHtcbiAgICAgIGFzc3VtZWRCeSA9IG5ldyBpYW0uQWNjb3VudFByaW5jaXBhbChjZGsuQXdzLkFDQ09VTlRfSUQpO1xuICAgIH0gZWxzZSB7XG4gICAgICBhc3N1bWVkQnkgPSBuZXcgaWFtLk9yZ2FuaXphdGlvblByaW5jaXBhbChwcm9wcy5vcmdJZCk7XG4gICAgfVxuXG4gICAgdGhpcy5hc3NuUm9sZSA9IG5ldyBpYW0uUm9sZSh0aGlzLCAncjUzYXNzbnJvbGUnLCB7XG4gICAgICBhc3N1bWVkQnk6IGFzc3VtZWRCeSxcbiAgICAgIGRlc2NyaXB0aW9uOiAnUm9sZSBpcyBhc3N1bWVkIGJ5IGxhbWJkYXMgaW4gYWNjb3VudHMgdG8gYXNzb2NpYXRlIHRoZWlyIHpvbmUnLFxuICAgICAgcm9sZU5hbWU6ICggcHJvcHMucm9sZU5hbWUgPz8gJ3I1M2Fzc25Sb2xlJyApLFxuICAgICAgZXh0ZXJuYWxJZHM6IFsnUjUzQXNzbiddLFxuICAgIH0pO1xuXG5cbiAgICAvLyBhZGQgcGVybWlzc2lvbnNcbiAgICB0aGlzLmFzc25Sb2xlLmFkZFRvUG9saWN5KFxuICAgICAgbmV3IGlhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICBlZmZlY3Q6IGlhbS5FZmZlY3QuQUxMT1csXG4gICAgICAgIGFjdGlvbnM6IFtcbiAgICAgICAgICAncm91dGU1MzpEaXNhc3NvY2lhdGVWUENGcm9tSG9zdGVkWm9uZScsXG4gICAgICAgICAgJ3JvdXRlNTM6QXNzb2NpYXRlVlBDV2l0aEhvc3RlZFpvbmUnLFxuICAgICAgICAgICdlYzI6RGVzY3JpYmVWcGNzJyxcbiAgICAgICAgXSxcbiAgICAgICAgcmVzb3VyY2VzOiBbJyonXSxcbiAgICAgIH0pLFxuICAgICk7XG5cbiAgICBuZXcgY2RrLkNmbk91dHB1dCh0aGlzLCAnUjUzUm91dGVBc3NuUm9sZScsIHtcbiAgICAgIHZhbHVlOiB0aGlzLmFzc25Sb2xlLnJvbGVBcm4sXG4gICAgfSk7XG5cbiAgfVxuXG59XG4iXX0=