@cdklabs/cdk-hyperledger-fabric-network 0.0.20

package/lib/identity.js

@@ -0,0 +1,107 @@
+"use strict";
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: MIT-0
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HyperledgerFabricIdentity = void 0;
+const path = require("path");
+const cdk = require("aws-cdk-lib");
+const ec2 = require("aws-cdk-lib/aws-ec2");
+const iam = require("aws-cdk-lib/aws-iam");
+const lambda = require("aws-cdk-lib/aws-lambda");
+const logs = require("aws-cdk-lib/aws-logs");
+const customresources = require("aws-cdk-lib/custom-resources");
+const constructs = require("constructs");
+const utilities = require("./utilities");
+/**
+ * Creates custom resources to enroll admin and register user
+ * identities with the CA using the fabric-ca-client SDK.
+ * Admin identity is enrolled by default. User identities are
+ * registered and enrolled, if provided.
+ */
+class HyperledgerFabricIdentity extends constructs.Construct {
+    constructor(scope, id) {
+        super(scope, id);
+        // Collect metadata on the stack
+        const partition = cdk.Stack.of(this).partition;
+        const region = cdk.Stack.of(this).region;
+        // Retrieve the S3 Bucket and key that contains the TLS cert file
+        const tlsBucketData = utilities.getTlsBucket(region);
+        const adminPasswordArn = scope.adminPasswordSecret.secretArn;
+        const adminPrivateKeyArn = scope.adminPrivateKeySecret.secretArn;
+        const adminSignedCertArn = scope.adminSignedCertSecret.secretArn;
+        const caEndpoint = scope.caEndpoint;
+        const client = scope.client;
+        const memberName = scope.memberName;
+        // Role for the custom resource lambda functions
+        const customResourceRole = new iam.Role(this, 'CustomResourceRole', { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com') });
+        // Policies for the custom resource lambda to enroll and register users
+        customResourceRole.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole'));
+        customResourceRole.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaVPCAccessExecutionRole'));
+        customResourceRole.addToPolicy(new iam.PolicyStatement({
+            actions: ['s3:GetObject', 'secretsmanager:CreateSecret', 'secretsmanager:GetSecretValue', 'secretsmanager:PutSecretValue'],
+            resources: [
+                `arn:${partition}:s3:::${tlsBucketData.bucketName}/*`,
+                adminPasswordArn,
+                adminPrivateKeyArn,
+                adminSignedCertArn,
+            ],
+        }));
+        // Lambda function to enroll the admin and import credentials to secrets manager
+        const adminFunction = new lambda.Function(this, 'AdminFunction', {
+            runtime: lambda.Runtime.NODEJS_14_X,
+            handler: 'enroll-admin.handler',
+            code: lambda.Code.fromAsset(path.join(__dirname, '../lambdas/fabric')),
+            environment: {
+                ADMIN_PASSWORD_ARN: adminPasswordArn,
+                CA_ENDPOINT: caEndpoint,
+                PRIVATE_KEY_ARN: adminPrivateKeyArn,
+                SIGNED_CERT_ARN: adminSignedCertArn,
+                TLS_CERT_BUCKET: tlsBucketData.bucketName,
+                TLS_CERT_KEY: tlsBucketData.key,
+            },
+            role: customResourceRole,
+            vpc: client.vpc,
+            vpcSubnets: client.vpc.selectSubnets(),
+            timeout: cdk.Duration.minutes(1),
+        });
+        // Port range to access the Network
+        const ledgerPortRange = ec2.Port.tcpRange(utilities.STARTING_PORT, utilities.ENDING_PORT);
+        // Add access to the lambda for the Network ports
+        client.vpcEndpoint.connections.allowFrom(adminFunction, ledgerPortRange);
+        // Custom Resource provider
+        this.adminProvider = new customresources.Provider(this, 'AdminProvider', {
+            onEventHandler: adminFunction,
+            logRetention: logs.RetentionDays.ONE_DAY,
+        });
+        // Lambda function to register and enroll users and
+        // import credentials to secrets manager
+        const userFunction = new lambda.Function(scope, 'UserFunction', {
+            runtime: lambda.Runtime.NODEJS_14_X,
+            handler: 'register-user.handler',
+            code: lambda.Code.fromAsset(path.join(__dirname, '../lambdas/fabric')),
+            environment: {
+                CA_ENDPOINT: caEndpoint,
+                MEMBER_NAME: memberName,
+                PRIVATE_KEY_ARN: adminPrivateKeyArn,
+                SIGNED_CERT_ARN: adminSignedCertArn,
+                TLS_CERT_BUCKET: tlsBucketData.bucketName,
+                TLS_CERT_KEY: tlsBucketData.key,
+            },
+            role: customResourceRole,
+            vpc: client.vpc,
+            vpcSubnets: client.vpc.selectSubnets(),
+            timeout: cdk.Duration.minutes(1),
+        });
+        // Add access to the lambda for the Network ports
+        scope.client.vpcEndpoint.connections.allowFrom(userFunction, ledgerPortRange);
+        // Custom Resource provider
+        HyperledgerFabricIdentity.userProvider = new customresources.Provider(scope, 'UserProvider', {
+            onEventHandler: userFunction,
+            logRetention: logs.RetentionDays.ONE_DAY,
+        });
+        // Populate the custom role static variable
+        HyperledgerFabricIdentity.customRole = customResourceRole;
+    }
+}
+exports.HyperledgerFabricIdentity = HyperledgerFabricIdentity;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRlbnRpdHkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaWRlbnRpdHkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHFFQUFxRTtBQUNyRSxpQ0FBaUM7OztBQUVqQyw2QkFBNkI7QUFDN0IsbUNBQW1DO0FBQ25DLDJDQUEyQztBQUMzQywyQ0FBMkM7QUFDM0MsaURBQWlEO0FBQ2pELDZDQUE2QztBQUM3QyxnRUFBZ0U7QUFDaEUseUNBQXlDO0FBR3pDLHlDQUF5QztBQUV6Qzs7Ozs7R0FLRztBQUNILE1BQWEseUJBQTBCLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFrQmpFLFlBQVksS0FBdUMsRUFBRSxFQUFVO1FBQzdELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsZ0NBQWdDO1FBQ2hDLE1BQU0sU0FBUyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLFNBQVMsQ0FBQztRQUMvQyxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxNQUFNLENBQUM7UUFFekMsaUVBQWlFO1FBQ2pFLE1BQU0sYUFBYSxHQUFHLFNBQVMsQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFckQsTUFBTSxnQkFBZ0IsR0FBRyxLQUFLLENBQUMsbUJBQW1CLENBQUMsU0FBUyxDQUFDO1FBQzdELE1BQU0sa0JBQWtCLEdBQUcsS0FBSyxDQUFDLHFCQUFxQixDQUFDLFNBQVMsQ0FBQztRQUNqRSxNQUFNLGtCQUFrQixHQUFHLEtBQUssQ0FBQyxxQkFBcUIsQ0FBQyxTQUFTLENBQUM7UUFDakUsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLFVBQVUsQ0FBQztRQUNwQyxNQUFNLE1BQU0sR0FBRyxLQUFLLENBQUMsTUFBTSxDQUFDO1FBQzVCLE1BQU0sVUFBVSxHQUFHLEtBQUssQ0FBQyxVQUFVLENBQUM7UUFFcEMsZ0RBQWdEO1FBQ2hELE1BQU0sa0JBQWtCLEdBQUcsSUFBSSxHQUFHLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxvQkFBb0IsRUFBRSxFQUFFLFNBQVMsRUFBRSxJQUFJLEdBQUcsQ0FBQyxnQkFBZ0IsQ0FBQyxzQkFBc0IsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUVySSx1RUFBdUU7UUFDdkUsa0JBQWtCLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQywwQ0FBMEMsQ0FBQyxDQUFDLENBQUM7UUFDNUgsa0JBQWtCLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDLENBQUM7UUFDaEksa0JBQWtCLENBQUMsV0FBVyxDQUFFLElBQUksR0FBRyxDQUFDLGVBQWUsQ0FBQztZQUN0RCxPQUFPLEVBQUUsQ0FBQyxjQUFjLEVBQUUsNkJBQTZCLEVBQUUsK0JBQStCLEVBQUUsK0JBQStCLENBQUM7WUFDMUgsU0FBUyxFQUFFO2dCQUNULE9BQU8sU0FBUyxTQUFTLGFBQWEsQ0FBQyxVQUFVLElBQUk7Z0JBQ3JELGdCQUFnQjtnQkFDaEIsa0JBQWtCO2dCQUNsQixrQkFBa0I7YUFDbkI7U0FDRixDQUFDLENBQUMsQ0FBQztRQUVKLGdGQUFnRjtRQUNoRixNQUFNLGFBQWEsR0FBRyxJQUFJLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLGVBQWUsRUFBRTtZQUMvRCxPQUFPLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyxXQUFXO1lBQ25DLE9BQU8sRUFBRSxzQkFBc0I7WUFDL0IsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFFLG1CQUFtQixDQUFDLENBQUM7WUFDdEUsV0FBVyxFQUFFO2dCQUNYLGtCQUFrQixFQUFFLGdCQUFnQjtnQkFDcEMsV0FBVyxFQUFFLFVBQVU7Z0JBQ3ZCLGVBQWUsRUFBRSxrQkFBa0I7Z0JBQ25DLGVBQWUsRUFBRSxrQkFBa0I7Z0JBQ25DLGVBQWUsRUFBRSxhQUFhLENBQUMsVUFBVTtnQkFDekMsWUFBWSxFQUFFLGFBQWEsQ0FBQyxHQUFHO2FBQ2hDO1lBQ0QsSUFBSSxFQUFFLGtCQUFrQjtZQUN4QixHQUFHLEVBQUUsTUFBTSxDQUFDLEdBQUc7WUFDZixVQUFVLEVBQUUsTUFBTSxDQUFDLEdBQUcsQ0FBQyxhQUFhLEVBQUU7WUFDdEMsT0FBTyxFQUFFLEdBQUcsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztTQUNqQyxDQUFDLENBQUM7UUFFSCxtQ0FBbUM7UUFDbkMsTUFBTSxlQUFlLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLGFBQWEsRUFBRSxTQUFTLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFMUYsaURBQWlEO1FBQ2pELE1BQU0sQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQyxhQUFhLEVBQUUsZUFBZSxDQUFDLENBQUM7UUFFekUsMkJBQTJCO1FBQzNCLElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSxlQUFlLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxlQUFlLEVBQUU7WUFDdkUsY0FBYyxFQUFFLGFBQWE7WUFDN0IsWUFBWSxFQUFFLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTztTQUN6QyxDQUFDLENBQUM7UUFFSCxtREFBbUQ7UUFDbkQsd0NBQXdDO1FBQ3hDLE1BQU0sWUFBWSxHQUFHLElBQUksTUFBTSxDQUFDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsY0FBYyxFQUFFO1lBQzlELE9BQU8sRUFBRSxNQUFNLENBQUMsT0FBTyxDQUFDLFdBQVc7WUFDbkMsT0FBTyxFQUFFLHVCQUF1QjtZQUNoQyxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsbUJBQW1CLENBQUMsQ0FBQztZQUN0RSxXQUFXLEVBQUU7Z0JBQ1gsV0FBVyxFQUFFLFVBQVU7Z0JBQ3ZCLFdBQVcsRUFBRSxVQUFVO2dCQUN2QixlQUFlLEVBQUUsa0JBQWtCO2dCQUNuQyxlQUFlLEVBQUUsa0JBQWtCO2dCQUNuQyxlQUFlLEVBQUUsYUFBYSxDQUFDLFVBQVU7Z0JBQ3pDLFlBQVksRUFBRSxhQUFhLENBQUMsR0FBRzthQUNoQztZQUNELElBQUksRUFBRSxrQkFBa0I7WUFDeEIsR0FBRyxFQUFFLE1BQU0sQ0FBQyxHQUFHO1lBQ2YsVUFBVSxFQUFFLE1BQU0sQ0FBQyxHQUFHLENBQUMsYUFBYSxFQUFFO1lBQ3RDLE9BQU8sRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7U0FDakMsQ0FBQyxDQUFDO1FBRUgsaURBQWlEO1FBQ2pELEtBQUssQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxTQUFTLENBQUMsWUFBWSxFQUFFLGVBQWUsQ0FBQyxDQUFDO1FBRTlFLDJCQUEyQjtRQUMzQix5QkFBeUIsQ0FBQyxZQUFZLEdBQUcsSUFBSSxlQUFlLENBQUMsUUFBUSxDQUFDLEtBQUssRUFBRSxjQUFjLEVBQUU7WUFDM0YsY0FBYyxFQUFFLFlBQVk7WUFDNUIsWUFBWSxFQUFFLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTztTQUN6QyxDQUFDLENBQUM7UUFFSCwyQ0FBMkM7UUFDM0MseUJBQXlCLENBQUMsVUFBVSxHQUFHLGtCQUFrQixDQUFDO0lBRTVELENBQUM7Q0FFRjtBQXBIRCw4REFvSEMiLCJzb3VyY2VzQ29udGVudCI6WyIvLyBDb3B5cmlnaHQgQW1hem9uLmNvbSwgSW5jLiBvciBpdHMgYWZmaWxpYXRlcy4gQWxsIFJpZ2h0cyBSZXNlcnZlZC5cbi8vIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBNSVQtMFxuXG5pbXBvcnQgKiBhcyBwYXRoIGZyb20gJ3BhdGgnO1xuaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIGVjMiBmcm9tICdhd3MtY2RrLWxpYi9hd3MtZWMyJztcbmltcG9ydCAqIGFzIGlhbSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtaWFtJztcbmltcG9ydCAqIGFzIGxhbWJkYSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtbGFtYmRhJztcbmltcG9ydCAqIGFzIGxvZ3MgZnJvbSAnYXdzLWNkay1saWIvYXdzLWxvZ3MnO1xuaW1wb3J0ICogYXMgY3VzdG9tcmVzb3VyY2VzIGZyb20gJ2F3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXMnO1xuaW1wb3J0ICogYXMgY29uc3RydWN0cyBmcm9tICdjb25zdHJ1Y3RzJztcblxuaW1wb3J0ICogYXMgbmV0d29yayBmcm9tICcuL25ldHdvcmsnO1xuaW1wb3J0ICogYXMgdXRpbGl0aWVzIGZyb20gJy4vdXRpbGl0aWVzJztcblxuLyoqXG4gKiBDcmVhdGVzIGN1c3RvbSByZXNvdXJjZXMgdG8gZW5yb2xsIGFkbWluIGFuZCByZWdpc3RlciB1c2VyXG4gKiBpZGVudGl0aWVzIHdpdGggdGhlIENBIHVzaW5nIHRoZSBmYWJyaWMtY2EtY2xpZW50IFNESy5cbiAqIEFkbWluIGlkZW50aXR5IGlzIGVucm9sbGVkIGJ5IGRlZmF1bHQuIFVzZXIgaWRlbnRpdGllcyBhcmVcbiAqIHJlZ2lzdGVyZWQgYW5kIGVucm9sbGVkLCBpZiBwcm92aWRlZC5cbiAqL1xuZXhwb3J0IGNsYXNzIEh5cGVybGVkZ2VyRmFicmljSWRlbnRpdHkgZXh0ZW5kcyBjb25zdHJ1Y3RzLkNvbnN0cnVjdCB7XG5cbiAgLyoqXG4gICAqIFJvbGUgZm9yIGN1c3RvbSByZXNvdXJjZSBsYW1iZGEgdG8gYXNzdW1lXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIGN1c3RvbVJvbGU6IGlhbS5Sb2xlO1xuXG4gIC8qKlxuICAgKiBDdXN0b20gcHJvdmlkZXIgdG8gcmVnaXN0ZXIgdXNlciBpZGVudGl0eVxuICAgKi9cbiAgcHVibGljIHN0YXRpYyB1c2VyUHJvdmlkZXI6IGN1c3RvbXJlc291cmNlcy5Qcm92aWRlcjtcblxuICAvKipcbiAgICogQ3VzdG9tIHByb3ZpZGVyIHRvIGVucm9sbCBhZG1pbiBpZGVudGl0eVxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGFkbWluUHJvdmlkZXI6IGN1c3RvbXJlc291cmNlcy5Qcm92aWRlcjtcblxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBuZXR3b3JrLkh5cGVybGVkZ2VyRmFicmljTmV0d29yaywgaWQ6IHN0cmluZykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICAvLyBDb2xsZWN0IG1ldGFkYXRhIG9uIHRoZSBzdGFja1xuICAgIGNvbnN0IHBhcnRpdGlvbiA9IGNkay5TdGFjay5vZih0aGlzKS5wYXJ0aXRpb247XG4gICAgY29uc3QgcmVnaW9uID0gY2RrLlN0YWNrLm9mKHRoaXMpLnJlZ2lvbjtcblxuICAgIC8vIFJldHJpZXZlIHRoZSBTMyBCdWNrZXQgYW5kIGtleSB0aGF0IGNvbnRhaW5zIHRoZSBUTFMgY2VydCBmaWxlXG4gICAgY29uc3QgdGxzQnVja2V0RGF0YSA9IHV0aWxpdGllcy5nZXRUbHNCdWNrZXQocmVnaW9uKTtcblxuICAgIGNvbnN0IGFkbWluUGFzc3dvcmRBcm4gPSBzY29wZS5hZG1pblBhc3N3b3JkU2VjcmV0LnNlY3JldEFybjtcbiAgICBjb25zdCBhZG1pblByaXZhdGVLZXlBcm4gPSBzY29wZS5hZG1pblByaXZhdGVLZXlTZWNyZXQuc2VjcmV0QXJuO1xuICAgIGNvbnN0IGFkbWluU2lnbmVkQ2VydEFybiA9IHNjb3BlLmFkbWluU2lnbmVkQ2VydFNlY3JldC5zZWNyZXRBcm47XG4gICAgY29uc3QgY2FFbmRwb2ludCA9IHNjb3BlLmNhRW5kcG9pbnQ7XG4gICAgY29uc3QgY2xpZW50ID0gc2NvcGUuY2xpZW50O1xuICAgIGNvbnN0IG1lbWJlck5hbWUgPSBzY29wZS5tZW1iZXJOYW1lO1xuXG4gICAgLy8gUm9sZSBmb3IgdGhlIGN1c3RvbSByZXNvdXJjZSBsYW1iZGEgZnVuY3Rpb25zXG4gICAgY29uc3QgY3VzdG9tUmVzb3VyY2VSb2xlID0gbmV3IGlhbS5Sb2xlKHRoaXMsICdDdXN0b21SZXNvdXJjZVJvbGUnLCB7IGFzc3VtZWRCeTogbmV3IGlhbS5TZXJ2aWNlUHJpbmNpcGFsKCdsYW1iZGEuYW1hem9uYXdzLmNvbScpIH0pO1xuXG4gICAgLy8gUG9saWNpZXMgZm9yIHRoZSBjdXN0b20gcmVzb3VyY2UgbGFtYmRhIHRvIGVucm9sbCBhbmQgcmVnaXN0ZXIgdXNlcnNcbiAgICBjdXN0b21SZXNvdXJjZVJvbGUuYWRkTWFuYWdlZFBvbGljeShpYW0uTWFuYWdlZFBvbGljeS5mcm9tQXdzTWFuYWdlZFBvbGljeU5hbWUoJ3NlcnZpY2Utcm9sZS9BV1NMYW1iZGFCYXNpY0V4ZWN1dGlvblJvbGUnKSk7XG4gICAgY3VzdG9tUmVzb3VyY2VSb2xlLmFkZE1hbmFnZWRQb2xpY3koaWFtLk1hbmFnZWRQb2xpY3kuZnJvbUF3c01hbmFnZWRQb2xpY3lOYW1lKCdzZXJ2aWNlLXJvbGUvQVdTTGFtYmRhVlBDQWNjZXNzRXhlY3V0aW9uUm9sZScpKTtcbiAgICBjdXN0b21SZXNvdXJjZVJvbGUuYWRkVG9Qb2xpY3koIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgIGFjdGlvbnM6IFsnczM6R2V0T2JqZWN0JywgJ3NlY3JldHNtYW5hZ2VyOkNyZWF0ZVNlY3JldCcsICdzZWNyZXRzbWFuYWdlcjpHZXRTZWNyZXRWYWx1ZScsICdzZWNyZXRzbWFuYWdlcjpQdXRTZWNyZXRWYWx1ZSddLFxuICAgICAgcmVzb3VyY2VzOiBbXG4gICAgICAgIGBhcm46JHtwYXJ0aXRpb259OnMzOjo6JHt0bHNCdWNrZXREYXRhLmJ1Y2tldE5hbWV9LypgLFxuICAgICAgICBhZG1pblBhc3N3b3JkQXJuLFxuICAgICAgICBhZG1pblByaXZhdGVLZXlBcm4sXG4gICAgICAgIGFkbWluU2lnbmVkQ2VydEFybixcbiAgICAgIF0sXG4gICAgfSkpO1xuXG4gICAgLy8gTGFtYmRhIGZ1bmN0aW9uIHRvIGVucm9sbCB0aGUgYWRtaW4gYW5kIGltcG9ydCBjcmVkZW50aWFscyB0byBzZWNyZXRzIG1hbmFnZXJcbiAgICBjb25zdCBhZG1pbkZ1bmN0aW9uID0gbmV3IGxhbWJkYS5GdW5jdGlvbih0aGlzLCAnQWRtaW5GdW5jdGlvbicsIHtcbiAgICAgIHJ1bnRpbWU6IGxhbWJkYS5SdW50aW1lLk5PREVKU18xNF9YLFxuICAgICAgaGFuZGxlcjogJ2Vucm9sbC1hZG1pbi5oYW5kbGVyJyxcbiAgICAgIGNvZGU6IGxhbWJkYS5Db2RlLmZyb21Bc3NldChwYXRoLmpvaW4oX19kaXJuYW1lLCAnLi4vbGFtYmRhcy9mYWJyaWMnKSksXG4gICAgICBlbnZpcm9ubWVudDoge1xuICAgICAgICBBRE1JTl9QQVNTV09SRF9BUk46IGFkbWluUGFzc3dvcmRBcm4sXG4gICAgICAgIENBX0VORFBPSU5UOiBjYUVuZHBvaW50LFxuICAgICAgICBQUklWQVRFX0tFWV9BUk46IGFkbWluUHJpdmF0ZUtleUFybixcbiAgICAgICAgU0lHTkVEX0NFUlRfQVJOOiBhZG1pblNpZ25lZENlcnRBcm4sXG4gICAgICAgIFRMU19DRVJUX0JVQ0tFVDogdGxzQnVja2V0RGF0YS5idWNrZXROYW1lLFxuICAgICAgICBUTFNfQ0VSVF9LRVk6IHRsc0J1Y2tldERhdGEua2V5LFxuICAgICAgfSxcbiAgICAgIHJvbGU6IGN1c3RvbVJlc291cmNlUm9sZSxcbiAgICAgIHZwYzogY2xpZW50LnZwYyxcbiAgICAgIHZwY1N1Ym5ldHM6IGNsaWVudC52cGMuc2VsZWN0U3VibmV0cygpLFxuICAgICAgdGltZW91dDogY2RrLkR1cmF0aW9uLm1pbnV0ZXMoMSksXG4gICAgfSk7XG5cbiAgICAvLyBQb3J0IHJhbmdlIHRvIGFjY2VzcyB0aGUgTmV0d29ya1xuICAgIGNvbnN0IGxlZGdlclBvcnRSYW5nZSA9IGVjMi5Qb3J0LnRjcFJhbmdlKHV0aWxpdGllcy5TVEFSVElOR19QT1JULCB1dGlsaXRpZXMuRU5ESU5HX1BPUlQpO1xuXG4gICAgLy8gQWRkIGFjY2VzcyB0byB0aGUgbGFtYmRhIGZvciB0aGUgTmV0d29yayBwb3J0c1xuICAgIGNsaWVudC52cGNFbmRwb2ludC5jb25uZWN0aW9ucy5hbGxvd0Zyb20oYWRtaW5GdW5jdGlvbiwgbGVkZ2VyUG9ydFJhbmdlKTtcblxuICAgIC8vIEN1c3RvbSBSZXNvdXJjZSBwcm92aWRlclxuICAgIHRoaXMuYWRtaW5Qcm92aWRlciA9IG5ldyBjdXN0b21yZXNvdXJjZXMuUHJvdmlkZXIodGhpcywgJ0FkbWluUHJvdmlkZXInLCB7XG4gICAgICBvbkV2ZW50SGFuZGxlcjogYWRtaW5GdW5jdGlvbixcbiAgICAgIGxvZ1JldGVudGlvbjogbG9ncy5SZXRlbnRpb25EYXlzLk9ORV9EQVksXG4gICAgfSk7XG5cbiAgICAvLyBMYW1iZGEgZnVuY3Rpb24gdG8gcmVnaXN0ZXIgYW5kIGVucm9sbCB1c2VycyBhbmRcbiAgICAvLyBpbXBvcnQgY3JlZGVudGlhbHMgdG8gc2VjcmV0cyBtYW5hZ2VyXG4gICAgY29uc3QgdXNlckZ1bmN0aW9uID0gbmV3IGxhbWJkYS5GdW5jdGlvbihzY29wZSwgJ1VzZXJGdW5jdGlvbicsIHtcbiAgICAgIHJ1bnRpbWU6IGxhbWJkYS5SdW50aW1lLk5PREVKU18xNF9YLFxuICAgICAgaGFuZGxlcjogJ3JlZ2lzdGVyLXVzZXIuaGFuZGxlcicsXG4gICAgICBjb2RlOiBsYW1iZGEuQ29kZS5mcm9tQXNzZXQocGF0aC5qb2luKF9fZGlybmFtZSwgJy4uL2xhbWJkYXMvZmFicmljJykpLFxuICAgICAgZW52aXJvbm1lbnQ6IHtcbiAgICAgICAgQ0FfRU5EUE9JTlQ6IGNhRW5kcG9pbnQsXG4gICAgICAgIE1FTUJFUl9OQU1FOiBtZW1iZXJOYW1lLFxuICAgICAgICBQUklWQVRFX0tFWV9BUk46IGFkbWluUHJpdmF0ZUtleUFybixcbiAgICAgICAgU0lHTkVEX0NFUlRfQVJOOiBhZG1pblNpZ25lZENlcnRBcm4sXG4gICAgICAgIFRMU19DRVJUX0JVQ0tFVDogdGxzQnVja2V0RGF0YS5idWNrZXROYW1lLFxuICAgICAgICBUTFNfQ0VSVF9LRVk6IHRsc0J1Y2tldERhdGEua2V5LFxuICAgICAgfSxcbiAgICAgIHJvbGU6IGN1c3RvbVJlc291cmNlUm9sZSxcbiAgICAgIHZwYzogY2xpZW50LnZwYyxcbiAgICAgIHZwY1N1Ym5ldHM6IGNsaWVudC52cGMuc2VsZWN0U3VibmV0cygpLFxuICAgICAgdGltZW91dDogY2RrLkR1cmF0aW9uLm1pbnV0ZXMoMSksXG4gICAgfSk7XG5cbiAgICAvLyBBZGQgYWNjZXNzIHRvIHRoZSBsYW1iZGEgZm9yIHRoZSBOZXR3b3JrIHBvcnRzXG4gICAgc2NvcGUuY2xpZW50LnZwY0VuZHBvaW50LmNvbm5lY3Rpb25zLmFsbG93RnJvbSh1c2VyRnVuY3Rpb24sIGxlZGdlclBvcnRSYW5nZSk7XG5cbiAgICAvLyBDdXN0b20gUmVzb3VyY2UgcHJvdmlkZXJcbiAgICBIeXBlcmxlZGdlckZhYnJpY0lkZW50aXR5LnVzZXJQcm92aWRlciA9IG5ldyBjdXN0b21yZXNvdXJjZXMuUHJvdmlkZXIoc2NvcGUsICdVc2VyUHJvdmlkZXInLCB7XG4gICAgICBvbkV2ZW50SGFuZGxlcjogdXNlckZ1bmN0aW9uLFxuICAgICAgbG9nUmV0ZW50aW9uOiBsb2dzLlJldGVudGlvbkRheXMuT05FX0RBWSxcbiAgICB9KTtcblxuICAgIC8vIFBvcHVsYXRlIHRoZSBjdXN0b20gcm9sZSBzdGF0aWMgdmFyaWFibGVcbiAgICBIeXBlcmxlZGdlckZhYnJpY0lkZW50aXR5LmN1c3RvbVJvbGUgPSBjdXN0b21SZXNvdXJjZVJvbGU7XG5cbiAgfVxuXG59Il19

package/lib/index.d.ts

@@ -0,0 +1,5 @@
+export * from './network';
+export * from './node';
+export * from './client';
+export * from './user';
+export { SUPPORTED_REGIONS, SUPPORTED_AVAILABILITY_ZONES } from './utilities';

package/lib/index.js

@@ -0,0 +1,22 @@
+"use strict";
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: MIT-0
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !exports.hasOwnProperty(p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./network"), exports);
+__exportStar(require("./node"), exports);
+__exportStar(require("./client"), exports);
+__exportStar(require("./user"), exports);
+var utilities_1 = require("./utilities");
+Object.defineProperty(exports, "SUPPORTED_REGIONS", { enumerable: true, get: function () { return utilities_1.SUPPORTED_REGIONS; } });
+Object.defineProperty(exports, "SUPPORTED_AVAILABILITY_ZONES", { enumerable: true, get: function () { return utilities_1.SUPPORTED_AVAILABILITY_ZONES; } });
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHFFQUFxRTtBQUNyRSxpQ0FBaUM7Ozs7Ozs7Ozs7OztBQUdqQyw0Q0FBMEI7QUFDMUIseUNBQXVCO0FBQ3ZCLDJDQUF5QjtBQUN6Qix5Q0FBdUI7QUFFdkIseUNBQThFO0FBQXJFLDhHQUFBLGlCQUFpQixPQUFBO0FBQUUseUhBQUEsNEJBQTRCLE9BQUEiLCJzb3VyY2VzQ29udGVudCI6WyIvLyBDb3B5cmlnaHQgQW1hem9uLmNvbSwgSW5jLiBvciBpdHMgYWZmaWxpYXRlcy4gQWxsIFJpZ2h0cyBSZXNlcnZlZC5cbi8vIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBNSVQtMFxuXG5cbmV4cG9ydCAqIGZyb20gJy4vbmV0d29yayc7XG5leHBvcnQgKiBmcm9tICcuL25vZGUnO1xuZXhwb3J0ICogZnJvbSAnLi9jbGllbnQnO1xuZXhwb3J0ICogZnJvbSAnLi91c2VyJztcblxuZXhwb3J0IHsgU1VQUE9SVEVEX1JFR0lPTlMsIFNVUFBPUlRFRF9BVkFJTEFCSUxJVFlfWk9ORVMgfSBmcm9tICcuL3V0aWxpdGllcyc7XG4iXX0=

package/lib/network.d.ts

@@ -0,0 +1,183 @@
+import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
+import * as constructs from 'constructs';
+import * as client from './client';
+import * as node from './node';
+import * as user from './user';
+export declare enum FrameworkVersion {
+    VERSION_1_2 = "1.2",
+    VERSION_1_4 = "1.4",
+    VERSION_2_2 = "2.2"
+}
+export declare enum NetworkEdition {
+    STARTER = "STARTER",
+    STANDARD = "STANDARD"
+}
+export declare enum ThresholdComparator {
+    GREATER_THAN = "GREATER_THAN",
+    GREATER_THAN_OR_EQUAL_TO = "GREATER_THAN_OR_EQUAL_TO"
+}
+/**
+ * Construct properties for `HyperledgerFabricNetwork`
+ */
+export interface HyperledgerFabricNetworkProps {
+    /**
+     * Managed Blockchain network name
+     */
+    readonly networkName: string;
+    /**
+     * Managed Blockchain network description
+     *
+     * @default - Set to match network name
+     */
+    readonly networkDescription?: string;
+    /**
+     * Managed Blockchain member name
+     */
+    readonly memberName: string;
+    /**
+     * Managed Blockchain member description
+     *
+     * @default - Set to match member name
+     */
+    readonly memberDescription?: string;
+    /**
+     * Hyperledger Fabric framework version
+     *
+     * @default - FrameworkVersion.VERSION_1_4
+     */
+    readonly frameworkVersion?: FrameworkVersion;
+    /**
+     * Managed Blockchain network edition
+     *
+     * @default - NetworkEdition.STANDARD
+     */
+    readonly networkEdition?: NetworkEdition;
+    /**
+     * The duration from the time that a proposal is created until it expires
+     * @default - 24 hours
+     */
+    readonly proposalDurationInHours?: number;
+    /**
+     * The percentage of votes among all members that must be yes for a proposal to be approved
+     * @default - 50 percent
+     */
+    readonly thresholdPercentage?: number;
+    /**
+     * Determines whether the yes votes must be greater than the threshold percentage
+     * or must be greater than or equal to the threhold percentage to be approved
+     * @default - GREATER_THAN
+     */
+    readonly thresholdComparator?: ThresholdComparator;
+    /**
+     * The configuration to enable or disable certificate authority logging
+     * @default - true
+     */
+    readonly enableCaLogging?: boolean;
+    /**
+     * List of nodes to create on the network
+     *
+     * @default - One node with default configuration
+     */
+    readonly nodes?: Array<node.HyperledgerFabricNodeProps>;
+    /**
+     * The Client network to interact with the Hyperledger Fabric network
+     * @default - Client network with Default properties
+     * (CIDR-`10.0.0.0/16` and subnets of type `PRIVATE_ISOLATED`)
+     */
+    readonly client?: client.HyperledgerFabricClientProps;
+    /**
+     * List of users to register with Fabric CA
+     */
+    readonly users?: Array<user.HyperledgerFabricUserProps>;
+}
+/**
+ * Creates a Hyperledger Fabric network on Amazon Managed Blockchain
+ */
+export declare class HyperledgerFabricNetwork extends constructs.Construct {
+    /**
+     * Managed Blockchain network name
+     */
+    readonly networkName: string;
+    /**
+     * Managed Blockchain network description
+     */
+    readonly networkDescription: string;
+    /**
+     * Managed Blockchain network identifier generated on construction
+     */
+    readonly networkId: string;
+    /**
+     * Managed Blockchain member name
+     */
+    readonly memberName: string;
+    /**
+     * Managed Blockchain member description
+     */
+    readonly memberDescription: string;
+    /**
+     * Managed Blockchain member identifier generated on construction
+     */
+    readonly memberId: string;
+    /**
+     * Hyperledger Fabric framework version
+     */
+    readonly frameworkVersion: FrameworkVersion;
+    /**
+     * Managed Blockchain network edition
+     */
+    readonly networkEdition: NetworkEdition;
+    /**
+     * The duration from the time that a proposal is created until it expires
+     */
+    readonly proposalDurationInHours: number;
+    /**
+     * The percentage of votes among all members that must be yes for a proposal to be approved
+     */
+    readonly thresholdPercentage: number;
+    /**
+     * Determines whether the yes votes must be greater than the threshold percentage
+     * or must be greater than or equal to the threhold percentage to be approved
+     */
+    readonly thresholdComparator: ThresholdComparator;
+    /**
+     * The configuration to enable or disable certificate authority logging
+     */
+    readonly enableCaLogging: boolean;
+    /**
+     * Managed Blockchain network VPC endpoint service name
+     */
+    readonly vpcEndpointServiceName: string;
+    /**
+     * Managed Blockchain network ordering service endpoint
+     */
+    readonly ordererEndpoint: string;
+    /**
+     * Managed Blockchain member CA endpoint
+     */
+    readonly caEndpoint: string;
+    /**
+     * Secret ARN for the Hyperledger Fabric admin password
+     */
+    readonly adminPasswordSecret: secretsmanager.Secret;
+    /**
+     * Secret for Hyperledger Fabric admin private key
+     */
+    readonly adminPrivateKeySecret: secretsmanager.Secret;
+    /**
+     * Secret for Hyperledger Fabric admin signed certificate
+     */
+    readonly adminSignedCertSecret: secretsmanager.Secret;
+    /**
+     * List of nodes created in the network
+     */
+    readonly nodes: Array<node.HyperledgerFabricNode>;
+    /**
+     * The client network to interact with the Hyperledger Fabric network
+     */
+    readonly client: client.HyperledgerFabricClient;
+    /**
+     * List of users registered with CA
+     */
+    readonly users: Array<user.HyperledgerFabricUser>;
+    constructor(scope: constructs.Construct, id: string, props: HyperledgerFabricNetworkProps);
+}

package/lib/network.js

@@ -0,0 +1,225 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HyperledgerFabricNetwork = exports.ThresholdComparator = exports.NetworkEdition = exports.FrameworkVersion = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: MIT-0
+const cdk = require("aws-cdk-lib");
+const managedblockchain = require("aws-cdk-lib/aws-managedblockchain");
+const secretsmanager = require("aws-cdk-lib/aws-secretsmanager");
+const customresources = require("aws-cdk-lib/custom-resources");
+const constructs = require("constructs");
+const client = require("./client");
+const identity = require("./identity");
+const node = require("./node");
+const user = require("./user");
+const utilities = require("./utilities");
+/*
+ * Define which Hyperledger Fabric framework to use
+ */
+var FrameworkVersion;
+(function (FrameworkVersion) {
+    FrameworkVersion["VERSION_1_2"] = "1.2";
+    FrameworkVersion["VERSION_1_4"] = "1.4";
+    FrameworkVersion["VERSION_2_2"] = "2.2";
+})(FrameworkVersion = exports.FrameworkVersion || (exports.FrameworkVersion = {}));
+/*
+ * Starter networks are cheaper, but are limited to 2 nodes that
+ * can only be from a subset of types (see node.ts for the list)
+ */
+var NetworkEdition;
+(function (NetworkEdition) {
+    NetworkEdition["STARTER"] = "STARTER";
+    NetworkEdition["STANDARD"] = "STANDARD";
+})(NetworkEdition = exports.NetworkEdition || (exports.NetworkEdition = {}));
+/*
+ * Constants to define ties in voting for new members
+ */
+var ThresholdComparator;
+(function (ThresholdComparator) {
+    ThresholdComparator["GREATER_THAN"] = "GREATER_THAN";
+    ThresholdComparator["GREATER_THAN_OR_EQUAL_TO"] = "GREATER_THAN_OR_EQUAL_TO";
+})(ThresholdComparator = exports.ThresholdComparator || (exports.ThresholdComparator = {}));
+/**
+ * Creates a Hyperledger Fabric network on Amazon Managed Blockchain
+ */
+class HyperledgerFabricNetwork extends constructs.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        // Collect metadata on the stack
+        const partition = cdk.Stack.of(this).partition;
+        const region = cdk.Stack.of(this).region;
+        const account = cdk.Stack.of(this).account;
+        // Populate instance variables from input properties, using defaults if values not provided
+        this.networkName = props.networkName;
+        this.networkDescription = props.networkDescription ?? props.networkName;
+        this.memberName = props.memberName;
+        this.memberDescription = props.memberDescription ?? props.memberName;
+        this.frameworkVersion = props.frameworkVersion ?? FrameworkVersion.VERSION_1_4;
+        this.networkEdition = props.networkEdition ?? NetworkEdition.STANDARD;
+        this.proposalDurationInHours = props.proposalDurationInHours ?? 24;
+        this.thresholdPercentage = props.thresholdPercentage ?? 50;
+        this.thresholdComparator = props.thresholdComparator ?? ThresholdComparator.GREATER_THAN;
+        this.enableCaLogging = props.enableCaLogging ?? true;
+        this.users = [];
+        // Ensure the parameters captured above are valid, so we don't
+        // need to wait until deployment time to discover an error
+        utilities.validateRegion(region);
+        if (!utilities.validateString(this.networkName, 1, 64)) {
+            throw new Error('Network name is invalid or not provided. It can be up to 64 characters long.');
+        }
+        if (!utilities.validateString(this.networkDescription, 0, 128)) {
+            throw new Error('Network description is invalid. It can be up to 128 characters long.');
+        }
+        if (!utilities.validateString(this.memberName, 1, 64, /^(?!-|[0-9])(?!.*-$)(?!.*?--)[a-zA-Z0-9-]+$/)) {
+            throw new Error('Member name is invalid or not provided. It can be up to 64 characters long, and can have alphanumeric characters and hyphen(s). It cannot start with a number, or start and end with a hyphen (-), or have two consecutive hyphens. The member name must also be unique across the network.');
+        }
+        if (!utilities.validateString(this.memberDescription, 0, 128)) {
+            throw new Error('Member description is invalid. It can be up to 128 characters long.');
+        }
+        if (!utilities.validateInteger(this.proposalDurationInHours, 1, 168)) {
+            throw new Error('Voting policy proposal duration must be between 1 and 168 hours.');
+        }
+        if (!utilities.validateInteger(this.thresholdPercentage, 0, 100)) {
+            throw new Error('Voting policy threshold percentage must be between 0 and 100.');
+        }
+        // Ensure the user affiliation includes the member name,
+        // if the user list for registration is provided
+        if (props.users) {
+            props.users.forEach(e => {
+                if (!e.affilitation.startsWith(this.memberName))
+                    throw new Error('User affiliation is invalid. Affiliation should start with Member name');
+            });
+        }
+        // Per the Managed Blockchain documentation, the admin password must be at least eight
+        // characters long and no more than 32 characters. It must contain at least one uppercase
+        // letter, one lowercase letter, and one digit. It cannot have a single quotation mark (‘),
+        // a double quotation marks (“), a forward slash(/), a backward slash(\), @, or a space;
+        // several other characters are exluded here to make the password easier to use in scripts
+        const passwordRequirements = {
+            passwordLength: 32,
+            requireEachIncludedType: true,
+            excludeCharacters: '\'"/\\@ &{}<>*|',
+        };
+        this.adminPasswordSecret = new secretsmanager.Secret(this, 'AdminPassword', { generateSecretString: passwordRequirements });
+        // The initially enrolled admin user credentials will be stored in these secrets
+        this.adminPrivateKeySecret = new secretsmanager.Secret(this, 'AdminPrivateKey');
+        this.adminSignedCertSecret = new secretsmanager.Secret(this, 'AdminSignedCert');
+        // Build out the Cloudformation construct for the network/member
+        const networkConfiguration = {
+            name: this.networkName,
+            description: this.networkDescription,
+            framework: 'HYPERLEDGER_FABRIC',
+            frameworkVersion: this.frameworkVersion,
+            networkFrameworkConfiguration: {
+                networkFabricConfiguration: {
+                    edition: this.networkEdition,
+                },
+            },
+            votingPolicy: {
+                approvalThresholdPolicy: {
+                    proposalDurationInHours: this.proposalDurationInHours,
+                    thresholdPercentage: this.thresholdPercentage,
+                    thresholdComparator: this.thresholdComparator,
+                },
+            },
+        };
+        // Note the use of the unwrap below is the only possible way to get
+        // the secret value into the CloudFormation; it will still not directly
+        // be included in the synthesized template so usage here is still safe
+        const memberConfiguration = {
+            name: this.memberName,
+            description: this.memberDescription,
+            memberFrameworkConfiguration: {
+                memberFabricConfiguration: {
+                    adminUsername: 'admin',
+                    adminPassword: this.adminPasswordSecret.secretValue.unsafeUnwrap(),
+                },
+            },
+        };
+        const network = new managedblockchain.CfnMember(this, 'Network', { networkConfiguration, memberConfiguration });
+        // Capture data included in the Cloudformation output in instance variables
+        this.networkId = network.getAtt('NetworkId').toString();
+        this.memberId = network.getAtt('MemberId').toString();
+        // Build out the associated node constructs
+        this.nodes = node.HyperledgerFabricNode.constructNodes(this, props.nodes);
+        // Due to a race condition in CDK custom resources (https://github.com/aws/aws-cdk/issues/18237),
+        // the necessary permissions for all SDK calls in the stack need to be added here, even though
+        // the calls in this construct don't need access to the nodes; this also means node constructs
+        // can't populate their outputs fully until later, which is annoying
+        const nodeIds = this.nodes.map(n => n.nodeId);
+        const nodeArns = nodeIds.map(i => `arn:${partition}:managedblockchain:${region}:${account}:nodes/${i}`);
+        const sdkCallPolicy = customresources.AwsCustomResourcePolicy.fromSdkCalls({
+            resources: [
+                `arn:${partition}:managedblockchain:${region}::networks/${this.networkId}`,
+                `arn:${partition}:managedblockchain:${region}:${account}:members/${this.memberId}`,
+                ...nodeArns,
+            ],
+        });
+        // Cloudformation doesn't include all the network and member attributes
+        // needed to use Hyperledger Fabric, so use SDK calls to fetch said data
+        const networkDataSdkCall = {
+            service: 'ManagedBlockchain',
+            action: 'getNetwork',
+            parameters: { NetworkId: this.networkId },
+            physicalResourceId: customresources.PhysicalResourceId.of('Id'),
+        };
+        const memberDataSdkCall = {
+            service: 'ManagedBlockchain',
+            action: 'getMember',
+            parameters: { NetworkId: this.networkId, MemberId: this.memberId },
+            physicalResourceId: customresources.PhysicalResourceId.of('Id'),
+        };
+        // Data items need fetching on creation and updating; nothing needs doing on deletion
+        const networkData = new customresources.AwsCustomResource(this, 'NetworkDataResource', {
+            policy: sdkCallPolicy,
+            onCreate: networkDataSdkCall,
+            onUpdate: networkDataSdkCall,
+        });
+        const memberData = new customresources.AwsCustomResource(this, 'MemberDataResource', {
+            policy: sdkCallPolicy,
+            onCreate: memberDataSdkCall,
+            onUpdate: memberDataSdkCall,
+        });
+        // Cloudformation doesn't include logging configuration so use SDK call to do so
+        const logConfiguration = {
+            Fabric: { CaLogs: { Cloudwatch: { Enabled: this.enableCaLogging } } },
+        };
+        const configureCaLogSdkCall = {
+            service: 'ManagedBlockchain',
+            action: 'updateMember',
+            parameters: { NetworkId: this.networkId, MemberId: this.memberId, LogPublishingConfiguration: logConfiguration },
+            physicalResourceId: customresources.PhysicalResourceId.of('Id'),
+        };
+        new customresources.AwsCustomResource(this, 'ConfigureCaLogResource', {
+            policy: sdkCallPolicy,
+            onCreate: configureCaLogSdkCall,
+            onUpdate: configureCaLogSdkCall,
+        });
+        // Grab items out of the above return values and stick them in output properties
+        this.vpcEndpointServiceName = networkData.getResponseField('Network.VpcEndpointServiceName');
+        this.ordererEndpoint = networkData.getResponseField('Network.FrameworkAttributes.Fabric.OrderingServiceEndpoint');
+        this.caEndpoint = memberData.getResponseField('Member.FrameworkAttributes.Fabric.CaEndpoint');
+        // As stated earlier, node constructs can't populate all their properties
+        // until after the above network and member SDK calls succeed; thus the
+        // function calls below where fetches are split out and logging is configured
+        for (const n of this.nodes) {
+            n.configureLogging(sdkCallPolicy);
+            n.fetchData(sdkCallPolicy);
+        }
+        // Build out the client VPC construct
+        this.client = new client.HyperledgerFabricClient(this, 'NetworkClient', props.client);
+        // Build out all the custom resources to register and enroll identities to CA
+        const identityResources = new identity.HyperledgerFabricIdentity(this, 'Identity');
+        // Enroll the administrator and store its credentials on Secrets Manager
+        new cdk.CustomResource(this, 'AdminCustomResource', { serviceToken: identityResources.adminProvider.serviceToken });
+        // Register and enroll users, if provided
+        if (props.users)
+            this.users = Array.from(props.users.entries()).map(e => new user.HyperledgerFabricUser(this, `User${e[0]}`, e[1]));
+    }
+}
+exports.HyperledgerFabricNetwork = HyperledgerFabricNetwork;
+_a = JSII_RTTI_SYMBOL_1;
+HyperledgerFabricNetwork[_a] = { fqn: "@cdklabs/cdk-hyperledger-fabric-network.HyperledgerFabricNetwork", version: "0.0.20" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmV0d29yay5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9uZXR3b3JrLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEscUVBQXFFO0FBQ3JFLGlDQUFpQztBQUdqQyxtQ0FBbUM7QUFDbkMsdUVBQXVFO0FBQ3ZFLGlFQUFpRTtBQUNqRSxnRUFBZ0U7QUFDaEUseUNBQXlDO0FBRXpDLG1DQUFtQztBQUNuQyx1Q0FBdUM7QUFDdkMsK0JBQStCO0FBQy9CLCtCQUErQjtBQUMvQix5Q0FBeUM7QUFHekM7O0dBRUc7QUFDSCxJQUFZLGdCQUlYO0FBSkQsV0FBWSxnQkFBZ0I7SUFDMUIsdUNBQW1CLENBQUE7SUFDbkIsdUNBQW1CLENBQUE7SUFDbkIsdUNBQW1CLENBQUE7QUFDckIsQ0FBQyxFQUpXLGdCQUFnQixHQUFoQix3QkFBZ0IsS0FBaEIsd0JBQWdCLFFBSTNCO0FBRUQ7OztHQUdHO0FBQ0gsSUFBWSxjQUdYO0FBSEQsV0FBWSxjQUFjO0lBQ3hCLHFDQUFtQixDQUFBO0lBQ25CLHVDQUFxQixDQUFBO0FBQ3ZCLENBQUMsRUFIVyxjQUFjLEdBQWQsc0JBQWMsS0FBZCxzQkFBYyxRQUd6QjtBQUVEOztHQUVHO0FBQ0gsSUFBWSxtQkFHWDtBQUhELFdBQVksbUJBQW1CO0lBQzdCLG9EQUE2QixDQUFBO0lBQzdCLDRFQUFxRCxDQUFBO0FBQ3ZELENBQUMsRUFIVyxtQkFBbUIsR0FBbkIsMkJBQW1CLEtBQW5CLDJCQUFtQixRQUc5QjtBQTZGRDs7R0FFRztBQUNILE1BQWEsd0JBQXlCLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUE2R2hFLFlBQVksS0FBMkIsRUFBRSxFQUFVLEVBQUUsS0FBb0M7UUFFdkYsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixnQ0FBZ0M7UUFDaEMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUMsU0FBUyxDQUFDO1FBQy9DLE1BQU0sTUFBTSxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDLE1BQU0sQ0FBQztRQUN6QyxNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxPQUFPLENBQUM7UUFFM0MsMkZBQTJGO1FBQzNGLElBQUksQ0FBQyxXQUFXLEdBQUcsS0FBSyxDQUFDLFdBQVcsQ0FBQztRQUNyQyxJQUFJLENBQUMsa0JBQWtCLEdBQUcsS0FBSyxDQUFDLGtCQUFrQixJQUFJLEtBQUssQ0FBQyxXQUFXLENBQUM7UUFDeEUsSUFBSSxDQUFDLFVBQVUsR0FBRyxLQUFLLENBQUMsVUFBVSxDQUFDO1FBQ25DLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxLQUFLLENBQUMsaUJBQWlCLElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQztRQUNyRSxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsS0FBSyxDQUFDLGdCQUFnQixJQUFJLGdCQUFnQixDQUFDLFdBQVcsQ0FBQztRQUMvRSxJQUFJLENBQUMsY0FBYyxHQUFHLEtBQUssQ0FBQyxjQUFjLElBQUksY0FBYyxDQUFDLFFBQVEsQ0FBQztRQUN0RSxJQUFJLENBQUMsdUJBQXVCLEdBQUcsS0FBSyxDQUFDLHVCQUF1QixJQUFJLEVBQUUsQ0FBQztRQUNuRSxJQUFJLENBQUMsbUJBQW1CLEdBQUcsS0FBSyxDQUFDLG1CQUFtQixJQUFJLEVBQUUsQ0FBQztRQUMzRCxJQUFJLENBQUMsbUJBQW1CLEdBQUcsS0FBSyxDQUFDLG1CQUFtQixJQUFJLG1CQUFtQixDQUFDLFlBQVksQ0FBQztRQUN6RixJQUFJLENBQUMsZUFBZSxHQUFHLEtBQUssQ0FBQyxlQUFlLElBQUksSUFBSSxDQUFDO1FBQ3JELElBQUksQ0FBQyxLQUFLLEdBQUcsRUFBRSxDQUFDO1FBRWhCLDhEQUE4RDtRQUM5RCwwREFBMEQ7UUFDMUQsU0FBUyxDQUFDLGNBQWMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUNqQyxJQUFJLENBQUMsU0FBUyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUMsRUFBRSxFQUFFLENBQUMsRUFBRTtZQUN0RCxNQUFNLElBQUksS0FBSyxDQUFDLDhFQUE4RSxDQUFDLENBQUM7U0FDakc7UUFDRCxJQUFJLENBQUMsU0FBUyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FBQyxFQUFFLEdBQUcsQ0FBQyxFQUFFO1lBQzlELE1BQU0sSUFBSSxLQUFLLENBQUMsc0VBQXNFLENBQUMsQ0FBQztTQUN6RjtRQUNELElBQUksQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQyxFQUFFLEVBQUUsRUFBRSw2Q0FBNkMsQ0FBQyxFQUFFO1lBQ3BHLE1BQU0sSUFBSSxLQUFLLENBQUMsNlJBQTZSLENBQUMsQ0FBQztTQUNoVDtRQUNELElBQUksQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDLEVBQUUsR0FBRyxDQUFDLEVBQUU7WUFDN0QsTUFBTSxJQUFJLEtBQUssQ0FBQyxxRUFBcUUsQ0FBQyxDQUFDO1NBQ3hGO1FBQ0QsSUFBSSxDQUFDLFNBQVMsQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLHVCQUF1QixFQUFFLENBQUMsRUFBRSxHQUFHLENBQUMsRUFBRTtZQUNwRSxNQUFNLElBQUksS0FBSyxDQUFDLGtFQUFrRSxDQUFDLENBQUM7U0FDckY7UUFDRCxJQUFJLENBQUMsU0FBUyxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLEVBQUUsQ0FBQyxFQUFFLEdBQUcsQ0FBQyxFQUFFO1lBQ2hFLE1BQU0sSUFBSSxLQUFLLENBQUMsK0RBQStELENBQUMsQ0FBQztTQUNsRjtRQUVELHdEQUF3RDtRQUN4RCxnREFBZ0Q7UUFDaEQsSUFBSSxLQUFLLENBQUMsS0FBSyxFQUFFO1lBQ2YsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUU7Z0JBQ3RCLElBQUksQ0FBQyxDQUFDLENBQUMsWUFBWSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDO29CQUFFLE1BQU0sSUFBSSxLQUFLLENBQUMsd0VBQXdFLENBQUMsQ0FBQztZQUM3SSxDQUFDLENBQUMsQ0FBQztTQUNKO1FBRUQsc0ZBQXNGO1FBQ3RGLHlGQUF5RjtRQUN6RiwyRkFBMkY7UUFDM0Ysd0ZBQXdGO1FBQ3hGLDBGQUEwRjtRQUMxRixNQUFNLG9CQUFvQixHQUFHO1lBQzNCLGNBQWMsRUFBRSxFQUFFO1lBQ2xCLHVCQUF1QixFQUFFLElBQUk7WUFDN0IsaUJBQWlCLEVBQUUsaUJBQWlCO1NBQ3JDLENBQUM7UUFDRixJQUFJLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxjQUFjLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxlQUFlLEVBQUUsRUFBRSxvQkFBb0IsRUFBRSxvQkFBb0IsRUFBRSxDQUFDLENBQUM7UUFFNUgsZ0ZBQWdGO1FBQ2hGLElBQUksQ0FBQyxxQkFBcUIsR0FBRyxJQUFJLGNBQWMsQ0FBQyxNQUFNLENBQUMsSUFBSSxFQUFFLGlCQUFpQixDQUFDLENBQUM7UUFDaEYsSUFBSSxDQUFDLHFCQUFxQixHQUFHLElBQUksY0FBYyxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztRQUVoRixnRUFBZ0U7UUFDaEUsTUFBTSxvQkFBb0IsR0FBRztZQUMzQixJQUFJLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDdEIsV0FBVyxFQUFFLElBQUksQ0FBQyxrQkFBa0I7WUFDcEMsU0FBUyxFQUFFLG9CQUFvQjtZQUMvQixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsZ0JBQWdCO1lBQ3ZDLDZCQUE2QixFQUFFO2dCQUM3QiwwQkFBMEIsRUFBRTtvQkFDMUIsT0FBTyxFQUFFLElBQUksQ0FBQyxjQUFjO2lCQUM3QjthQUNGO1lBQ0QsWUFBWSxFQUFFO2dCQUNaLHVCQUF1QixFQUFFO29CQUN2Qix1QkFBdUIsRUFBRSxJQUFJLENBQUMsdUJBQXVCO29CQUNyRCxtQkFBbUIsRUFBRSxJQUFJLENBQUMsbUJBQW1CO29CQUM3QyxtQkFBbUIsRUFBRSxJQUFJLENBQUMsbUJBQW1CO2lCQUM5QzthQUNGO1NBQ0YsQ0FBQztRQUVGLG1FQUFtRTtRQUNuRSx1RUFBdUU7UUFDdkUsc0VBQXNFO1FBQ3RFLE1BQU0sbUJBQW1CLEdBQUc7WUFDMUIsSUFBSSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQ3JCLFdBQVcsRUFBRSxJQUFJLENBQUMsaUJBQWlCO1lBQ25DLDRCQUE0QixFQUFFO2dCQUM1Qix5QkFBeUIsRUFBRTtvQkFDekIsYUFBYSxFQUFFLE9BQU87b0JBQ3RCLGFBQWEsRUFBRSxJQUFJLENBQUMsbUJBQW1CLENBQUMsV0FBVyxDQUFDLFlBQVksRUFBRTtpQkFDbkU7YUFDRjtTQUNGLENBQUM7UUFDRixNQUFNLE9BQU8sR0FBRyxJQUFJLGlCQUFpQixDQUFDLFNBQVMsQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLEVBQUUsb0JBQW9CLEVBQUUsbUJBQW1CLEVBQUUsQ0FBQyxDQUFDO1FBRWhILDJFQUEyRTtRQUMzRSxJQUFJLENBQUMsU0FBUyxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDeEQsSUFBSSxDQUFDLFFBQVEsR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBRXRELDJDQUEyQztRQUMzQyxJQUFJLENBQUMsS0FBSyxHQUFHLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUUxRSxpR0FBaUc7UUFDakcsOEZBQThGO1FBQzlGLDhGQUE4RjtRQUM5RixvRUFBb0U7UUFDcEUsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDOUMsTUFBTSxRQUFRLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLE9BQU8sU0FBUyxzQkFBc0IsTUFBTSxJQUFJLE9BQU8sVUFBVSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3hHLE1BQU0sYUFBYSxHQUFHLGVBQWUsQ0FBQyx1QkFBdUIsQ0FBQyxZQUFZLENBQUM7WUFDekUsU0FBUyxFQUFFO2dCQUNULE9BQU8sU0FBUyxzQkFBc0IsTUFBTSxjQUFjLElBQUksQ0FBQyxTQUFTLEVBQUU7Z0JBQzFFLE9BQU8sU0FBUyxzQkFBc0IsTUFBTSxJQUFJLE9BQU8sWUFBWSxJQUFJLENBQUMsUUFBUSxFQUFFO2dCQUNsRixHQUFHLFFBQVE7YUFDWjtTQUNGLENBQUMsQ0FBQztRQUVILHVFQUF1RTtRQUN2RSx3RUFBd0U7UUFDeEUsTUFBTSxrQkFBa0IsR0FBRztZQUN6QixPQUFPLEVBQUUsbUJBQW1CO1lBQzVCLE1BQU0sRUFBRSxZQUFZO1lBQ3BCLFVBQVUsRUFBRSxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsU0FBUyxFQUFFO1lBQ3pDLGtCQUFrQixFQUFFLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDO1NBQ2hFLENBQUM7UUFDRixNQUFNLGlCQUFpQixHQUFHO1lBQ3hCLE9BQU8sRUFBRSxtQkFBbUI7WUFDNUIsTUFBTSxFQUFFLFdBQVc7WUFDbkIsVUFBVSxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRLEVBQUU7WUFDbEUsa0JBQWtCLEVBQUUsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUM7U0FDaEUsQ0FBQztRQUVGLHFGQUFxRjtRQUNyRixNQUFNLFdBQVcsR0FBRyxJQUFJLGVBQWUsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUscUJBQXFCLEVBQUU7WUFDckYsTUFBTSxFQUFFLGFBQWE7WUFDckIsUUFBUSxFQUFFLGtCQUFrQjtZQUM1QixRQUFRLEVBQUUsa0JBQWtCO1NBQzdCLENBQUMsQ0FBQztRQUNILE1BQU0sVUFBVSxHQUFHLElBQUksZUFBZSxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxvQkFBb0IsRUFBRTtZQUNuRixNQUFNLEVBQUUsYUFBYTtZQUNyQixRQUFRLEVBQUUsaUJBQWlCO1lBQzNCLFFBQVEsRUFBRSxpQkFBaUI7U0FDNUIsQ0FBQyxDQUFDO1FBRUgsZ0ZBQWdGO1FBQ2hGLE1BQU0sZ0JBQWdCLEdBQUc7WUFDdkIsTUFBTSxFQUFFLEVBQUUsTUFBTSxFQUFFLEVBQUUsVUFBVSxFQUFFLEVBQUUsT0FBTyxFQUFFLElBQUksQ0FBQyxlQUFlLEVBQUUsRUFBRSxFQUFFO1NBQ3RFLENBQUM7UUFDRixNQUFNLHFCQUFxQixHQUFHO1lBQzVCLE9BQU8sRUFBRSxtQkFBbUI7WUFDNUIsTUFBTSxFQUFFLGNBQWM7WUFDdEIsVUFBVSxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRLEVBQUUsMEJBQTBCLEVBQUUsZ0JBQWdCLEVBQUU7WUFDaEgsa0JBQWtCLEVBQUUsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUM7U0FDaEUsQ0FBQztRQUNGLElBQUksZUFBZSxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSx3QkFBd0IsRUFBRTtZQUNwRSxNQUFNLEVBQUUsYUFBYTtZQUNyQixRQUFRLEVBQUUscUJBQXFCO1lBQy9CLFFBQVEsRUFBRSxxQkFBcUI7U0FDaEMsQ0FBQyxDQUFDO1FBRUgsZ0ZBQWdGO1FBQ2hGLElBQUksQ0FBQyxzQkFBc0IsR0FBRyxXQUFXLENBQUMsZ0JBQWdCLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztRQUM3RixJQUFJLENBQUMsZUFBZSxHQUFHLFdBQVcsQ0FBQyxnQkFBZ0IsQ0FBQyw0REFBNEQsQ0FBQyxDQUFDO1FBQ2xILElBQUksQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDLGdCQUFnQixDQUFDLDhDQUE4QyxDQUFDLENBQUM7UUFFOUYseUVBQXlFO1FBQ3pFLHVFQUF1RTtRQUN2RSw2RUFBNkU7UUFDN0UsS0FBSyxNQUFNLENBQUMsSUFBSSxJQUFJLENBQUMsS0FBSyxFQUFFO1lBQzFCLENBQUMsQ0FBQyxnQkFBZ0IsQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUNsQyxDQUFDLENBQUMsU0FBUyxDQUFDLGFBQWEsQ0FBQyxDQUFDO1NBQzVCO1FBRUQscUNBQXFDO1FBQ3JDLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxNQUFNLENBQUMsdUJBQXVCLENBQUMsSUFBSSxFQUFFLGVBQWUsRUFBRSxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFdEYsNkVBQTZFO1FBQzdFLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxRQUFRLENBQUMseUJBQXlCLENBQUMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBRW5GLHdFQUF3RTtRQUN4RSxJQUFJLEdBQUcsQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFLHFCQUFxQixFQUFFLEVBQUUsWUFBWSxFQUFFLGlCQUFpQixDQUFDLGFBQWEsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDO1FBRXBILHlDQUF5QztRQUN6QyxJQUFJLEtBQUssQ0FBQyxLQUFLO1lBQUUsSUFBSSxDQUFDLEtBQUssR0FBRyxLQUFLLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxJQUFJLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3RJLENBQUM7O0FBNVNILDREQThTQyIsInNvdXJjZXNDb250ZW50IjpbIi8vIENvcHlyaWdodCBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuLy8gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IE1JVC0wXG5cblxuaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIG1hbmFnZWRibG9ja2NoYWluIGZyb20gJ2F3cy1jZGstbGliL2F3cy1tYW5hZ2VkYmxvY2tjaGFpbic7XG5pbXBvcnQgKiBhcyBzZWNyZXRzbWFuYWdlciBmcm9tICdhd3MtY2RrLWxpYi9hd3Mtc2VjcmV0c21hbmFnZXInO1xuaW1wb3J0ICogYXMgY3VzdG9tcmVzb3VyY2VzIGZyb20gJ2F3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXMnO1xuaW1wb3J0ICogYXMgY29uc3RydWN0cyBmcm9tICdjb25zdHJ1Y3RzJztcblxuaW1wb3J0ICogYXMgY2xpZW50IGZyb20gJy4vY2xpZW50JztcbmltcG9ydCAqIGFzIGlkZW50aXR5IGZyb20gJy4vaWRlbnRpdHknO1xuaW1wb3J0ICogYXMgbm9kZSBmcm9tICcuL25vZGUnO1xuaW1wb3J0ICogYXMgdXNlciBmcm9tICcuL3VzZXInO1xuaW1wb3J0ICogYXMgdXRpbGl0aWVzIGZyb20gJy4vdXRpbGl0aWVzJztcblxuXG4vKlxuICogRGVmaW5lIHdoaWNoIEh5cGVybGVkZ2VyIEZhYnJpYyBmcmFtZXdvcmsgdG8gdXNlXG4gKi9cbmV4cG9ydCBlbnVtIEZyYW1ld29ya1ZlcnNpb24ge1xuICBWRVJTSU9OXzFfMiA9ICcxLjInLFxuICBWRVJTSU9OXzFfNCA9ICcxLjQnLFxuICBWRVJTSU9OXzJfMiA9ICcyLjInLFxufVxuXG4vKlxuICogU3RhcnRlciBuZXR3b3JrcyBhcmUgY2hlYXBlciwgYnV0IGFyZSBsaW1pdGVkIHRvIDIgbm9kZXMgdGhhdFxuICogY2FuIG9ubHkgYmUgZnJvbSBhIHN1YnNldCBvZiB0eXBlcyAoc2VlIG5vZGUudHMgZm9yIHRoZSBsaXN0KVxuICovXG5leHBvcnQgZW51bSBOZXR3b3JrRWRpdGlvbiB7XG4gIFNUQVJURVIgPSAnU1RBUlRFUicsXG4gIFNUQU5EQVJEID0gJ1NUQU5EQVJEJyxcbn1cblxuLypcbiAqIENvbnN0YW50cyB0byBkZWZpbmUgdGllcyBpbiB2b3RpbmcgZm9yIG5ldyBtZW1iZXJzXG4gKi9cbmV4cG9ydCBlbnVtIFRocmVzaG9sZENvbXBhcmF0b3Ige1xuICBHUkVBVEVSX1RIQU4gPSAnR1JFQVRFUl9USEFOJyxcbiAgR1JFQVRFUl9USEFOX09SX0VRVUFMX1RPID0gJ0dSRUFURVJfVEhBTl9PUl9FUVVBTF9UTycsXG59XG5cblxuLyoqXG4gKiBDb25zdHJ1Y3QgcHJvcGVydGllcyBmb3IgYEh5cGVybGVkZ2VyRmFicmljTmV0d29ya2BcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBIeXBlcmxlZGdlckZhYnJpY05ldHdvcmtQcm9wcyB7XG5cbiAgLyoqXG4gICAqIE1hbmFnZWQgQmxvY2tjaGFpbiBuZXR3b3JrIG5hbWVcbiAgICovXG4gIHJlYWRvbmx5IG5ldHdvcmtOYW1lOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIE1hbmFnZWQgQmxvY2tjaGFpbiBuZXR3b3JrIGRlc2NyaXB0aW9uXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gU2V0IHRvIG1hdGNoIG5ldHdvcmsgbmFtZVxuICAgKi9cbiAgcmVhZG9ubHkgbmV0d29ya0Rlc2NyaXB0aW9uPzogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBNYW5hZ2VkIEJsb2NrY2hhaW4gbWVtYmVyIG5hbWVcbiAgICovXG4gIHJlYWRvbmx5IG1lbWJlck5hbWU6IHN0cmluZztcblxuICAvKipcbiAgICogTWFuYWdlZCBCbG9ja2NoYWluIG1lbWJlciBkZXNjcmlwdGlvblxuICAgKlxuICAgKiBAZGVmYXVsdCAtIFNldCB0byBtYXRjaCBtZW1iZXIgbmFtZVxuICAgKi9cbiAgcmVhZG9ubHkgbWVtYmVyRGVzY3JpcHRpb24/OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEh5cGVybGVkZ2VyIEZhYnJpYyBmcmFtZXdvcmsgdmVyc2lvblxuICAgKlxuICAgKiBAZGVmYXVsdCAtIEZyYW1ld29ya1ZlcnNpb24uVkVSU0lPTl8xXzRcbiAgICovXG4gIHJlYWRvbmx5IGZyYW1ld29ya1ZlcnNpb24/OiBGcmFtZXdvcmtWZXJzaW9uO1xuXG4gIC8qKlxuICAgKiBNYW5hZ2VkIEJsb2NrY2hhaW4gbmV0d29yayBlZGl0aW9uXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTmV0d29ya0VkaXRpb24uU1RBTkRBUkRcbiAgICovXG4gIHJlYWRvbmx5IG5ldHdvcmtFZGl0aW9uPzogTmV0d29ya0VkaXRpb247XG5cbiAgLyoqXG4gICAqIFRoZSBkdXJhdGlvbiBmcm9tIHRoZSB0aW1lIHRoYXQgYSBwcm9wb3NhbCBpcyBjcmVhdGVkIHVudGlsIGl0IGV4cGlyZXNcbiAgICogQGRlZmF1bHQgLSAyNCBob3Vyc1xuICAgKi9cbiAgcmVhZG9ubHkgcHJvcG9zYWxEdXJhdGlvbkluSG91cnM/OiBudW1iZXI7XG5cbiAgLyoqXG4gICAqIFRoZSBwZXJjZW50YWdlIG9mIHZvdGVzIGFtb25nIGFsbCBtZW1iZXJzIHRoYXQgbXVzdCBiZSB5ZXMgZm9yIGEgcHJvcG9zYWwgdG8gYmUgYXBwcm92ZWRcbiAgICogQGRlZmF1bHQgLSA1MCBwZXJjZW50XG4gICAqL1xuICByZWFkb25seSB0aHJlc2hvbGRQZXJjZW50YWdlPzogbnVtYmVyO1xuXG4gIC8qKlxuICAgKiBEZXRlcm1pbmVzIHdoZXRoZXIgdGhlIHllcyB2b3RlcyBtdXN0IGJlIGdyZWF0ZXIgdGhhbiB0aGUgdGhyZXNob2xkIHBlcmNlbnRhZ2VcbiAgICogb3IgbXVzdCBiZSBncmVhdGVyIHRoYW4gb3IgZXF1YWwgdG8gdGhlIHRocmVob2xkIHBlcmNlbnRhZ2UgdG8gYmUgYXBwcm92ZWRcbiAgICogQGRlZmF1bHQgLSBHUkVBVEVSX1RIQU5cbiAgICovXG4gIHJlYWRvbmx5IHRocmVzaG9sZENvbXBhcmF0b3I/OiBUaHJlc2hvbGRDb21wYXJhdG9yO1xuXG4gIC8qKlxuICAgKiBUaGUgY29uZmlndXJhdGlvbiB0byBlbmFibGUgb3IgZGlzYWJsZSBjZXJ0aWZpY2F0ZSBhdXRob3JpdHkgbG9nZ2luZ1xuICAgKiBAZGVmYXVsdCAtIHRydWVcbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZUNhTG9nZ2luZz86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIExpc3Qgb2Ygbm9kZXMgdG8gY3JlYXRlIG9uIHRoZSBuZXR3b3JrXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gT25lIG5vZGUgd2l0aCBkZWZhdWx0IGNvbmZpZ3VyYXRpb25cbiAgICovXG4gIHJlYWRvbmx5IG5vZGVzPzogQXJyYXk8bm9kZS5IeXBlcmxlZGdlckZhYnJpY05vZGVQcm9wcz47XG5cbiAgLyoqXG4gICAqIFRoZSBDbGllbnQgbmV0d29yayB0byBpbnRlcmFjdCB3aXRoIHRoZSBIeXBlcmxlZGdlciBGYWJyaWMgbmV0d29ya1xuICAgKiBAZGVmYXVsdCAtIENsaWVudCBuZXR3b3JrIHdpdGggRGVmYXVsdCBwcm9wZXJ0aWVzXG4gICAqIChDSURSLWAxMC4wLjAuMC8xNmAgYW5kIHN1Ym5ldHMgb2YgdHlwZSBgUFJJVkFURV9JU09MQVRFRGApXG4gICAqL1xuICByZWFkb25seSBjbGllbnQ/OiBjbGllbnQuSHlwZXJsZWRnZXJGYWJyaWNDbGllbnRQcm9wcztcblxuICAvKipcbiAgICogTGlzdCBvZiB1c2VycyB0byByZWdpc3RlciB3aXRoIEZhYnJpYyBDQVxuICAgKi9cbiAgcmVhZG9ubHkgdXNlcnM/OiBBcnJheTx1c2VyLkh5cGVybGVkZ2VyRmFicmljVXNlclByb3BzPjtcblxufVxuXG5cbi8qKlxuICogQ3JlYXRlcyBhIEh5cGVybGVkZ2VyIEZhYnJpYyBuZXR3b3JrIG9uIEFtYXpvbiBNYW5hZ2VkIEJsb2NrY2hhaW5cbiAqL1xuZXhwb3J0IGNsYXNzIEh5cGVybGVkZ2VyRmFicmljTmV0d29yayBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcblxuICAvKipcbiAgICogTWFuYWdlZCBCbG9ja2NoYWluIG5ldHdvcmsgbmFtZVxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IG5ldHdvcmtOYW1lOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIE1hbmFnZWQgQmxvY2tjaGFpbiBuZXR3b3JrIGRlc2NyaXB0aW9uXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgbmV0d29ya0Rlc2NyaXB0aW9uOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIE1hbmFnZWQgQmxvY2tjaGFpbiBuZXR3b3JrIGlkZW50aWZpZXIgZ2VuZXJhdGVkIG9uIGNvbnN0cnVjdGlvblxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IG5ldHdvcmtJZDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBNYW5hZ2VkIEJsb2NrY2hhaW4gbWVtYmVyIG5hbWVcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBtZW1iZXJOYW1lOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIE1hbmFnZWQgQmxvY2tjaGFpbiBtZW1iZXIgZGVzY3JpcHRpb25cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBtZW1iZXJEZXNjcmlwdGlvbjogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBNYW5hZ2VkIEJsb2NrY2hhaW4gbWVtYmVyIGlkZW50aWZpZXIgZ2VuZXJhdGVkIG9uIGNvbnN0cnVjdGlvblxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IG1lbWJlcklkOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEh5cGVybGVkZ2VyIEZhYnJpYyBmcmFtZXdvcmsgdmVyc2lvblxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGZyYW1ld29ya1ZlcnNpb246IEZyYW1ld29ya1ZlcnNpb247XG5cbiAgLyoqXG4gICAqIE1hbmFnZWQgQmxvY2tjaGFpbiBuZXR3b3JrIGVkaXRpb25cbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBuZXR3b3JrRWRpdGlvbjogTmV0d29ya0VkaXRpb247XG5cbiAgLyoqXG4gICAqIFRoZSBkdXJhdGlvbiBmcm9tIHRoZSB0aW1lIHRoYXQgYSBwcm9wb3NhbCBpcyBjcmVhdGVkIHVudGlsIGl0IGV4cGlyZXNcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBwcm9wb3NhbER1cmF0aW9uSW5Ib3VyczogbnVtYmVyO1xuXG4gIC8qKlxuICAgKiBUaGUgcGVyY2VudGFnZSBvZiB2b3RlcyBhbW9uZyBhbGwgbWVtYmVycyB0aGF0IG11c3QgYmUgeWVzIGZvciBhIHByb3Bvc2FsIHRvIGJlIGFwcHJvdmVkXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgdGhyZXNob2xkUGVyY2VudGFnZTogbnVtYmVyO1xuXG4gIC8qKlxuICAgKiBEZXRlcm1pbmVzIHdoZXRoZXIgdGhlIHllcyB2b3RlcyBtdXN0IGJlIGdyZWF0ZXIgdGhhbiB0aGUgdGhyZXNob2xkIHBlcmNlbnRhZ2VcbiAgICogb3IgbXVzdCBiZSBncmVhdGVyIHRoYW4gb3IgZXF1YWwgdG8gdGhlIHRocmVob2xkIHBlcmNlbnRhZ2UgdG8gYmUgYXBwcm92ZWRcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSB0aHJlc2hvbGRDb21wYXJhdG9yOiBUaHJlc2hvbGRDb21wYXJhdG9yO1xuXG4gIC8qKlxuICAgKiBUaGUgY29uZmlndXJhdGlvbiB0byBlbmFibGUgb3IgZGlzYWJsZSBjZXJ0aWZpY2F0ZSBhdXRob3JpdHkgbG9nZ2luZ1xuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGVuYWJsZUNhTG9nZ2luZzogYm9vbGVhbjtcblxuICAvKipcbiAgICogTWFuYWdlZCBCbG9ja2NoYWluIG5ldHdvcmsgVlBDIGVuZHBvaW50IHNlcnZpY2UgbmFtZVxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHZwY0VuZHBvaW50U2VydmljZU5hbWU6IHN0cmluZztcblxuICAvKipcbiAgICogTWFuYWdlZCBCbG9ja2NoYWluIG5ldHdvcmsgb3JkZXJpbmcgc2VydmljZSBlbmRwb2ludFxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IG9yZGVyZXJFbmRwb2ludDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBNYW5hZ2VkIEJsb2NrY2hhaW4gbWVtYmVyIENBIGVuZHBvaW50XG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgY2FFbmRwb2ludDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBTZWNyZXQgQVJOIGZvciB0aGUgSHlwZXJsZWRnZXIgRmFicmljIGFkbWluIHBhc3N3b3JkXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgYWRtaW5QYXNzd29yZFNlY3JldDogc2VjcmV0c21hbmFnZXIuU2VjcmV0O1xuXG4gIC8qKlxuICAgKiBTZWNyZXQgZm9yIEh5cGVybGVkZ2VyIEZhYnJpYyBhZG1pbiBwcml2YXRlIGtleVxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGFkbWluUHJpdmF0ZUtleVNlY3JldDogc2VjcmV0c21hbmFnZXIuU2VjcmV0O1xuXG4gIC8qKlxuICAgKiBTZWNyZXQgZm9yIEh5cGVybGVkZ2VyIEZhYnJpYyBhZG1pbiBzaWduZWQgY2VydGlmaWNhdGVcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBhZG1pblNpZ25lZENlcnRTZWNyZXQ6IHNlY3JldHNtYW5hZ2VyLlNlY3JldDtcblxuICAvKipcbiAgICogTGlzdCBvZiBub2RlcyBjcmVhdGVkIGluIHRoZSBuZXR3b3JrXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgbm9kZXM6IEFycmF5PG5vZGUuSHlwZXJsZWRnZXJGYWJyaWNOb2RlPjtcblxuICAvKipcbiAgICogVGhlIGNsaWVudCBuZXR3b3JrIHRvIGludGVyYWN0IHdpdGggdGhlIEh5cGVybGVkZ2VyIEZhYnJpYyBuZXR3b3JrXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgY2xpZW50OiBjbGllbnQuSHlwZXJsZWRnZXJGYWJyaWNDbGllbnQ7XG5cbiAgLyoqXG4gICAqIExpc3Qgb2YgdXNlcnMgcmVnaXN0ZXJlZCB3aXRoIENBXG4gICAqL1xuICBwdWJsaWMgcmVhZG9ubHkgdXNlcnM6IEFycmF5PHVzZXIuSHlwZXJsZWRnZXJGYWJyaWNVc2VyPjtcblxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEh5cGVybGVkZ2VyRmFicmljTmV0d29ya1Byb3BzKSB7XG5cbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgLy8gQ29sbGVjdCBtZXRhZGF0YSBvbiB0aGUgc3RhY2tcbiAgICBjb25zdCBwYXJ0aXRpb24gPSBjZGsuU3RhY2sub2YodGhpcykucGFydGl0aW9uO1xuICAgIGNvbnN0IHJlZ2lvbiA9IGNkay5TdGFjay5vZih0aGlzKS5yZWdpb247XG4gICAgY29uc3QgYWNjb3VudCA9IGNkay5TdGFjay5vZih0aGlzKS5hY2NvdW50O1xuXG4gICAgLy8gUG9wdWxhdGUgaW5zdGFuY2UgdmFyaWFibGVzIGZyb20gaW5wdXQgcHJvcGVydGllcywgdXNpbmcgZGVmYXVsdHMgaWYgdmFsdWVzIG5vdCBwcm92aWRlZFxuICAgIHRoaXMubmV0d29ya05hbWUgPSBwcm9wcy5uZXR3b3JrTmFtZTtcbiAgICB0aGlzLm5ldHdvcmtEZXNjcmlwdGlvbiA9IHByb3BzLm5ldHdvcmtEZXNjcmlwdGlvbiA/PyBwcm9wcy5uZXR3b3JrTmFtZTtcbiAgICB0aGlzLm1lbWJlck5hbWUgPSBwcm9wcy5tZW1iZXJOYW1lO1xuICAgIHRoaXMubWVtYmVyRGVzY3JpcHRpb24gPSBwcm9wcy5tZW1iZXJEZXNjcmlwdGlvbiA/PyBwcm9wcy5tZW1iZXJOYW1lO1xuICAgIHRoaXMuZnJhbWV3b3JrVmVyc2lvbiA9IHByb3BzLmZyYW1ld29ya1ZlcnNpb24gPz8gRnJhbWV3b3JrVmVyc2lvbi5WRVJTSU9OXzFfNDtcbiAgICB0aGlzLm5ldHdvcmtFZGl0aW9uID0gcHJvcHMubmV0d29ya0VkaXRpb24gPz8gTmV0d29ya0VkaXRpb24uU1RBTkRBUkQ7XG4gICAgdGhpcy5wcm9wb3NhbER1cmF0aW9uSW5Ib3VycyA9IHByb3BzLnByb3Bvc2FsRHVyYXRpb25JbkhvdXJzID8/IDI0O1xuICAgIHRoaXMudGhyZXNob2xkUGVyY2VudGFnZSA9IHByb3BzLnRocmVzaG9sZFBlcmNlbnRhZ2UgPz8gNTA7XG4gICAgdGhpcy50aHJlc2hvbGRDb21wYXJhdG9yID0gcHJvcHMudGhyZXNob2xkQ29tcGFyYXRvciA/PyBUaHJlc2hvbGRDb21wYXJhdG9yLkdSRUFURVJfVEhBTjtcbiAgICB0aGlzLmVuYWJsZUNhTG9nZ2luZyA9IHByb3BzLmVuYWJsZUNhTG9nZ2luZyA/PyB0cnVlO1xuICAgIHRoaXMudXNlcnMgPSBbXTtcblxuICAgIC8vIEVuc3VyZSB0aGUgcGFyYW1ldGVycyBjYXB0dXJlZCBhYm92ZSBhcmUgdmFsaWQsIHNvIHdlIGRvbid0XG4gICAgLy8gbmVlZCB0byB3YWl0IHVudGlsIGRlcGxveW1lbnQgdGltZSB0byBkaXNjb3ZlciBhbiBlcnJvclxuICAgIHV0aWxpdGllcy52YWxpZGF0ZVJlZ2lvbihyZWdpb24pO1xuICAgIGlmICghdXRpbGl0aWVzLnZhbGlkYXRlU3RyaW5nKHRoaXMubmV0d29ya05hbWUsIDEsIDY0KSkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKCdOZXR3b3JrIG5hbWUgaXMgaW52YWxpZCBvciBub3QgcHJvdmlkZWQuIEl0IGNhbiBiZSB1cCB0byA2NCBjaGFyYWN0ZXJzIGxvbmcuJyk7XG4gICAgfVxuICAgIGlmICghdXRpbGl0aWVzLnZhbGlkYXRlU3RyaW5nKHRoaXMubmV0d29ya0Rlc2NyaXB0aW9uLCAwLCAxMjgpKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ05ldHdvcmsgZGVzY3JpcHRpb24gaXMgaW52YWxpZC4gSXQgY2FuIGJlIHVwIHRvIDEyOCBjaGFyYWN0ZXJzIGxvbmcuJyk7XG4gICAgfVxuICAgIGlmICghdXRpbGl0aWVzLnZhbGlkYXRlU3RyaW5nKHRoaXMubWVtYmVyTmFtZSwgMSwgNjQsIC9eKD8hLXxbMC05XSkoPyEuKi0kKSg/IS4qPy0tKVthLXpBLVowLTktXSskLykpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcignTWVtYmVyIG5hbWUgaXMgaW52YWxpZCBvciBub3QgcHJvdmlkZWQuIEl0IGNhbiBiZSB1cCB0byA2NCBjaGFyYWN0ZXJzIGxvbmcsIGFuZCBjYW4gaGF2ZSBhbHBoYW51bWVyaWMgY2hhcmFjdGVycyBhbmQgaHlwaGVuKHMpLiBJdCBjYW5ub3Qgc3RhcnQgd2l0aCBhIG51bWJlciwgb3Igc3RhcnQgYW5kIGVuZCB3aXRoIGEgaHlwaGVuICgtKSwgb3IgaGF2ZSB0d28gY29uc2VjdXRpdmUgaHlwaGVucy4gVGhlIG1lbWJlciBuYW1lIG11c3QgYWxzbyBiZSB1bmlxdWUgYWNyb3NzIHRoZSBuZXR3b3JrLicpO1xuICAgIH1cbiAgICBpZiAoIXV0aWxpdGllcy52YWxpZGF0ZVN0cmluZyh0aGlzLm1lbWJlckRlc2NyaXB0aW9uLCAwLCAxMjgpKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ01lbWJlciBkZXNjcmlwdGlvbiBpcyBpbnZhbGlkLiBJdCBjYW4gYmUgdXAgdG8gMTI4IGNoYXJhY3RlcnMgbG9uZy4nKTtcbiAgICB9XG4gICAgaWYgKCF1dGlsaXRpZXMudmFsaWRhdGVJbnRlZ2VyKHRoaXMucHJvcG9zYWxEdXJhdGlvbkluSG91cnMsIDEsIDE2OCkpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcignVm90aW5nIHBvbGljeSBwcm9wb3NhbCBkdXJhdGlvbiBtdXN0IGJlIGJldHdlZW4gMSBhbmQgMTY4IGhvdXJzLicpO1xuICAgIH1cbiAgICBpZiAoIXV0aWxpdGllcy52YWxpZGF0ZUludGVnZXIodGhpcy50aHJlc2hvbGRQZXJjZW50YWdlLCAwLCAxMDApKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ1ZvdGluZyBwb2xpY3kgdGhyZXNob2xkIHBlcmNlbnRhZ2UgbXVzdCBiZSBiZXR3ZWVuIDAgYW5kIDEwMC4nKTtcbiAgICB9XG5cbiAgICAvLyBFbnN1cmUgdGhlIHVzZXIgYWZmaWxpYXRpb24gaW5jbHVkZXMgdGhlIG1lbWJlciBuYW1lLFxuICAgIC8vIGlmIHRoZSB1c2VyIGxpc3QgZm9yIHJlZ2lzdHJhdGlvbiBpcyBwcm92aWRlZFxuICAgIGlmIChwcm9wcy51c2Vycykge1xuICAgICAgcHJvcHMudXNlcnMuZm9yRWFjaChlID0+IHtcbiAgICAgICAgaWYgKCFlLmFmZmlsaXRhdGlvbi5zdGFydHNXaXRoKHRoaXMubWVtYmVyTmFtZSkpIHRocm93IG5ldyBFcnJvcignVXNlciBhZmZpbGlhdGlvbiBpcyBpbnZhbGlkLiBBZmZpbGlhdGlvbiBzaG91bGQgc3RhcnQgd2l0aCBNZW1iZXIgbmFtZScpO1xuICAgICAgfSk7XG4gICAgfVxuXG4gICAgLy8gUGVyIHRoZSBNYW5hZ2VkIEJsb2NrY2hhaW4gZG9jdW1lbnRhdGlvbiwgdGhlIGFkbWluIHBhc3N3b3JkIG11c3QgYmUgYXQgbGVhc3QgZWlnaHRcbiAgICAvLyBjaGFyYWN0ZXJzIGxvbmcgYW5kIG5vIG1vcmUgdGhhbiAzMiBjaGFyYWN0ZXJzLiBJdCBtdXN0IGNvbnRhaW4gYXQgbGVhc3Qgb25lIHVwcGVyY2FzZVxuICAgIC8vIGxldHRlciwgb25lIGxvd2VyY2FzZSBsZXR0ZXIsIGFuZCBvbmUgZGlnaXQuIEl0IGNhbm5vdCBoYXZlIGEgc2luZ2xlIHF1b3RhdGlvbiBtYXJrICjigJgpLFxuICAgIC8vIGEgZG91YmxlIHF1b3RhdGlvbiBtYXJrcyAo4oCcKSwgYSBmb3J3YXJkIHNsYXNoKC8pLCBhIGJhY2t3YXJkIHNsYXNoKFxcKSwgQCwgb3IgYSBzcGFjZTtcbiAgICAvLyBzZXZlcmFsIG90aGVyIGNoYXJhY3RlcnMgYXJlIGV4bHVkZWQgaGVyZSB0byBtYWtlIHRoZSBwYXNzd29yZCBlYXNpZXIgdG8gdXNlIGluIHNjcmlwdHNcbiAgICBjb25zdCBwYXNzd29yZFJlcXVpcmVtZW50cyA9IHtcbiAgICAgIHBhc3N3b3JkTGVuZ3RoOiAzMixcbiAgICAgIHJlcXVpcmVFYWNoSW5jbHVkZWRUeXBlOiB0cnVlLFxuICAgICAgZXhjbHVkZUNoYXJhY3RlcnM6ICdcXCdcIi9cXFxcQCAme308Pip8JyxcbiAgICB9O1xuICAgIHRoaXMuYWRtaW5QYXNzd29yZFNlY3JldCA9IG5ldyBzZWNyZXRzbWFuYWdlci5TZWNyZXQodGhpcywgJ0FkbWluUGFzc3dvcmQnLCB7IGdlbmVyYXRlU2VjcmV0U3RyaW5nOiBwYXNzd29yZFJlcXVpcmVtZW50cyB9KTtcblxuICAgIC8vIFRoZSBpbml0aWFsbHkgZW5yb2xsZWQgYWRtaW4gdXNlciBjcmVkZW50aWFscyB3aWxsIGJlIHN0b3JlZCBpbiB0aGVzZSBzZWNyZXRzXG4gICAgdGhpcy5hZG1pblByaXZhdGVLZXlTZWNyZXQgPSBuZXcgc2VjcmV0c21hbmFnZXIuU2VjcmV0KHRoaXMsICdBZG1pblByaXZhdGVLZXknKTtcbiAgICB0aGlzLmFkbWluU2lnbmVkQ2VydFNlY3JldCA9IG5ldyBzZWNyZXRzbWFuYWdlci5TZWNyZXQodGhpcywgJ0FkbWluU2lnbmVkQ2VydCcpO1xuXG4gICAgLy8gQnVpbGQgb3V0IHRoZSBDbG91ZGZvcm1hdGlvbiBjb25zdHJ1Y3QgZm9yIHRoZSBuZXR3b3JrL21lbWJlclxuICAgIGNvbnN0IG5ldHdvcmtDb25maWd1cmF0aW9uID0ge1xuICAgICAgbmFtZTogdGhpcy5uZXR3b3JrTmFtZSxcbiAgICAgIGRlc2NyaXB0aW9uOiB0aGlzLm5ldHdvcmtEZXNjcmlwdGlvbixcbiAgICAgIGZyYW1ld29yazogJ0hZUEVSTEVER0VSX0ZBQlJJQycsXG4gICAgICBmcmFtZXdvcmtWZXJzaW9uOiB0aGlzLmZyYW1ld29ya1ZlcnNpb24sXG4gICAgICBuZXR3b3JrRnJhbWV3b3JrQ29uZmlndXJhdGlvbjoge1xuICAgICAgICBuZXR3b3JrRmFicmljQ29uZmlndXJhdGlvbjoge1xuICAgICAgICAgIGVkaXRpb246IHRoaXMubmV0d29ya0VkaXRpb24sXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgICAgdm90aW5nUG9saWN5OiB7XG4gICAgICAgIGFwcHJvdmFsVGhyZXNob2xkUG9saWN5OiB7XG4gICAgICAgICAgcHJvcG9zYWxEdXJhdGlvbkluSG91cnM6IHRoaXMucHJvcG9zYWxEdXJhdGlvbkluSG91cnMsXG4gICAgICAgICAgdGhyZXNob2xkUGVyY2VudGFnZTogdGhpcy50aHJlc2hvbGRQZXJjZW50YWdlLFxuICAgICAgICAgIHRocmVzaG9sZENvbXBhcmF0b3I6IHRoaXMudGhyZXNob2xkQ29tcGFyYXRvcixcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfTtcblxuICAgIC8vIE5vdGUgdGhlIHVzZSBvZiB0aGUgdW53cmFwIGJlbG93IGlzIHRoZSBvbmx5IHBvc3NpYmxlIHdheSB0byBnZXRcbiAgICAvLyB0aGUgc2VjcmV0IHZhbHVlIGludG8gdGhlIENsb3VkRm9ybWF0aW9uOyBpdCB3aWxsIHN0aWxsIG5vdCBkaXJlY3RseVxuICAgIC8vIGJlIGluY2x1ZGVkIGluIHRoZSBzeW50aGVzaXplZCB0ZW1wbGF0ZSBzbyB1c2FnZSBoZXJlIGlzIHN0aWxsIHNhZmVcbiAgICBjb25zdCBtZW1iZXJDb25maWd1cmF0aW9uID0ge1xuICAgICAgbmFtZTogdGhpcy5tZW1iZXJOYW1lLFxuICAgICAgZGVzY3JpcHRpb246IHRoaXMubWVtYmVyRGVzY3JpcHRpb24sXG4gICAgICBtZW1iZXJGcmFtZXdvcmtDb25maWd1cmF0aW9uOiB7XG4gICAgICAgIG1lbWJlckZhYnJpY0NvbmZpZ3VyYXRpb246IHtcbiAgICAgICAgICBhZG1pblVzZXJuYW1lOiAnYWRtaW4nLFxuICAgICAgICAgIGFkbWluUGFzc3dvcmQ6IHRoaXMuYWRtaW5QYXNzd29yZFNlY3JldC5zZWNyZXRWYWx1ZS51bnNhZmVVbndyYXAoKSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfTtcbiAgICBjb25zdCBuZXR3b3JrID0gbmV3IG1hbmFnZWRibG9ja2NoYWluLkNmbk1lbWJlcih0aGlzLCAnTmV0d29yaycsIHsgbmV0d29ya0NvbmZpZ3VyYXRpb24sIG1lbWJlckNvbmZpZ3VyYXRpb24gfSk7XG5cbiAgICAvLyBDYXB0dXJlIGRhdGEgaW5jbHVkZWQgaW4gdGhlIENsb3VkZm9ybWF0aW9uIG91dHB1dCBpbiBpbnN0YW5jZSB2YXJpYWJsZXNcbiAgICB0aGlzLm5ldHdvcmtJZCA9IG5ldHdvcmsuZ2V0QXR0KCdOZXR3b3JrSWQnKS50b1N0cmluZygpO1xuICAgIHRoaXMubWVtYmVySWQgPSBuZXR3b3JrLmdldEF0dCgnTWVtYmVySWQnKS50b1N0cmluZygpO1xuXG4gICAgLy8gQnVpbGQgb3V0IHRoZSBhc3NvY2lhdGVkIG5vZGUgY29uc3RydWN0c1xuICAgIHRoaXMubm9kZXMgPSBub2RlLkh5cGVybGVkZ2VyRmFicmljTm9kZS5jb25zdHJ1Y3ROb2Rlcyh0aGlzLCBwcm9wcy5ub2Rlcyk7XG5cbiAgICAvLyBEdWUgdG8gYSByYWNlIGNvbmRpdGlvbiBpbiBDREsgY3VzdG9tIHJlc291cmNlcyAoaHR0cHM6Ly9naXRodWIuY29tL2F3cy9hd3MtY2RrL2lzc3Vlcy8xODIzNyksXG4gICAgLy8gdGhlIG5lY2Vzc2FyeSBwZXJtaXNzaW9ucyBmb3IgYWxsIFNESyBjYWxscyBpbiB0aGUgc3RhY2sgbmVlZCB0byBiZSBhZGRlZCBoZXJlLCBldmVuIHRob3VnaFxuICAgIC8vIHRoZSBjYWxscyBpbiB0aGlzIGNvbnN0cnVjdCBkb24ndCBuZWVkIGFjY2VzcyB0byB0aGUgbm9kZXM7IHRoaXMgYWxzbyBtZWFucyBub2RlIGNvbnN0cnVjdHNcbiAgICAvLyBjYW4ndCBwb3B1bGF0ZSB0aGVpciBvdXRwdXRzIGZ1bGx5IHVudGlsIGxhdGVyLCB3aGljaCBpcyBhbm5veWluZ1xuICAgIGNvbnN0IG5vZGVJZHMgPSB0aGlzLm5vZGVzLm1hcChuID0+IG4ubm9kZUlkKTtcbiAgICBjb25zdCBub2RlQXJucyA9IG5vZGVJZHMubWFwKGkgPT4gYGFybjoke3BhcnRpdGlvbn06bWFuYWdlZGJsb2NrY2hhaW46JHtyZWdpb259OiR7YWNjb3VudH06bm9kZXMvJHtpfWApO1xuICAgIGNvbnN0IHNka0NhbGxQb2xpY3kgPSBjdXN0b21yZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVNka0NhbGxzKHtcbiAgICAgIHJlc291cmNlczogW1xuICAgICAgICBgYXJuOiR7cGFydGl0aW9ufTptYW5hZ2VkYmxvY2tjaGFpbjoke3JlZ2lvbn06Om5ldHdvcmtzLyR7dGhpcy5uZXR3b3JrSWR9YCxcbiAgICAgICAgYGFybjoke3BhcnRpdGlvbn06bWFuYWdlZGJsb2NrY2hhaW46JHtyZWdpb259OiR7YWNjb3VudH06bWVtYmVycy8ke3RoaXMubWVtYmVySWR9YCxcbiAgICAgICAgLi4ubm9kZUFybnMsXG4gICAgICBdLFxuICAgIH0pO1xuXG4gICAgLy8gQ2xvdWRmb3JtYXRpb24gZG9lc24ndCBpbmNsdWRlIGFsbCB0aGUgbmV0d29yayBhbmQgbWVtYmVyIGF0dHJpYnV0ZXNcbiAgICAvLyBuZWVkZWQgdG8gdXNlIEh5cGVybGVkZ2VyIEZhYnJpYywgc28gdXNlIFNESyBjYWxscyB0byBmZXRjaCBzYWlkIGRhdGFcbiAgICBjb25zdCBuZXR3b3JrRGF0YVNka0NhbGwgPSB7XG4gICAgICBzZXJ2aWNlOiAnTWFuYWdlZEJsb2NrY2hhaW4nLFxuICAgICAgYWN0aW9uOiAnZ2V0TmV0d29yaycsXG4gICAgICBwYXJhbWV0ZXJzOiB7IE5ldHdvcmtJZDogdGhpcy5uZXR3b3JrSWQgfSxcbiAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogY3VzdG9tcmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZignSWQnKSxcbiAgICB9O1xuICAgIGNvbnN0IG1lbWJlckRhdGFTZGtDYWxsID0ge1xuICAgICAgc2VydmljZTogJ01hbmFnZWRCbG9ja2NoYWluJyxcbiAgICAgIGFjdGlvbjogJ2dldE1lbWJlcicsXG4gICAgICBwYXJhbWV0ZXJzOiB7IE5ldHdvcmtJZDogdGhpcy5uZXR3b3JrSWQsIE1lbWJlcklkOiB0aGlzLm1lbWJlcklkIH0sXG4gICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IGN1c3RvbXJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoJ0lkJyksXG4gICAgfTtcblxuICAgIC8vIERhdGEgaXRlbXMgbmVlZCBmZXRjaGluZyBvbiBjcmVhdGlvbiBhbmQgdXBkYXRpbmc7IG5vdGhpbmcgbmVlZHMgZG9pbmcgb24gZGVsZXRpb25cbiAgICBjb25zdCBuZXR3b3JrRGF0YSA9IG5ldyBjdXN0b21yZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2UodGhpcywgJ05ldHdvcmtEYXRhUmVzb3VyY2UnLCB7XG4gICAgICBwb2xpY3k6IHNka0NhbGxQb2xpY3ksXG4gICAgICBvbkNyZWF0ZTogbmV0d29ya0RhdGFTZGtDYWxsLFxuICAgICAgb25VcGRhdGU6IG5ldHdvcmtEYXRhU2RrQ2FsbCxcbiAgICB9KTtcbiAgICBjb25zdCBtZW1iZXJEYXRhID0gbmV3IGN1c3RvbXJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZSh0aGlzLCAnTWVtYmVyRGF0YVJlc291cmNlJywge1xuICAgICAgcG9saWN5OiBzZGtDYWxsUG9saWN5LFxuICAgICAgb25DcmVhdGU6IG1lbWJlckRhdGFTZGtDYWxsLFxuICAgICAgb25VcGRhdGU6IG1lbWJlckRhdGFTZGtDYWxsLFxuICAgIH0pO1xuXG4gICAgLy8gQ2xvdWRmb3JtYXRpb24gZG9lc24ndCBpbmNsdWRlIGxvZ2dpbmcgY29uZmlndXJhdGlvbiBzbyB1c2UgU0RLIGNhbGwgdG8gZG8gc29cbiAgICBjb25zdCBsb2dDb25maWd1cmF0aW9uID0ge1xuICAgICAgRmFicmljOiB7IENhTG9nczogeyBDbG91ZHdhdGNoOiB7IEVuYWJsZWQ6IHRoaXMuZW5hYmxlQ2FMb2dnaW5nIH0gfSB9LFxuICAgIH07XG4gICAgY29uc3QgY29uZmlndXJlQ2FMb2dTZGtDYWxsID0ge1xuICAgICAgc2VydmljZTogJ01hbmFnZWRCbG9ja2NoYWluJyxcbiAgICAgIGFjdGlvbjogJ3VwZGF0ZU1lbWJlcicsXG4gICAgICBwYXJhbWV0ZXJzOiB7IE5ldHdvcmtJZDogdGhpcy5uZXR3b3JrSWQsIE1lbWJlcklkOiB0aGlzLm1lbWJlcklkLCBMb2dQdWJsaXNoaW5nQ29uZmlndXJhdGlvbjogbG9nQ29uZmlndXJhdGlvbiB9LFxuICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBjdXN0b21yZXNvdXJjZXMuUGh5c2ljYWxSZXNvdXJjZUlkLm9mKCdJZCcpLFxuICAgIH07XG4gICAgbmV3IGN1c3RvbXJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZSh0aGlzLCAnQ29uZmlndXJlQ2FMb2dSZXNvdXJjZScsIHtcbiAgICAgIHBvbGljeTogc2RrQ2FsbFBvbGljeSxcbiAgICAgIG9uQ3JlYXRlOiBjb25maWd1cmVDYUxvZ1Nka0NhbGwsXG4gICAgICBvblVwZGF0ZTogY29uZmlndXJlQ2FMb2dTZGtDYWxsLFxuICAgIH0pO1xuXG4gICAgLy8gR3JhYiBpdGVtcyBvdXQgb2YgdGhlIGFib3ZlIHJldHVybiB2YWx1ZXMgYW5kIHN0aWNrIHRoZW0gaW4gb3V0cHV0IHByb3BlcnRpZXNcbiAgICB0aGlzLnZwY0VuZHBvaW50U2VydmljZU5hbWUgPSBuZXR3b3JrRGF0YS5nZXRSZXNwb25zZUZpZWxkKCdOZXR3b3JrLlZwY0VuZHBvaW50U2VydmljZU5hbWUnKTtcbiAgICB0aGlzLm9yZGVyZXJFbmRwb2ludCA9IG5ldHdvcmtEYXRhLmdldFJlc3BvbnNlRmllbGQoJ05ldHdvcmsuRnJhbWV3b3JrQXR0cmlidXRlcy5GYWJyaWMuT3JkZXJpbmdTZXJ2aWNlRW5kcG9pbnQnKTtcbiAgICB0aGlzLmNhRW5kcG9pbnQgPSBtZW1iZXJEYXRhLmdldFJlc3BvbnNlRmllbGQoJ01lbWJlci5GcmFtZXdvcmtBdHRyaWJ1dGVzLkZhYnJpYy5DYUVuZHBvaW50Jyk7XG5cbiAgICAvLyBBcyBzdGF0ZWQgZWFybGllciwgbm9kZSBjb25zdHJ1Y3RzIGNhbid0IHBvcHVsYXRlIGFsbCB0aGVpciBwcm9wZXJ0aWVzXG4gICAgLy8gdW50aWwgYWZ0ZXIgdGhlIGFib3ZlIG5ldHdvcmsgYW5kIG1lbWJlciBTREsgY2FsbHMgc3VjY2VlZDsgdGh1cyB0aGVcbiAgICAvLyBmdW5jdGlvbiBjYWxscyBiZWxvdyB3aGVyZSBmZXRjaGVzIGFyZSBzcGxpdCBvdXQgYW5kIGxvZ2dpbmcgaXMgY29uZmlndXJlZFxuICAgIGZvciAoY29uc3QgbiBvZiB0aGlzLm5vZGVzKSB7XG4gICAgICBuLmNvbmZpZ3VyZUxvZ2dpbmcoc2RrQ2FsbFBvbGljeSk7XG4gICAgICBuLmZldGNoRGF0YShzZGtDYWxsUG9saWN5KTtcbiAgICB9XG5cbiAgICAvLyBCdWlsZCBvdXQgdGhlIGNsaWVudCBWUEMgY29uc3RydWN0XG4gICAgdGhpcy5jbGllbnQgPSBuZXcgY2xpZW50Lkh5cGVybGVkZ2VyRmFicmljQ2xpZW50KHRoaXMsICdOZXR3b3JrQ2xpZW50JywgcHJvcHMuY2xpZW50KTtcblxuICAgIC8vIEJ1aWxkIG91dCBhbGwgdGhlIGN1c3RvbSByZXNvdXJjZXMgdG8gcmVnaXN0ZXIgYW5kIGVucm9sbCBpZGVudGl0aWVzIHRvIENBXG4gICAgY29uc3QgaWRlbnRpdHlSZXNvdXJjZXMgPSBuZXcgaWRlbnRpdHkuSHlwZXJsZWRnZXJGYWJyaWNJZGVudGl0eSh0aGlzLCAnSWRlbnRpdHknKTtcblxuICAgIC8vIEVucm9sbCB0aGUgYWRtaW5pc3RyYXRvciBhbmQgc3RvcmUgaXRzIGNyZWRlbnRpYWxzIG9uIFNlY3JldHMgTWFuYWdlclxuICAgIG5ldyBjZGsuQ3VzdG9tUmVzb3VyY2UodGhpcywgJ0FkbWluQ3VzdG9tUmVzb3VyY2UnLCB7IHNlcnZpY2VUb2tlbjogaWRlbnRpdHlSZXNvdXJjZXMuYWRtaW5Qcm92aWRlci5zZXJ2aWNlVG9rZW4gfSk7XG5cbiAgICAvLyBSZWdpc3RlciBhbmQgZW5yb2xsIHVzZXJzLCBpZiBwcm92aWRlZFxuICAgIGlmIChwcm9wcy51c2VycykgdGhpcy51c2VycyA9IEFycmF5LmZyb20ocHJvcHMudXNlcnMuZW50cmllcygpKS5tYXAoZSA9PiBuZXcgdXNlci5IeXBlcmxlZGdlckZhYnJpY1VzZXIodGhpcywgYFVzZXIke2VbMF19YCwgZVsxXSkpO1xuICB9XG5cbn1cbiJdfQ==