npm - @cloudsnorkel/cdk-github-runners - Versions diffs - 0.9.3 → 0.9.5 - Mend

@cloudsnorkel/cdk-github-runners 0.9.3 → 0.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (151) hide show

package/lib/setup-function.js ADDED Viewed

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SetupFunction = void 0;
+// ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen".
+const path = require("path");
+const lambda = require("aws-cdk-lib/aws-lambda");
+/**
+ * An AWS Lambda function which executes src/setup.
+ */
+class SetupFunction extends lambda.Function {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            description: 'src/setup.lambda.ts',
+            ...props,
+            runtime: new lambda.Runtime('nodejs16.x', lambda.RuntimeFamily.NODEJS),
+            handler: 'index.handler',
+            code: lambda.Code.fromAsset(path.join(__dirname, '../assets/setup.lambda')),
+        });
+        this.addEnvironment('AWS_NODEJS_CONNECTION_REUSE_ENABLED', '1', { removeInEdge: true });
+    }
+}
+exports.SetupFunction = SetupFunction;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2V0dXAtZnVuY3Rpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc2V0dXAtZnVuY3Rpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkVBQTZFO0FBQzdFLDZCQUE2QjtBQUM3QixpREFBaUQ7QUFTakQ7O0dBRUc7QUFDSCxNQUFhLGFBQWMsU0FBUSxNQUFNLENBQUMsUUFBUTtJQUNoRCxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQTBCO1FBQ2xFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsV0FBVyxFQUFFLHFCQUFxQjtZQUNsQyxHQUFHLEtBQUs7WUFDUixPQUFPLEVBQUUsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLFlBQVksRUFBRSxNQUFNLENBQUMsYUFBYSxDQUFDLE1BQU0sQ0FBQztZQUN0RSxPQUFPLEVBQUUsZUFBZTtZQUN4QixJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsd0JBQXdCLENBQUMsQ0FBQztTQUM1RSxDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsY0FBYyxDQUFDLHFDQUFxQyxFQUFFLEdBQUcsRUFBRSxFQUFFLFlBQVksRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQzFGLENBQUM7Q0FDRjtBQVhELHNDQVdDIiwic291cmNlc0NvbnRlbnQiOlsiLy8gfn4gR2VuZXJhdGVkIGJ5IHByb2plbi4gVG8gbW9kaWZ5LCBlZGl0IC5wcm9qZW5yYy5qcyBhbmQgcnVuIFwibnB4IHByb2plblwiLlxuaW1wb3J0ICogYXMgcGF0aCBmcm9tICdwYXRoJztcbmltcG9ydCAqIGFzIGxhbWJkYSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtbGFtYmRhJztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuXG4vKipcbiAqIFByb3BzIGZvciBTZXR1cEZ1bmN0aW9uXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgU2V0dXBGdW5jdGlvblByb3BzIGV4dGVuZHMgbGFtYmRhLkZ1bmN0aW9uT3B0aW9ucyB7XG59XG5cbi8qKlxuICogQW4gQVdTIExhbWJkYSBmdW5jdGlvbiB3aGljaCBleGVjdXRlcyBzcmMvc2V0dXAuXG4gKi9cbmV4cG9ydCBjbGFzcyBTZXR1cEZ1bmN0aW9uIGV4dGVuZHMgbGFtYmRhLkZ1bmN0aW9uIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBTZXR1cEZ1bmN0aW9uUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIGRlc2NyaXB0aW9uOiAnc3JjL3NldHVwLmxhbWJkYS50cycsXG4gICAgICAuLi5wcm9wcyxcbiAgICAgIHJ1bnRpbWU6IG5ldyBsYW1iZGEuUnVudGltZSgnbm9kZWpzMTYueCcsIGxhbWJkYS5SdW50aW1lRmFtaWx5Lk5PREVKUyksXG4gICAgICBoYW5kbGVyOiAnaW5kZXguaGFuZGxlcicsXG4gICAgICBjb2RlOiBsYW1iZGEuQ29kZS5mcm9tQXNzZXQocGF0aC5qb2luKF9fZGlybmFtZSwgJy4uL2Fzc2V0cy9zZXR1cC5sYW1iZGEnKSksXG4gICAgfSk7XG4gICAgdGhpcy5hZGRFbnZpcm9ubWVudCgnQVdTX05PREVKU19DT05ORUNUSU9OX1JFVVNFX0VOQUJMRUQnLCAnMScsIHsgcmVtb3ZlSW5FZGdlOiB0cnVlIH0pO1xuICB9XG59Il19

package/lib/setup.lambda.js ADDED Viewed

@@ -0,0 +1,152 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/* eslint-disable import/no-extraneous-dependencies */
+const crypto = require("crypto");
+const fs = require("fs");
+const rest_1 = require("@octokit/rest");
+const github_1 = require("./github");
+const lambda_helpers_1 = require("./lambda-helpers");
+const nonce = crypto.randomBytes(64).toString('hex');
+function getHtml(baseUrl, token, domain) {
+    return fs.readFileSync('index.html', 'utf-8')
+        .replace(/INSERT_WEBHOOK_URL_HERE/g, process.env.WEBHOOK_URL)
+        .replace(/INSERT_BASE_URL_HERE/g, baseUrl)
+        .replace(/INSERT_TOKEN_HERE/g, token)
+        .replace(/INSERT_SECRET_ARN_HERE/g, process.env.SETUP_SECRET_ARN)
+        .replace(/INSERT_DOMAIN_HERE/g, domain)
+        .replace(/<script/g, `<script nonce="${nonce}"`)
+        .replace(/<style/g, `<style nonce="${nonce}"`);
+}
+function response(code, body) {
+    return {
+        statusCode: code,
+        headers: {
+            'Content-Type': 'text/html',
+            'Content-Security-Policy': `default-src 'unsafe-inline' 'nonce-${nonce}'; img-src data:; connect-src 'self'; form-action https:; frame-ancestors 'none'; object-src 'none'; base-uri 'self'`,
+        },
+        body: body,
+    };
+}
+async function handleRoot(event, setupToken) {
+    const stage = event.requestContext.stage == '$default' ? '' : `/${event.requestContext.stage}`;
+    const setupBaseUrl = `https://${event.requestContext.domainName}${stage}`;
+    const githubSecrets = await (0, lambda_helpers_1.getSecretJsonValue)(process.env.GITHUB_SECRET_ARN);
+    return response(200, getHtml(setupBaseUrl, setupToken, githubSecrets.domain));
+}
+function decodeBody(event) {
+    let body = event.body;
+    if (!body) {
+        throw new Error('No body found');
+    }
+    if (event.isBase64Encoded) {
+        body = Buffer.from(body, 'base64').toString('utf-8');
+    }
+    return JSON.parse(body);
+}
+async function handleDomain(event) {
+    const body = decodeBody(event);
+    if (!body.domain) {
+        return response(400, 'Invalid domain');
+    }
+    const githubSecrets = await (0, lambda_helpers_1.getSecretJsonValue)(process.env.GITHUB_SECRET_ARN);
+    githubSecrets.domain = body.domain;
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.GITHUB_SECRET_ARN, JSON.stringify(githubSecrets));
+    return response(200, 'Domain set');
+}
+async function handlePat(event) {
+    const body = decodeBody(event);
+    if (!body.pat || !body.domain) {
+        return response(400, 'Invalid personal access token');
+    }
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.GITHUB_SECRET_ARN, JSON.stringify({
+        domain: body.domain,
+        appId: '',
+        personalAuthToken: body.pat,
+    }));
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.SETUP_SECRET_ARN, JSON.stringify({ token: '' }));
+    return response(200, 'Personal access token set');
+}
+async function handleNewApp(event) {
+    if (!event.queryStringParameters) {
+        return response(400, 'Invalid code');
+    }
+    const code = event.queryStringParameters.code;
+    if (!code) {
+        return response(400, 'Invalid code');
+    }
+    const githubSecrets = await (0, lambda_helpers_1.getSecretJsonValue)(process.env.GITHUB_SECRET_ARN);
+    const baseUrl = (0, github_1.baseUrlFromDomain)(githubSecrets.domain);
+    const newApp = await new rest_1.Octokit({ baseUrl }).rest.apps.createFromManifest({ code });
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.GITHUB_SECRET_ARN, JSON.stringify({
+        domain: new URL(newApp.data.html_url).host,
+        appId: newApp.data.id,
+        personalAuthToken: '',
+    }));
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.GITHUB_PRIVATE_KEY_SECRET_ARN, newApp.data.pem);
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.WEBHOOK_SECRET_ARN, JSON.stringify({
+        webhookSecret: newApp.data.webhook_secret,
+    }));
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.SETUP_SECRET_ARN, JSON.stringify({ token: '' }));
+    return response(200, `New app set. <a href="${newApp.data.html_url}/installations/new">Install it</a> for your repositories.`);
+}
+async function handleExistingApp(event) {
+    const body = decodeBody(event);
+    if (!body.appid || !body.pk || !body.domain) {
+        return response(400, 'Missing fields');
+    }
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.GITHUB_SECRET_ARN, JSON.stringify({
+        domain: body.domain,
+        appId: body.appid,
+        personalAuthToken: '',
+    }));
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.GITHUB_PRIVATE_KEY_SECRET_ARN, body.pk);
+    await (0, lambda_helpers_1.updateSecretValue)(process.env.SETUP_SECRET_ARN, JSON.stringify({ token: '' }));
+    return response(200, 'Existing app set. Don\'t forget to set up the webhook.');
+}
+exports.handler = async function (event) {
+    // confirm required environment variables
+    if (!process.env.WEBHOOK_URL) {
+        throw new Error('Missing environment variables');
+    }
+    const setupToken = (await (0, lambda_helpers_1.getSecretJsonValue)(process.env.SETUP_SECRET_ARN)).token;
+    // bail out if setup was already completed
+    if (!setupToken) {
+        return response(200, 'Setup already complete. Put a new token in the setup secret if you want to redo it.');
+    }
+    if (!event.queryStringParameters) {
+        return response(403, 'Wrong setup token.');
+    }
+    // safely confirm url token matches our secret
+    const urlToken = event.queryStringParameters.token || event.queryStringParameters.state || '';
+    if (urlToken.length != setupToken.length || !crypto.timingSafeEqual(Buffer.from(urlToken, 'utf-8'), Buffer.from(setupToken, 'utf-8'))) {
+        return response(403, 'Wrong setup token.');
+    }
+    // handle requests
+    try {
+        const path = event.path ?? event.rawPath;
+        const method = event.httpMethod ?? event.requestContext.http.method;
+        if (path == '/') {
+            return await handleRoot(event, setupToken);
+        }
+        else if (path == '/domain' && method == 'POST') {
+            return await handleDomain(event);
+        }
+        else if (path == '/pat' && method == 'POST') {
+            return await handlePat(event);
+        }
+        else if (path == '/complete-new-app' && method == 'GET') {
+            return await handleNewApp(event);
+        }
+        else if (path == '/app' && method == 'POST') {
+            return await handleExistingApp(event);
+        }
+        else {
+            return response(404, 'Not found');
+        }
+    }
+    catch (e) {
+        console.error(e);
+        return response(500, `<b>Error:</b> ${e}`);
+    }
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2V0dXAubGFtYmRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3NldHVwLmxhbWJkYS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLHNEQUFzRDtBQUN0RCxpQ0FBaUM7QUFDakMseUJBQXlCO0FBQ3pCLHdDQUF3QztBQUd4QyxxQ0FBNkM7QUFDN0MscURBQXlFO0FBSXpFLE1BQU0sS0FBSyxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO0FBRXJELFNBQVMsT0FBTyxDQUFDLE9BQWUsRUFBRSxLQUFhLEVBQUUsTUFBYztJQUM3RCxPQUFPLEVBQUUsQ0FBQyxZQUFZLENBQUMsWUFBWSxFQUFFLE9BQU8sQ0FBQztTQUMxQyxPQUFPLENBQUMsMEJBQTBCLEVBQUUsT0FBTyxDQUFDLEdBQUcsQ0FBQyxXQUFZLENBQUM7U0FDN0QsT0FBTyxDQUFDLHVCQUF1QixFQUFFLE9BQU8sQ0FBQztTQUN6QyxPQUFPLENBQUMsb0JBQW9CLEVBQUUsS0FBSyxDQUFDO1NBQ3BDLE9BQU8sQ0FBQyx5QkFBeUIsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLGdCQUFpQixDQUFDO1NBQ2pFLE9BQU8sQ0FBQyxxQkFBcUIsRUFBRSxNQUFNLENBQUM7U0FDdEMsT0FBTyxDQUFDLFVBQVUsRUFBRSxrQkFBa0IsS0FBSyxHQUFHLENBQUM7U0FDL0MsT0FBTyxDQUFDLFNBQVMsRUFBRSxpQkFBaUIsS0FBSyxHQUFHLENBQUMsQ0FBQztBQUNuRCxDQUFDO0FBRUQsU0FBUyxRQUFRLENBQUMsSUFBWSxFQUFFLElBQVk7SUFDMUMsT0FBTztRQUNMLFVBQVUsRUFBRSxJQUFJO1FBQ2hCLE9BQU8sRUFBRTtZQUNQLGNBQWMsRUFBRSxXQUFXO1lBQzNCLHlCQUF5QixFQUFFLHNDQUFzQyxLQUFLLHNIQUFzSDtTQUM3TDtRQUNELElBQUksRUFBRSxJQUFJO0tBQ1gsQ0FBQztBQUNKLENBQUM7QUFFRCxLQUFLLFVBQVUsVUFBVSxDQUFDLEtBQXNCLEVBQUUsVUFBa0I7SUFDbEUsTUFBTSxLQUFLLEdBQUcsS0FBSyxDQUFDLGNBQWMsQ0FBQyxLQUFLLElBQUksVUFBVSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksS0FBSyxDQUFDLGNBQWMsQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUMvRixNQUFNLFlBQVksR0FBRyxXQUFXLEtBQUssQ0FBQyxjQUFjLENBQUMsVUFBVSxHQUFHLEtBQUssRUFBRSxDQUFDO0lBQzFFLE1BQU0sYUFBYSxHQUFHLE1BQU0sSUFBQSxtQ0FBa0IsRUFBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFFOUUsT0FBTyxRQUFRLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxZQUFZLEVBQUUsVUFBVSxFQUFFLGFBQWEsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO0FBQ2hGLENBQUM7QUFFRCxTQUFTLFVBQVUsQ0FBQyxLQUFzQjtJQUN4QyxJQUFJLElBQUksR0FBRyxLQUFLLENBQUMsSUFBSSxDQUFDO0lBQ3RCLElBQUksQ0FBQyxJQUFJLEVBQUU7UUFDVCxNQUFNLElBQUksS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO0tBQ2xDO0lBQ0QsSUFBSSxLQUFLLENBQUMsZUFBZSxFQUFFO1FBQ3pCLElBQUksR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxRQUFRLENBQUMsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUM7S0FDdEQ7SUFDRCxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDMUIsQ0FBQztBQUVELEtBQUssVUFBVSxZQUFZLENBQUMsS0FBc0I7SUFDaEQsTUFBTSxJQUFJLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQy9CLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFO1FBQ2hCLE9BQU8sUUFBUSxDQUFDLEdBQUcsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO0tBQ3hDO0lBRUQsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFBLG1DQUFrQixFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUM5RSxhQUFhLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUM7SUFDbkMsTUFBTSxJQUFBLGtDQUFpQixFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDO0lBRXRGLE9BQU8sUUFBUSxDQUFDLEdBQUcsRUFBRSxZQUFZLENBQUMsQ0FBQztBQUNyQyxDQUFDO0FBRUQsS0FBSyxVQUFVLFNBQVMsQ0FBQyxLQUFzQjtJQUM3QyxNQUFNLElBQUksR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDL0IsSUFBSSxDQUFDLElBQUksQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFO1FBQzdCLE9BQU8sUUFBUSxDQUFDLEdBQUcsRUFBRSwrQkFBK0IsQ0FBQyxDQUFDO0tBQ3ZEO0lBRUQsTUFBTSxJQUFBLGtDQUFpQixFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQztRQUNwRSxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07UUFDbkIsS0FBSyxFQUFFLEVBQUU7UUFDVCxpQkFBaUIsRUFBRSxJQUFJLENBQUMsR0FBRztLQUM1QixDQUFDLENBQUMsQ0FBQztJQUNKLE1BQU0sSUFBQSxrQ0FBaUIsRUFBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGdCQUFnQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsRUFBRSxLQUFLLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBRXJGLE9BQU8sUUFBUSxDQUFFLEdBQUcsRUFBRSwyQkFBMkIsQ0FBQyxDQUFDO0FBQ3JELENBQUM7QUFFRCxLQUFLLFVBQVUsWUFBWSxDQUFDLEtBQXNCO0lBQ2hELElBQUksQ0FBQyxLQUFLLENBQUMscUJBQXFCLEVBQUU7UUFDaEMsT0FBTyxRQUFRLENBQUUsR0FBRyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0tBQ3ZDO0lBRUQsTUFBTSxJQUFJLEdBQUcsS0FBSyxDQUFDLHFCQUFxQixDQUFDLElBQUksQ0FBQztJQUU5QyxJQUFJLENBQUMsSUFBSSxFQUFFO1FBQ1QsT0FBTyxRQUFRLENBQUUsR0FBRyxFQUFFLGNBQWMsQ0FBQyxDQUFDO0tBQ3ZDO0lBRUQsTUFBTSxhQUFhLEdBQUcsTUFBTSxJQUFBLG1DQUFrQixFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsaUJBQWlCLENBQUMsQ0FBQztJQUM5RSxNQUFNLE9BQU8sR0FBRyxJQUFBLDBCQUFpQixFQUFDLGFBQWEsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUN4RCxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksY0FBTyxDQUFDLEVBQUUsT0FBTyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztJQUVyRixNQUFNLElBQUEsa0NBQWlCLEVBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDO1FBQ3BFLE1BQU0sRUFBRSxJQUFJLEdBQUcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLElBQUk7UUFDMUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsRUFBRTtRQUNyQixpQkFBaUIsRUFBRSxFQUFFO0tBQ3RCLENBQUMsQ0FBQyxDQUFDO0lBQ0osTUFBTSxJQUFBLGtDQUFpQixFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNwRixNQUFNLElBQUEsa0NBQWlCLEVBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDO1FBQ3JFLGFBQWEsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLGNBQWM7S0FDMUMsQ0FBQyxDQUFDLENBQUM7SUFDSixNQUFNLElBQUEsa0NBQWlCLEVBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQztJQUVyRixPQUFPLFFBQVEsQ0FBRSxHQUFHLEVBQUUseUJBQXlCLE1BQU0sQ0FBQyxJQUFJLENBQUMsUUFBUSwyREFBMkQsQ0FBQyxDQUFDO0FBQ2xJLENBQUM7QUFFRCxLQUFLLFVBQVUsaUJBQWlCLENBQUMsS0FBc0I7SUFDckQsTUFBTSxJQUFJLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBRS9CLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUU7UUFDM0MsT0FBTyxRQUFRLENBQUUsR0FBRyxFQUFFLGdCQUFnQixDQUFDLENBQUM7S0FDekM7SUFFRCxNQUFNLElBQUEsa0NBQWlCLEVBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDO1FBQ3BFLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTTtRQUNuQixLQUFLLEVBQUUsSUFBSSxDQUFDLEtBQUs7UUFDakIsaUJBQWlCLEVBQUUsRUFBRTtLQUN0QixDQUFDLENBQUMsQ0FBQztJQUNKLE1BQU0sSUFBQSxrQ0FBaUIsRUFBQyxPQUFPLENBQUMsR0FBRyxDQUFDLDZCQUE2QixFQUFFLElBQUksQ0FBQyxFQUFZLENBQUMsQ0FBQztJQUN0RixNQUFNLElBQUEsa0NBQWlCLEVBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxnQkFBZ0IsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLEVBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQztJQUVyRixPQUFPLFFBQVEsQ0FBRSxHQUFHLEVBQUUsd0RBQXdELENBQUMsQ0FBQztBQUNsRixDQUFDO0FBRUQsT0FBTyxDQUFDLE9BQU8sR0FBRyxLQUFLLFdBQVcsS0FBc0I7SUFDdEQseUNBQXlDO0lBQ3pDLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFdBQVcsRUFBRTtRQUM1QixNQUFNLElBQUksS0FBSyxDQUFDLCtCQUErQixDQUFDLENBQUM7S0FDbEQ7SUFFRCxNQUFNLFVBQVUsR0FBRyxDQUFDLE1BQU0sSUFBQSxtQ0FBa0IsRUFBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUM7SUFFbEYsMENBQTBDO0lBQzFDLElBQUksQ0FBQyxVQUFVLEVBQUU7UUFDZixPQUFPLFFBQVEsQ0FBQyxHQUFHLEVBQUUscUZBQXFGLENBQUMsQ0FBQztLQUM3RztJQUVELElBQUksQ0FBQyxLQUFLLENBQUMscUJBQXFCLEVBQUU7UUFDaEMsT0FBTyxRQUFRLENBQUMsR0FBRyxFQUFFLG9CQUFvQixDQUFDLENBQUM7S0FDNUM7SUFFRCw4Q0FBOEM7SUFDOUMsTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLHFCQUFxQixDQUFDLEtBQUssSUFBSSxLQUFLLENBQUMscUJBQXFCLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQztJQUM5RixJQUFJLFFBQVEsQ0FBQyxNQUFNLElBQUksVUFBVSxDQUFDLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsT0FBTyxDQUFDLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxDQUFDLENBQUMsRUFBRTtRQUNySSxPQUFPLFFBQVEsQ0FBQyxHQUFHLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztLQUM1QztJQUVELGtCQUFrQjtJQUNsQixJQUFJO1FBQ0YsTUFBTSxJQUFJLEdBQUksS0FBd0MsQ0FBQyxJQUFJLElBQUssS0FBMEMsQ0FBQyxPQUFPLENBQUM7UUFDbkgsTUFBTSxNQUFNLEdBQUksS0FBd0MsQ0FBQyxVQUFVLElBQUssS0FBMEMsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQztRQUM5SSxJQUFJLElBQUksSUFBSSxHQUFHLEVBQUU7WUFDZixPQUFPLE1BQU0sVUFBVSxDQUFDLEtBQUssRUFBRSxVQUFVLENBQUMsQ0FBQztTQUM1QzthQUFNLElBQUksSUFBSSxJQUFJLFNBQVMsSUFBSSxNQUFNLElBQUksTUFBTSxFQUFFO1lBQ2hELE9BQU8sTUFBTSxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUM7U0FDbEM7YUFBTSxJQUFJLElBQUksSUFBSSxNQUFNLElBQUksTUFBTSxJQUFJLE1BQU0sRUFBRTtZQUM3QyxPQUFPLE1BQU0sU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDO1NBQy9CO2FBQU0sSUFBSSxJQUFJLElBQUksbUJBQW1CLElBQUksTUFBTSxJQUFJLEtBQUssRUFBRTtZQUN6RCxPQUFPLE1BQU0sWUFBWSxDQUFDLEtBQUssQ0FBQyxDQUFDO1NBQ2xDO2FBQU0sSUFBSSxJQUFJLElBQUksTUFBTSxJQUFJLE1BQU0sSUFBSSxNQUFNLEVBQUU7WUFDN0MsT0FBTyxNQUFNLGlCQUFpQixDQUFDLEtBQUssQ0FBQyxDQUFDO1NBQ3ZDO2FBQU07WUFDTCxPQUFPLFFBQVEsQ0FBQyxHQUFHLEVBQUUsV0FBVyxDQUFDLENBQUM7U0FDbkM7S0FDRjtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNqQixPQUFPLFFBQVEsQ0FBQyxHQUFHLEVBQUUsaUJBQWlCLENBQUMsRUFBRSxDQUFDLENBQUM7S0FDNUM7QUFDSCxDQUFDLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMgKi9cbmltcG9ydCAqIGFzIGNyeXB0byBmcm9tICdjcnlwdG8nO1xuaW1wb3J0ICogYXMgZnMgZnJvbSAnZnMnO1xuaW1wb3J0IHsgT2N0b2tpdCB9IGZyb20gJ0BvY3Rva2l0L3Jlc3QnO1xuLyogZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIGltcG9ydC9uby1leHRyYW5lb3VzLWRlcGVuZGVuY2llcyxpbXBvcnQvbm8tdW5yZXNvbHZlZCAqL1xuaW1wb3J0ICogYXMgQVdTTGFtYmRhIGZyb20gJ2F3cy1sYW1iZGEnO1xuaW1wb3J0IHsgYmFzZVVybEZyb21Eb21haW4gfSBmcm9tICcuL2dpdGh1Yic7XG5pbXBvcnQgeyBnZXRTZWNyZXRKc29uVmFsdWUsIHVwZGF0ZVNlY3JldFZhbHVlIH0gZnJvbSAnLi9sYW1iZGEtaGVscGVycyc7XG5cbnR5cGUgQXBpR2F0ZXdheUV2ZW50ID0gQVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eUV2ZW50IHwgQVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eUV2ZW50VjI7XG5cbmNvbnN0IG5vbmNlID0gY3J5cHRvLnJhbmRvbUJ5dGVzKDY0KS50b1N0cmluZygnaGV4Jyk7XG5cbmZ1bmN0aW9uIGdldEh0bWwoYmFzZVVybDogc3RyaW5nLCB0b2tlbjogc3RyaW5nLCBkb21haW46IHN0cmluZyk6IHN0cmluZyB7XG4gIHJldHVybiBmcy5yZWFkRmlsZVN5bmMoJ2luZGV4Lmh0bWwnLCAndXRmLTgnKVxuICAgIC5yZXBsYWNlKC9JTlNFUlRfV0VCSE9PS19VUkxfSEVSRS9nLCBwcm9jZXNzLmVudi5XRUJIT09LX1VSTCEpXG4gICAgLnJlcGxhY2UoL0lOU0VSVF9CQVNFX1VSTF9IRVJFL2csIGJhc2VVcmwpXG4gICAgLnJlcGxhY2UoL0lOU0VSVF9UT0tFTl9IRVJFL2csIHRva2VuKVxuICAgIC5yZXBsYWNlKC9JTlNFUlRfU0VDUkVUX0FSTl9IRVJFL2csIHByb2Nlc3MuZW52LlNFVFVQX1NFQ1JFVF9BUk4hKVxuICAgIC5yZXBsYWNlKC9JTlNFUlRfRE9NQUlOX0hFUkUvZywgZG9tYWluKVxuICAgIC5yZXBsYWNlKC88c2NyaXB0L2csIGA8c2NyaXB0IG5vbmNlPVwiJHtub25jZX1cImApXG4gICAgLnJlcGxhY2UoLzxzdHlsZS9nLCBgPHN0eWxlIG5vbmNlPVwiJHtub25jZX1cImApO1xufVxuXG5mdW5jdGlvbiByZXNwb25zZShjb2RlOiBudW1iZXIsIGJvZHk6IHN0cmluZyk6IEFXU0xhbWJkYS5BUElHYXRld2F5UHJveHlSZXN1bHRWMiB7XG4gIHJldHVybiB7XG4gICAgc3RhdHVzQ29kZTogY29kZSxcbiAgICBoZWFkZXJzOiB7XG4gICAgICAnQ29udGVudC1UeXBlJzogJ3RleHQvaHRtbCcsXG4gICAgICAnQ29udGVudC1TZWN1cml0eS1Qb2xpY3knOiBgZGVmYXVsdC1zcmMgJ3Vuc2FmZS1pbmxpbmUnICdub25jZS0ke25vbmNlfSc7IGltZy1zcmMgZGF0YTo7IGNvbm5lY3Qtc3JjICdzZWxmJzsgZm9ybS1hY3Rpb24gaHR0cHM6OyBmcmFtZS1hbmNlc3RvcnMgJ25vbmUnOyBvYmplY3Qtc3JjICdub25lJzsgYmFzZS11cmkgJ3NlbGYnYCxcbiAgICB9LFxuICAgIGJvZHk6IGJvZHksXG4gIH07XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGhhbmRsZVJvb3QoZXZlbnQ6IEFwaUdhdGV3YXlFdmVudCwgc2V0dXBUb2tlbjogc3RyaW5nKTogUHJvbWlzZTxBV1NMYW1iZGEuQVBJR2F0ZXdheVByb3h5UmVzdWx0VjI+IHtcbiAgY29uc3Qgc3RhZ2UgPSBldmVudC5yZXF1ZXN0Q29udGV4dC5zdGFnZSA9PSAnJGRlZmF1bHQnID8gJycgOiBgLyR7ZXZlbnQucmVxdWVzdENvbnRleHQuc3RhZ2V9YDtcbiAgY29uc3Qgc2V0dXBCYXNlVXJsID0gYGh0dHBzOi8vJHtldmVudC5yZXF1ZXN0Q29udGV4dC5kb21haW5OYW1lfSR7c3RhZ2V9YDtcbiAgY29uc3QgZ2l0aHViU2VjcmV0cyA9IGF3YWl0IGdldFNlY3JldEpzb25WYWx1ZShwcm9jZXNzLmVudi5HSVRIVUJfU0VDUkVUX0FSTik7XG5cbiAgcmV0dXJuIHJlc3BvbnNlKDIwMCwgZ2V0SHRtbChzZXR1cEJhc2VVcmwsIHNldHVwVG9rZW4sIGdpdGh1YlNlY3JldHMuZG9tYWluKSk7XG59XG5cbmZ1bmN0aW9uIGRlY29kZUJvZHkoZXZlbnQ6IEFwaUdhdGV3YXlFdmVudCkge1xuICBsZXQgYm9keSA9IGV2ZW50LmJvZHk7XG4gIGlmICghYm9keSkge1xuICAgIHRocm93IG5ldyBFcnJvcignTm8gYm9keSBmb3VuZCcpO1xuICB9XG4gIGlmIChldmVudC5pc0Jhc2U2NEVuY29kZWQpIHtcbiAgICBib2R5ID0gQnVmZmVyLmZyb20oYm9keSwgJ2Jhc2U2NCcpLnRvU3RyaW5nKCd1dGYtOCcpO1xuICB9XG4gIHJldHVybiBKU09OLnBhcnNlKGJvZHkpO1xufVxuXG5hc3luYyBmdW5jdGlvbiBoYW5kbGVEb21haW4oZXZlbnQ6IEFwaUdhdGV3YXlFdmVudCk6IFByb21pc2U8QVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eVJlc3VsdFYyPiB7XG4gIGNvbnN0IGJvZHkgPSBkZWNvZGVCb2R5KGV2ZW50KTtcbiAgaWYgKCFib2R5LmRvbWFpbikge1xuICAgIHJldHVybiByZXNwb25zZSg0MDAsICdJbnZhbGlkIGRvbWFpbicpO1xuICB9XG5cbiAgY29uc3QgZ2l0aHViU2VjcmV0cyA9IGF3YWl0IGdldFNlY3JldEpzb25WYWx1ZShwcm9jZXNzLmVudi5HSVRIVUJfU0VDUkVUX0FSTik7XG4gIGdpdGh1YlNlY3JldHMuZG9tYWluID0gYm9keS5kb21haW47XG4gIGF3YWl0IHVwZGF0ZVNlY3JldFZhbHVlKHByb2Nlc3MuZW52LkdJVEhVQl9TRUNSRVRfQVJOLCBKU09OLnN0cmluZ2lmeShnaXRodWJTZWNyZXRzKSk7XG5cbiAgcmV0dXJuIHJlc3BvbnNlKDIwMCwgJ0RvbWFpbiBzZXQnKTtcbn1cblxuYXN5bmMgZnVuY3Rpb24gaGFuZGxlUGF0KGV2ZW50OiBBcGlHYXRld2F5RXZlbnQpOiBQcm9taXNlPEFXU0xhbWJkYS5BUElHYXRld2F5UHJveHlSZXN1bHRWMj4ge1xuICBjb25zdCBib2R5ID0gZGVjb2RlQm9keShldmVudCk7XG4gIGlmICghYm9keS5wYXQgfHwgIWJvZHkuZG9tYWluKSB7XG4gICAgcmV0dXJuIHJlc3BvbnNlKDQwMCwgJ0ludmFsaWQgcGVyc29uYWwgYWNjZXNzIHRva2VuJyk7XG4gIH1cblxuICBhd2FpdCB1cGRhdGVTZWNyZXRWYWx1ZShwcm9jZXNzLmVudi5HSVRIVUJfU0VDUkVUX0FSTiwgSlNPTi5zdHJpbmdpZnkoe1xuICAgIGRvbWFpbjogYm9keS5kb21haW4sXG4gICAgYXBwSWQ6ICcnLFxuICAgIHBlcnNvbmFsQXV0aFRva2VuOiBib2R5LnBhdCxcbiAgfSkpO1xuICBhd2FpdCB1cGRhdGVTZWNyZXRWYWx1ZShwcm9jZXNzLmVudi5TRVRVUF9TRUNSRVRfQVJOLCBKU09OLnN0cmluZ2lmeSh7IHRva2VuOiAnJyB9KSk7XG5cbiAgcmV0dXJuIHJlc3BvbnNlKCAyMDAsICdQZXJzb25hbCBhY2Nlc3MgdG9rZW4gc2V0Jyk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGhhbmRsZU5ld0FwcChldmVudDogQXBpR2F0ZXdheUV2ZW50KTogUHJvbWlzZTxBV1NMYW1iZGEuQVBJR2F0ZXdheVByb3h5UmVzdWx0VjI+IHtcbiAgaWYgKCFldmVudC5xdWVyeVN0cmluZ1BhcmFtZXRlcnMpIHtcbiAgICByZXR1cm4gcmVzcG9uc2UoIDQwMCwgJ0ludmFsaWQgY29kZScpO1xuICB9XG5cbiAgY29uc3QgY29kZSA9IGV2ZW50LnF1ZXJ5U3RyaW5nUGFyYW1ldGVycy5jb2RlO1xuXG4gIGlmICghY29kZSkge1xuICAgIHJldHVybiByZXNwb25zZSggNDAwLCAnSW52YWxpZCBjb2RlJyk7XG4gIH1cblxuICBjb25zdCBnaXRodWJTZWNyZXRzID0gYXdhaXQgZ2V0U2VjcmV0SnNvblZhbHVlKHByb2Nlc3MuZW52LkdJVEhVQl9TRUNSRVRfQVJOKTtcbiAgY29uc3QgYmFzZVVybCA9IGJhc2VVcmxGcm9tRG9tYWluKGdpdGh1YlNlY3JldHMuZG9tYWluKTtcbiAgY29uc3QgbmV3QXBwID0gYXdhaXQgbmV3IE9jdG9raXQoeyBiYXNlVXJsIH0pLnJlc3QuYXBwcy5jcmVhdGVGcm9tTWFuaWZlc3QoeyBjb2RlIH0pO1xuXG4gIGF3YWl0IHVwZGF0ZVNlY3JldFZhbHVlKHByb2Nlc3MuZW52LkdJVEhVQl9TRUNSRVRfQVJOLCBKU09OLnN0cmluZ2lmeSh7XG4gICAgZG9tYWluOiBuZXcgVVJMKG5ld0FwcC5kYXRhLmh0bWxfdXJsKS5ob3N0LFxuICAgIGFwcElkOiBuZXdBcHAuZGF0YS5pZCxcbiAgICBwZXJzb25hbEF1dGhUb2tlbjogJycsXG4gIH0pKTtcbiAgYXdhaXQgdXBkYXRlU2VjcmV0VmFsdWUocHJvY2Vzcy5lbnYuR0lUSFVCX1BSSVZBVEVfS0VZX1NFQ1JFVF9BUk4sIG5ld0FwcC5kYXRhLnBlbSk7XG4gIGF3YWl0IHVwZGF0ZVNlY3JldFZhbHVlKHByb2Nlc3MuZW52LldFQkhPT0tfU0VDUkVUX0FSTiwgSlNPTi5zdHJpbmdpZnkoe1xuICAgIHdlYmhvb2tTZWNyZXQ6IG5ld0FwcC5kYXRhLndlYmhvb2tfc2VjcmV0LFxuICB9KSk7XG4gIGF3YWl0IHVwZGF0ZVNlY3JldFZhbHVlKHByb2Nlc3MuZW52LlNFVFVQX1NFQ1JFVF9BUk4sIEpTT04uc3RyaW5naWZ5KHsgdG9rZW46ICcnIH0pKTtcblxuICByZXR1cm4gcmVzcG9uc2UoIDIwMCwgYE5ldyBhcHAgc2V0LiA8YSBocmVmPVwiJHtuZXdBcHAuZGF0YS5odG1sX3VybH0vaW5zdGFsbGF0aW9ucy9uZXdcIj5JbnN0YWxsIGl0PC9hPiBmb3IgeW91ciByZXBvc2l0b3JpZXMuYCk7XG59XG5cbmFzeW5jIGZ1bmN0aW9uIGhhbmRsZUV4aXN0aW5nQXBwKGV2ZW50OiBBcGlHYXRld2F5RXZlbnQpOiBQcm9taXNlPEFXU0xhbWJkYS5BUElHYXRld2F5UHJveHlSZXN1bHRWMj4ge1xuICBjb25zdCBib2R5ID0gZGVjb2RlQm9keShldmVudCk7XG5cbiAgaWYgKCFib2R5LmFwcGlkIHx8ICFib2R5LnBrIHx8ICFib2R5LmRvbWFpbikge1xuICAgIHJldHVybiByZXNwb25zZSggNDAwLCAnTWlzc2luZyBmaWVsZHMnKTtcbiAgfVxuXG4gIGF3YWl0IHVwZGF0ZVNlY3JldFZhbHVlKHByb2Nlc3MuZW52LkdJVEhVQl9TRUNSRVRfQVJOLCBKU09OLnN0cmluZ2lmeSh7XG4gICAgZG9tYWluOiBib2R5LmRvbWFpbixcbiAgICBhcHBJZDogYm9keS5hcHBpZCxcbiAgICBwZXJzb25hbEF1dGhUb2tlbjogJycsXG4gIH0pKTtcbiAgYXdhaXQgdXBkYXRlU2VjcmV0VmFsdWUocHJvY2Vzcy5lbnYuR0lUSFVCX1BSSVZBVEVfS0VZX1NFQ1JFVF9BUk4sIGJvZHkucGsgYXMgc3RyaW5nKTtcbiAgYXdhaXQgdXBkYXRlU2VjcmV0VmFsdWUocHJvY2Vzcy5lbnYuU0VUVVBfU0VDUkVUX0FSTiwgSlNPTi5zdHJpbmdpZnkoeyB0b2tlbjogJycgfSkpO1xuXG4gIHJldHVybiByZXNwb25zZSggMjAwLCAnRXhpc3RpbmcgYXBwIHNldC4gRG9uXFwndCBmb3JnZXQgdG8gc2V0IHVwIHRoZSB3ZWJob29rLicpO1xufVxuXG5leHBvcnRzLmhhbmRsZXIgPSBhc3luYyBmdW5jdGlvbiAoZXZlbnQ6IEFwaUdhdGV3YXlFdmVudCk6IFByb21pc2U8QVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eVJlc3VsdFYyPiB7XG4gIC8vIGNvbmZpcm0gcmVxdWlyZWQgZW52aXJvbm1lbnQgdmFyaWFibGVzXG4gIGlmICghcHJvY2Vzcy5lbnYuV0VCSE9PS19VUkwpIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoJ01pc3NpbmcgZW52aXJvbm1lbnQgdmFyaWFibGVzJyk7XG4gIH1cblxuICBjb25zdCBzZXR1cFRva2VuID0gKGF3YWl0IGdldFNlY3JldEpzb25WYWx1ZShwcm9jZXNzLmVudi5TRVRVUF9TRUNSRVRfQVJOKSkudG9rZW47XG5cbiAgLy8gYmFpbCBvdXQgaWYgc2V0dXAgd2FzIGFscmVhZHkgY29tcGxldGVkXG4gIGlmICghc2V0dXBUb2tlbikge1xuICAgIHJldHVybiByZXNwb25zZSgyMDAsICdTZXR1cCBhbHJlYWR5IGNvbXBsZXRlLiBQdXQgYSBuZXcgdG9rZW4gaW4gdGhlIHNldHVwIHNlY3JldCBpZiB5b3Ugd2FudCB0byByZWRvIGl0LicpO1xuICB9XG5cbiAgaWYgKCFldmVudC5xdWVyeVN0cmluZ1BhcmFtZXRlcnMpIHtcbiAgICByZXR1cm4gcmVzcG9uc2UoNDAzLCAnV3Jvbmcgc2V0dXAgdG9rZW4uJyk7XG4gIH1cblxuICAvLyBzYWZlbHkgY29uZmlybSB1cmwgdG9rZW4gbWF0Y2hlcyBvdXIgc2VjcmV0XG4gIGNvbnN0IHVybFRva2VuID0gZXZlbnQucXVlcnlTdHJpbmdQYXJhbWV0ZXJzLnRva2VuIHx8IGV2ZW50LnF1ZXJ5U3RyaW5nUGFyYW1ldGVycy5zdGF0ZSB8fCAnJztcbiAgaWYgKHVybFRva2VuLmxlbmd0aCAhPSBzZXR1cFRva2VuLmxlbmd0aCB8fCAhY3J5cHRvLnRpbWluZ1NhZmVFcXVhbChCdWZmZXIuZnJvbSh1cmxUb2tlbiwgJ3V0Zi04JyksIEJ1ZmZlci5mcm9tKHNldHVwVG9rZW4sICd1dGYtOCcpKSkge1xuICAgIHJldHVybiByZXNwb25zZSg0MDMsICdXcm9uZyBzZXR1cCB0b2tlbi4nKTtcbiAgfVxuXG4gIC8vIGhhbmRsZSByZXF1ZXN0c1xuICB0cnkge1xuICAgIGNvbnN0IHBhdGggPSAoZXZlbnQgYXMgQVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eUV2ZW50KS5wYXRoID8/IChldmVudCBhcyBBV1NMYW1iZGEuQVBJR2F0ZXdheVByb3h5RXZlbnRWMikucmF3UGF0aDtcbiAgICBjb25zdCBtZXRob2QgPSAoZXZlbnQgYXMgQVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eUV2ZW50KS5odHRwTWV0aG9kID8/IChldmVudCBhcyBBV1NMYW1iZGEuQVBJR2F0ZXdheVByb3h5RXZlbnRWMikucmVxdWVzdENvbnRleHQuaHR0cC5tZXRob2Q7XG4gICAgaWYgKHBhdGggPT0gJy8nKSB7XG4gICAgICByZXR1cm4gYXdhaXQgaGFuZGxlUm9vdChldmVudCwgc2V0dXBUb2tlbik7XG4gICAgfSBlbHNlIGlmIChwYXRoID09ICcvZG9tYWluJyAmJiBtZXRob2QgPT0gJ1BPU1QnKSB7XG4gICAgICByZXR1cm4gYXdhaXQgaGFuZGxlRG9tYWluKGV2ZW50KTtcbiAgICB9IGVsc2UgaWYgKHBhdGggPT0gJy9wYXQnICYmIG1ldGhvZCA9PSAnUE9TVCcpIHtcbiAgICAgIHJldHVybiBhd2FpdCBoYW5kbGVQYXQoZXZlbnQpO1xuICAgIH0gZWxzZSBpZiAocGF0aCA9PSAnL2NvbXBsZXRlLW5ldy1hcHAnICYmIG1ldGhvZCA9PSAnR0VUJykge1xuICAgICAgcmV0dXJuIGF3YWl0IGhhbmRsZU5ld0FwcChldmVudCk7XG4gICAgfSBlbHNlIGlmIChwYXRoID09ICcvYXBwJyAmJiBtZXRob2QgPT0gJ1BPU1QnKSB7XG4gICAgICByZXR1cm4gYXdhaXQgaGFuZGxlRXhpc3RpbmdBcHAoZXZlbnQpO1xuICAgIH0gZWxzZSB7XG4gICAgICByZXR1cm4gcmVzcG9uc2UoNDA0LCAnTm90IGZvdW5kJyk7XG4gICAgfVxuICB9IGNhdGNoIChlKSB7XG4gICAgY29uc29sZS5lcnJvcihlKTtcbiAgICByZXR1cm4gcmVzcG9uc2UoNTAwLCBgPGI+RXJyb3I6PC9iPiAke2V9YCk7XG4gIH1cbn07XG4iXX0=

package/lib/{lambdas/status-function.d.ts → status-function.d.ts} RENAMED Viewed

@@ -6,7 +6,7 @@ import { Construct } from 'constructs';
 export interface StatusFunctionProps extends lambda.FunctionOptions {
 }
 /**
- * An AWS Lambda function which executes src/lambdas/status.
+ * An AWS Lambda function which executes src/status.
  */
 export declare class StatusFunction extends lambda.Function {
     constructor(scope: Construct, id: string, props?: StatusFunctionProps);

package/lib/status-function.js ADDED Viewed

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StatusFunction = void 0;
+// ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen".
+const path = require("path");
+const lambda = require("aws-cdk-lib/aws-lambda");
+/**
+ * An AWS Lambda function which executes src/status.
+ */
+class StatusFunction extends lambda.Function {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            description: 'src/status.lambda.ts',
+            ...props,
+            runtime: new lambda.Runtime('nodejs16.x', lambda.RuntimeFamily.NODEJS),
+            handler: 'index.handler',
+            code: lambda.Code.fromAsset(path.join(__dirname, '../assets/status.lambda')),
+        });
+        this.addEnvironment('AWS_NODEJS_CONNECTION_REUSE_ENABLED', '1', { removeInEdge: true });
+    }
+}
+exports.StatusFunction = StatusFunction;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RhdHVzLWZ1bmN0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3N0YXR1cy1mdW5jdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2RUFBNkU7QUFDN0UsNkJBQTZCO0FBQzdCLGlEQUFpRDtBQVNqRDs7R0FFRztBQUNILE1BQWEsY0FBZSxTQUFRLE1BQU0sQ0FBQyxRQUFRO0lBQ2pELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBMkI7UUFDbkUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDZixXQUFXLEVBQUUsc0JBQXNCO1lBQ25DLEdBQUcsS0FBSztZQUNSLE9BQU8sRUFBRSxJQUFJLE1BQU0sQ0FBQyxPQUFPLENBQUMsWUFBWSxFQUFFLE1BQU0sQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDO1lBQ3RFLE9BQU8sRUFBRSxlQUFlO1lBQ3hCLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSx5QkFBeUIsQ0FBQyxDQUFDO1NBQzdFLENBQUMsQ0FBQztRQUNILElBQUksQ0FBQyxjQUFjLENBQUMscUNBQXFDLEVBQUUsR0FBRyxFQUFFLEVBQUUsWUFBWSxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7SUFDMUYsQ0FBQztDQUNGO0FBWEQsd0NBV0MiLCJzb3VyY2VzQ29udGVudCI6WyIvLyB+fiBHZW5lcmF0ZWQgYnkgcHJvamVuLiBUbyBtb2RpZnksIGVkaXQgLnByb2plbnJjLmpzIGFuZCBydW4gXCJucHggcHJvamVuXCIuXG5pbXBvcnQgKiBhcyBwYXRoIGZyb20gJ3BhdGgnO1xuaW1wb3J0ICogYXMgbGFtYmRhIGZyb20gJ2F3cy1jZGstbGliL2F3cy1sYW1iZGEnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5cbi8qKlxuICogUHJvcHMgZm9yIFN0YXR1c0Z1bmN0aW9uXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgU3RhdHVzRnVuY3Rpb25Qcm9wcyBleHRlbmRzIGxhbWJkYS5GdW5jdGlvbk9wdGlvbnMge1xufVxuXG4vKipcbiAqIEFuIEFXUyBMYW1iZGEgZnVuY3Rpb24gd2hpY2ggZXhlY3V0ZXMgc3JjL3N0YXR1cy5cbiAqL1xuZXhwb3J0IGNsYXNzIFN0YXR1c0Z1bmN0aW9uIGV4dGVuZHMgbGFtYmRhLkZ1bmN0aW9uIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBTdGF0dXNGdW5jdGlvblByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICBkZXNjcmlwdGlvbjogJ3NyYy9zdGF0dXMubGFtYmRhLnRzJyxcbiAgICAgIC4uLnByb3BzLFxuICAgICAgcnVudGltZTogbmV3IGxhbWJkYS5SdW50aW1lKCdub2RlanMxNi54JywgbGFtYmRhLlJ1bnRpbWVGYW1pbHkuTk9ERUpTKSxcbiAgICAgIGhhbmRsZXI6ICdpbmRleC5oYW5kbGVyJyxcbiAgICAgIGNvZGU6IGxhbWJkYS5Db2RlLmZyb21Bc3NldChwYXRoLmpvaW4oX19kaXJuYW1lLCAnLi4vYXNzZXRzL3N0YXR1cy5sYW1iZGEnKSksXG4gICAgfSk7XG4gICAgdGhpcy5hZGRFbnZpcm9ubWVudCgnQVdTX05PREVKU19DT05ORUNUSU9OX1JFVVNFX0VOQUJMRUQnLCAnMScsIHsgcmVtb3ZlSW5FZGdlOiB0cnVlIH0pO1xuICB9XG59Il19

package/lib/status.lambda.js ADDED Viewed

@@ -0,0 +1,298 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/* eslint-disable import/no-extraneous-dependencies */
+const auth_app_1 = require("@octokit/auth-app");
+const core_1 = require("@octokit/core");
+/* eslint-disable-next-line import/no-extraneous-dependencies,import/no-unresolved */
+const AWS = require("aws-sdk");
+const github_1 = require("./github");
+const lambda_helpers_1 = require("./lambda-helpers");
+const cfn = new AWS.CloudFormation();
+const ec2 = new AWS.EC2();
+const ecr = new AWS.ECR();
+const sf = new AWS.StepFunctions();
+function secretArnToUrl(arn) {
+    const parts = arn.split(':'); // arn:aws:secretsmanager:us-east-1:12345678:secret:secret-name-REVISION
+    const region = parts[3];
+    const fullName = parts[6];
+    const name = fullName.slice(0, fullName.lastIndexOf('-'));
+    return `https://${region}.console.aws.amazon.com/secretsmanager/home?region=${region}#!/secret?name=${name}`;
+}
+function lambdaArnToUrl(arn) {
+    const parts = arn.split(':'); // arn:aws:lambda:us-east-1:12345678:function:name-XYZ
+    const region = parts[3];
+    const name = parts[6];
+    return `https://${region}.console.aws.amazon.com/lambda/home?region=${region}#/functions/${name}?tab=monitoring`;
+}
+function stepFunctionArnToUrl(arn) {
+    const parts = arn.split(':'); // arn:aws:states:us-east-1:12345678:stateMachine:name-XYZ
+    const region = parts[3];
+    return `https://${region}.console.aws.amazon.com/states/home?region=${region}#/statemachines/view/${arn}`;
+}
+async function generateProvidersStatus(stack, logicalId) {
+    const resource = await cfn.describeStackResource({ StackName: stack, LogicalResourceId: logicalId }).promise();
+    const providers = JSON.parse(resource.StackResourceDetail?.Metadata ?? '{}').providers;
+    if (!providers) {
+        return {};
+    }
+    return Promise.all(providers.map(async (p) => {
+        // add ECR data, if image is from ECR
+        if (p.image?.imageRepository?.match(/[0-9]+\.dkr\.ecr\.[a-z0-9\-]+\.amazonaws\.com\/.+/)) {
+            const tags = await ecr.describeImages({
+                repositoryName: p.image.imageRepository.split('/')[1],
+                filter: {
+                    tagStatus: 'TAGGED',
+                },
+                maxResults: 1,
+            }).promise();
+            if (tags.imageDetails && tags.imageDetails?.length >= 1) {
+                p.image.latestImage = {
+                    tags: tags.imageDetails[0].imageTags,
+                    digest: tags.imageDetails[0].imageDigest,
+                    date: tags.imageDetails[0].imagePushedAt,
+                };
+            }
+        }
+        // add AMI data, if image is AMI
+        if (p.ami?.launchTemplate) {
+            const versions = await ec2.describeLaunchTemplateVersions({
+                LaunchTemplateId: p.ami.launchTemplate,
+                Versions: ['$Default'],
+            }).promise();
+            if (versions.LaunchTemplateVersions && versions.LaunchTemplateVersions.length >= 1) {
+                p.ami.latestAmi = versions.LaunchTemplateVersions[0].LaunchTemplateData?.ImageId;
+            }
+        }
+        return p;
+    }));
+}
+function safeReturnValue(event, status) {
+    if (event.path) {
+        return {
+            statusCode: 200,
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            body: JSON.stringify(status),
+        };
+    }
+    return status;
+}
+exports.handler = async function (event) {
+    // confirm required environment variables
+    if (!process.env.WEBHOOK_SECRET_ARN || !process.env.GITHUB_SECRET_ARN || !process.env.GITHUB_PRIVATE_KEY_SECRET_ARN || !process.env.LOGICAL_ID ||
+        !process.env.WEBHOOK_HANDLER_ARN || !process.env.STEP_FUNCTION_ARN || !process.env.SETUP_SECRET_ARN || !process.env.SETUP_FUNCTION_URL ||
+        !process.env.STACK_NAME) {
+        throw new Error('Missing environment variables');
+    }
+    // base status
+    const status = {
+        github: {
+            setup: {
+                status: 'Unknown',
+                url: '',
+                secretArn: process.env.SETUP_SECRET_ARN,
+                secretUrl: secretArnToUrl(process.env.SETUP_SECRET_ARN),
+            },
+            domain: 'Unknown',
+            webhook: {
+                url: process.env.WEBHOOK_URL,
+                status: 'Unable to check',
+                secretArn: process.env.WEBHOOK_SECRET_ARN,
+                secretUrl: secretArnToUrl(process.env.WEBHOOK_SECRET_ARN),
+            },
+            auth: {
+                type: 'Unknown',
+                status: 'Unknown',
+                secretArn: process.env.GITHUB_SECRET_ARN,
+                secretUrl: secretArnToUrl(process.env.GITHUB_SECRET_ARN),
+                privateKeySecretArn: process.env.GITHUB_PRIVATE_KEY_SECRET_ARN,
+                privateKeySecretUrl: secretArnToUrl(process.env.GITHUB_PRIVATE_KEY_SECRET_ARN),
+                app: {
+                    id: '',
+                    url: '',
+                    installations: [],
+                },
+                personalAuthToken: '',
+            },
+        },
+        providers: await generateProvidersStatus(process.env.STACK_NAME, process.env.LOGICAL_ID),
+        troubleshooting: {
+            webhookHandlerArn: process.env.WEBHOOK_HANDLER_ARN,
+            webhookHandlerUrl: lambdaArnToUrl(process.env.WEBHOOK_HANDLER_ARN),
+            stepFunctionArn: process.env.STEP_FUNCTION_ARN,
+            stepFunctionUrl: stepFunctionArnToUrl(process.env.STEP_FUNCTION_ARN),
+            stepFunctionLogGroup: process.env.STEP_FUNCTION_LOG_GROUP,
+            recentRuns: [],
+        },
+    };
+    // setup url
+    const setupToken = (await (0, lambda_helpers_1.getSecretJsonValue)(process.env.SETUP_SECRET_ARN)).token;
+    if (setupToken) {
+        status.github.setup.status = 'Pending';
+        status.github.setup.url = `${process.env.SETUP_FUNCTION_URL}?token=${setupToken}`;
+    }
+    else {
+        status.github.setup.status = 'Complete';
+    }
+    // list last 10 executions and their status
+    try {
+        const executions = await sf.listExecutions({
+            stateMachineArn: process.env.STEP_FUNCTION_ARN,
+            maxResults: 10,
+        }).promise();
+        for (const execution of executions.executions) {
+            const executionDetails = await sf.describeExecution({
+                executionArn: execution.executionArn,
+            }).promise();
+            const input = JSON.parse(executionDetails.input || '{}');
+            status.troubleshooting.recentRuns.push({
+                executionArn: execution.executionArn,
+                status: execution.status,
+                owner: input.owner,
+                repo: input.repo,
+                runId: input.runId,
+            });
+        }
+    }
+    catch (e) {
+        status.troubleshooting.recentRuns.push({ status: `Error getting executions: ${e}` });
+    }
+    // get secrets
+    let githubSecrets;
+    try {
+        githubSecrets = await (0, lambda_helpers_1.getSecretJsonValue)(process.env.GITHUB_SECRET_ARN);
+    }
+    catch (e) {
+        status.github.auth.status = `Unable to read secret: ${e}`;
+        return safeReturnValue(event, status);
+    }
+    let privateKey;
+    try {
+        privateKey = await (0, lambda_helpers_1.getSecretValue)(process.env.GITHUB_PRIVATE_KEY_SECRET_ARN);
+    }
+    catch (e) {
+        status.github.auth.status = `Unable to read private key secret: ${e}`;
+        return safeReturnValue(event, status);
+    }
+    // calculate base url
+    let baseUrl = (0, github_1.baseUrlFromDomain)(githubSecrets.domain);
+    status.github.domain = githubSecrets.domain;
+    if (githubSecrets.personalAuthToken) {
+        // try authenticating with personal authentication token
+        status.github.auth.type = 'Personal Auth Token';
+        status.github.auth.personalAuthToken = '*redacted*';
+        let octokit;
+        try {
+            octokit = new core_1.Octokit({ baseUrl, auth: githubSecrets.personalAuthToken });
+        }
+        catch (e) {
+            status.github.auth.status = `Unable to authenticate using personal auth token: ${e}`;
+            return safeReturnValue(event, status);
+        }
+        try {
+            const user = await octokit.request('GET /user');
+            status.github.auth.personalAuthToken = `username: ${user.data.login}`;
+        }
+        catch (e) {
+            status.github.auth.status = `Unable to call /user with personal auth token: ${e}`;
+            return safeReturnValue(event, status);
+        }
+        status.github.auth.status = 'OK';
+        status.github.webhook.status = 'Unable to verify automatically';
+    }
+    else {
+        // try authenticating with GitHub app
+        status.github.auth.type = 'GitHub App';
+        status.github.auth.app.id = githubSecrets.appId;
+        let appOctokit;
+        try {
+            appOctokit = new core_1.Octokit({
+                baseUrl,
+                authStrategy: auth_app_1.createAppAuth,
+                auth: {
+                    appId: githubSecrets.appId,
+                    privateKey: privateKey,
+                },
+            });
+        }
+        catch (e) {
+            status.github.auth.status = `Unable to authenticate app: ${e}`;
+            return safeReturnValue(event, status);
+        }
+        // get app url
+        try {
+            const app = (await appOctokit.request('GET /app')).data;
+            status.github.auth.app.url = app.html_url;
+        }
+        catch (e) {
+            status.github.auth.status = `Unable to get app details: ${e}`;
+            return safeReturnValue(event, status);
+        }
+        // list all app installations
+        try {
+            const installations = (await appOctokit.request('GET /app/installations')).data;
+            for (const installation of installations) {
+                let installationDetails = {
+                    id: installation.id,
+                    url: installation.html_url,
+                    status: 'Unable to query',
+                    repositories: [],
+                };
+                let token;
+                try {
+                    token = (await appOctokit.auth({
+                        type: 'installation',
+                        installationId: installation.id,
+                    })).token;
+                }
+                catch (e) {
+                    installationDetails.status = `Unable to authenticate app installation: ${e}`;
+                    continue;
+                }
+                let octokit;
+                try {
+                    octokit = new core_1.Octokit({ baseUrl, auth: token });
+                }
+                catch (e) {
+                    installationDetails.status = `Unable to authenticate using app: ${e}`;
+                    continue;
+                }
+                try {
+                    const repositories = (await octokit.request('GET /installation/repositories')).data.repositories;
+                    for (const repo of repositories) {
+                        installationDetails.repositories.push(repo.full_name);
+                    }
+                }
+                catch (e) {
+                    installationDetails.status = `Unable to authenticate using installation token: ${e}`;
+                    continue;
+                }
+                installationDetails.status = 'OK';
+                status.github.auth.app.installations.push(installationDetails);
+            }
+        }
+        catch (e) {
+            status.github.auth.status = 'Unable to list app installations';
+            return safeReturnValue(event, status);
+        }
+        status.github.auth.status = 'OK';
+        // check webhook config
+        try {
+            const response = await appOctokit.request('GET /app/hook/config', {});
+            if (response.data.url !== process.env.WEBHOOK_URL) {
+                status.github.webhook.status = 'GitHub has wrong webhook URL configured';
+            }
+            else {
+                // TODO check secret by doing a dummy delivery? force apply secret?
+                status.github.webhook.status = 'OK (note that secret cannot be checked automatically)';
+            }
+        }
+        catch (e) {
+            status.github.webhook.status = `Unable to check app configuration: ${e}`;
+            return safeReturnValue(event, status);
+        }
+    }
+    return safeReturnValue(event, status);
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RhdHVzLmxhbWJkYS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9zdGF0dXMubGFtYmRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsc0RBQXNEO0FBQ3RELGdEQUFrRDtBQUNsRCx3Q0FBd0M7QUFFeEMscUZBQXFGO0FBQ3JGLCtCQUErQjtBQUMvQixxQ0FBNkM7QUFDN0MscURBQXNFO0FBRXRFLE1BQU0sR0FBRyxHQUFHLElBQUksR0FBRyxDQUFDLGNBQWMsRUFBRSxDQUFDO0FBQ3JDLE1BQU0sR0FBRyxHQUFHLElBQUksR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDO0FBQzFCLE1BQU0sR0FBRyxHQUFHLElBQUksR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDO0FBQzFCLE1BQU0sRUFBRSxHQUFHLElBQUksR0FBRyxDQUFDLGFBQWEsRUFBRSxDQUFDO0FBRW5DLFNBQVMsY0FBYyxDQUFDLEdBQVc7SUFDakMsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLHdFQUF3RTtJQUN0RyxNQUFNLE1BQU0sR0FBRyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDeEIsTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQzFCLE1BQU0sSUFBSSxHQUFHLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLFFBQVEsQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztJQUUxRCxPQUFPLFdBQVcsTUFBTSxzREFBc0QsTUFBTSxrQkFBa0IsSUFBSSxFQUFFLENBQUM7QUFDL0csQ0FBQztBQUVELFNBQVMsY0FBYyxDQUFDLEdBQVc7SUFDakMsTUFBTSxLQUFLLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLHNEQUFzRDtJQUNwRixNQUFNLE1BQU0sR0FBRyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDeEIsTUFBTSxJQUFJLEdBQUcsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBRXRCLE9BQU8sV0FBVyxNQUFNLDhDQUE4QyxNQUFNLGVBQWUsSUFBSSxpQkFBaUIsQ0FBQztBQUNuSCxDQUFDO0FBRUQsU0FBUyxvQkFBb0IsQ0FBQyxHQUFXO0lBQ3ZDLE1BQU0sS0FBSyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQywwREFBMEQ7SUFDeEYsTUFBTSxNQUFNLEdBQUcsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBRXhCLE9BQU8sV0FBVyxNQUFNLDhDQUE4QyxNQUFNLHdCQUF3QixHQUFHLEVBQUUsQ0FBQztBQUM1RyxDQUFDO0FBRUQsS0FBSyxVQUFVLHVCQUF1QixDQUFDLEtBQWEsRUFBRSxTQUFpQjtJQUNyRSxNQUFNLFFBQVEsR0FBRyxNQUFNLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsaUJBQWlCLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztJQUMvRyxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsRUFBRSxRQUFRLElBQUksSUFBSSxDQUFDLENBQUMsU0FBOEIsQ0FBQztJQUU1RyxJQUFJLENBQUMsU0FBUyxFQUFFO1FBQ2QsT0FBTyxFQUFFLENBQUM7S0FDWDtJQUVELE9BQU8sT0FBTyxDQUFDLEdBQUcsQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRSxDQUFDLEVBQUUsRUFBRTtRQUMzQyxxQ0FBcUM7UUFDckMsSUFBSSxDQUFDLENBQUMsS0FBSyxFQUFFLGVBQWUsRUFBRSxLQUFLLENBQUMsbURBQW1ELENBQUMsRUFBRTtZQUN4RixNQUFNLElBQUksR0FBRyxNQUFNLEdBQUcsQ0FBQyxjQUFjLENBQUM7Z0JBQ3BDLGNBQWMsRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUNyRCxNQUFNLEVBQUU7b0JBQ04sU0FBUyxFQUFFLFFBQVE7aUJBQ3BCO2dCQUNELFVBQVUsRUFBRSxDQUFDO2FBQ2QsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ2IsSUFBSSxJQUFJLENBQUMsWUFBWSxJQUFJLElBQUksQ0FBQyxZQUFZLEVBQUUsTUFBTSxJQUFJLENBQUMsRUFBRTtnQkFDdkQsQ0FBQyxDQUFDLEtBQUssQ0FBQyxXQUFXLEdBQUc7b0JBQ3BCLElBQUksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDLFNBQVM7b0JBQ3BDLE1BQU0sRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDLFdBQVc7b0JBQ3hDLElBQUksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDLGFBQWE7aUJBQ3pDLENBQUM7YUFDSDtTQUNGO1FBQ0QsZ0NBQWdDO1FBQ2hDLElBQUksQ0FBQyxDQUFDLEdBQUcsRUFBRSxjQUFjLEVBQUU7WUFDekIsTUFBTSxRQUFRLEdBQUcsTUFBTSxHQUFHLENBQUMsOEJBQThCLENBQUM7Z0JBQ3hELGdCQUFnQixFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsY0FBYztnQkFDdEMsUUFBUSxFQUFFLENBQUMsVUFBVSxDQUFDO2FBQ3ZCLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNiLElBQUksUUFBUSxDQUFDLHNCQUFzQixJQUFJLFFBQVEsQ0FBQyxzQkFBc0IsQ0FBQyxNQUFNLElBQUksQ0FBQyxFQUFFO2dCQUNsRixDQUFDLENBQUMsR0FBRyxDQUFDLFNBQVMsR0FBRyxRQUFRLENBQUMsc0JBQXNCLENBQUMsQ0FBQyxDQUFDLENBQUMsa0JBQWtCLEVBQUUsT0FBTyxDQUFDO2FBQ2xGO1NBQ0Y7UUFDRCxPQUFPLENBQUMsQ0FBQztJQUNYLENBQUMsQ0FBQyxDQUFDLENBQUM7QUFDTixDQUFDO0FBaUJELFNBQVMsZUFBZSxDQUFDLEtBQThDLEVBQUUsTUFBVztJQUNsRixJQUFJLEtBQUssQ0FBQyxJQUFJLEVBQUU7UUFDZCxPQUFPO1lBQ0wsVUFBVSxFQUFFLEdBQUc7WUFDZixPQUFPLEVBQUU7Z0JBQ1AsY0FBYyxFQUFFLGtCQUFrQjthQUNuQztZQUNELElBQUksRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQztTQUM3QixDQUFDO0tBQ0g7SUFFRCxPQUFPLE1BQU0sQ0FBQztBQUNoQixDQUFDO0FBRUQsT0FBTyxDQUFDLE9BQU8sR0FBRyxLQUFLLFdBQVcsS0FBOEM7SUFDOUUseUNBQXlDO0lBQ3pDLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGtCQUFrQixJQUFJLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVU7UUFDMUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLG1CQUFtQixJQUFJLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGtCQUFrQjtRQUN0SSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsVUFBVSxFQUFFO1FBQzNCLE1BQU0sSUFBSSxLQUFLLENBQUMsK0JBQStCLENBQUMsQ0FBQztLQUNsRDtJQUVELGNBQWM7SUFDZCxNQUFNLE1BQU0sR0FBRztRQUNiLE1BQU0sRUFBRTtZQUNOLEtBQUssRUFBRTtnQkFDTCxNQUFNLEVBQUUsU0FBUztnQkFDakIsR0FBRyxFQUFFLEVBQUU7Z0JBQ1AsU0FBUyxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsZ0JBQWdCO2dCQUN2QyxTQUFTLEVBQUUsY0FBYyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLENBQUM7YUFDeEQ7WUFDRCxNQUFNLEVBQUUsU0FBUztZQUNqQixPQUFPLEVBQUU7Z0JBQ1AsR0FBRyxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsV0FBVztnQkFDNUIsTUFBTSxFQUFFLGlCQUFpQjtnQkFDekIsU0FBUyxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsa0JBQWtCO2dCQUN6QyxTQUFTLEVBQUUsY0FBYyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUM7YUFDMUQ7WUFDRCxJQUFJLEVBQUU7Z0JBQ0osSUFBSSxFQUFFLFNBQVM7Z0JBQ2YsTUFBTSxFQUFFLFNBQVM7Z0JBQ2pCLFNBQVMsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLGlCQUFpQjtnQkFDeEMsU0FBUyxFQUFFLGNBQWMsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGlCQUFpQixDQUFDO2dCQUN4RCxtQkFBbUIsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLDZCQUE2QjtnQkFDOUQsbUJBQW1CLEVBQUUsY0FBYyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLENBQUM7Z0JBQzlFLEdBQUcsRUFBRTtvQkFDSCxFQUFFLEVBQUUsRUFBRTtvQkFDTixHQUFHLEVBQUUsRUFBRTtvQkFDUCxhQUFhLEVBQUUsRUFBdUI7aUJBQ3ZDO2dCQUNELGlCQUFpQixFQUFFLEVBQUU7YUFDdEI7U0FDRjtRQUNELFNBQVMsRUFBRSxNQUFNLHVCQUF1QixDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsVUFBVSxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDO1FBQ3hGLGVBQWUsRUFBRTtZQUNmLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsbUJBQW1CO1lBQ2xELGlCQUFpQixFQUFFLGNBQWMsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLG1CQUFtQixDQUFDO1lBQ2xFLGVBQWUsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLGlCQUFpQjtZQUM5QyxlQUFlLEVBQUUsb0JBQW9CLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsQ0FBQztZQUNwRSxvQkFBb0IsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLHVCQUF1QjtZQUN6RCxVQUFVLEVBQUUsRUFBaUI7U0FDOUI7S0FDRixDQUFDO0lBRUYsWUFBWTtJQUNaLE1BQU0sVUFBVSxHQUFHLENBQUMsTUFBTSxJQUFBLG1DQUFrQixFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQztJQUNsRixJQUFJLFVBQVUsRUFBRTtRQUNkLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLE1BQU0sR0FBRyxTQUFTLENBQUM7UUFDdkMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsR0FBRyxHQUFHLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsVUFBVSxVQUFVLEVBQUUsQ0FBQztLQUNuRjtTQUFNO1FBQ0wsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxHQUFHLFVBQVUsQ0FBQztLQUN6QztJQUVELDJDQUEyQztJQUMzQyxJQUFJO1FBQ0YsTUFBTSxVQUFVLEdBQUcsTUFBTSxFQUFFLENBQUMsY0FBYyxDQUFDO1lBQ3pDLGVBQWUsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLGlCQUFpQjtZQUM5QyxVQUFVLEVBQUUsRUFBRTtTQUNmLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUNiLEtBQUssTUFBTSxTQUFTLElBQUksVUFBVSxDQUFDLFVBQVUsRUFBRTtZQUM3QyxNQUFNLGdCQUFnQixHQUFHLE1BQU0sRUFBRSxDQUFDLGlCQUFpQixDQUFDO2dCQUNsRCxZQUFZLEVBQUUsU0FBUyxDQUFDLFlBQVk7YUFDckMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ2IsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLElBQUksSUFBSSxDQUFDLENBQUM7WUFFekQsTUFBTSxDQUFDLGVBQWUsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDO2dCQUNyQyxZQUFZLEVBQUUsU0FBUyxDQUFDLFlBQVk7Z0JBQ3BDLE1BQU0sRUFBRSxTQUFTLENBQUMsTUFBTTtnQkFDeEIsS0FBSyxFQUFFLEtBQUssQ0FBQyxLQUFLO2dCQUNsQixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7Z0JBQ2hCLEtBQUssRUFBRSxLQUFLLENBQUMsS0FBSzthQUNuQixDQUFDLENBQUM7U0FDSjtLQUNGO0lBQUMsT0FBTyxDQUFDLEVBQUU7UUFDVixNQUFNLENBQUMsZUFBZSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsRUFBRSxNQUFNLEVBQUUsNkJBQTZCLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQztLQUN0RjtJQUVELGNBQWM7SUFDZCxJQUFJLGFBQWEsQ0FBQztJQUNsQixJQUFJO1FBQ0YsYUFBYSxHQUFHLE1BQU0sSUFBQSxtQ0FBa0IsRUFBQyxPQUFPLENBQUMsR0FBRyxDQUFDLGlCQUFpQixDQUFDLENBQUM7S0FDekU7SUFBQyxPQUFPLENBQUMsRUFBRTtRQUNWLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRywwQkFBMEIsQ0FBQyxFQUFFLENBQUM7UUFDMUQsT0FBTyxlQUFlLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO0tBQ3ZDO0lBRUQsSUFBSSxVQUFVLENBQUM7SUFDZixJQUFJO1FBQ0YsVUFBVSxHQUFHLE1BQU0sSUFBQSwrQkFBYyxFQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLENBQUMsQ0FBQztLQUM5RTtJQUFDLE9BQU8sQ0FBQyxFQUFFO1FBQ1YsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLHNDQUFzQyxDQUFDLEVBQUUsQ0FBQztRQUN0RSxPQUFPLGVBQWUsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7S0FDdkM7SUFFRCxxQkFBcUI7SUFDckIsSUFBSSxPQUFPLEdBQUcsSUFBQSwwQkFBaUIsRUFBQyxhQUFhLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDdEQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFNLEdBQUcsYUFBYSxDQUFDLE1BQU0sQ0FBQztJQUU1QyxJQUFJLGFBQWEsQ0FBQyxpQkFBaUIsRUFBRTtRQUNuQyx3REFBd0Q7UUFDeEQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxHQUFHLHFCQUFxQixDQUFDO1FBQ2hELE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGlCQUFpQixHQUFHLFlBQVksQ0FBQztRQUVwRCxJQUFJLE9BQU8sQ0FBQztRQUNaLElBQUk7WUFDRixPQUFPLEdBQUcsSUFBSSxjQUFPLENBQUMsRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLGFBQWEsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDLENBQUM7U0FDM0U7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyxxREFBcUQsQ0FBQyxFQUFFLENBQUM7WUFDckYsT0FBTyxlQUFlLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1NBQ3ZDO1FBRUQsSUFBSTtZQUNGLE1BQU0sSUFBSSxHQUFHLE1BQU0sT0FBTyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUNoRCxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxhQUFhLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUM7U0FDdkU7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyxrREFBa0QsQ0FBQyxFQUFFLENBQUM7WUFDbEYsT0FBTyxlQUFlLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1NBQ3ZDO1FBRUQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQztRQUNqQyxNQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEdBQUcsZ0NBQWdDLENBQUM7S0FDakU7U0FBTTtRQUNMLHFDQUFxQztRQUNyQyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLEdBQUcsWUFBWSxDQUFDO1FBQ3ZDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEdBQUcsYUFBYSxDQUFDLEtBQUssQ0FBQztRQUVoRCxJQUFJLFVBQVUsQ0FBQztRQUNmLElBQUk7WUFDRixVQUFVLEdBQUcsSUFBSSxjQUFPLENBQUM7Z0JBQ3ZCLE9BQU87Z0JBQ1AsWUFBWSxFQUFFLHdCQUFhO2dCQUMzQixJQUFJLEVBQUU7b0JBQ0osS0FBSyxFQUFFLGFBQWEsQ0FBQyxLQUFLO29CQUMxQixVQUFVLEVBQUUsVUFBVTtpQkFDdkI7YUFDRixDQUFDLENBQUM7U0FDSjtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLCtCQUErQixDQUFDLEVBQUUsQ0FBQztZQUMvRCxPQUFPLGVBQWUsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDdkM7UUFFRCxjQUFjO1FBQ2QsSUFBSTtZQUNGLE1BQU0sR0FBRyxHQUFHLENBQUMsTUFBTSxVQUFVLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1lBQ3hELE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxHQUFHLEdBQUcsR0FBRyxDQUFDLFFBQVEsQ0FBQztTQUMzQztRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLDhCQUE4QixDQUFDLEVBQUUsQ0FBQztZQUM5RCxPQUFPLGVBQWUsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDdkM7UUFFRCw2QkFBNkI7UUFDN0IsSUFBSTtZQUNGLE1BQU0sYUFBYSxHQUFHLENBQUMsTUFBTSxVQUFVLENBQUMsT0FBTyxDQUFDLHdCQUF3QixDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUM7WUFDaEYsS0FBSyxNQUFNLFlBQVksSUFBSSxhQUFhLEVBQUU7Z0JBQ3hDLElBQUksbUJBQW1CLEdBQUc7b0JBQ3hCLEVBQUUsRUFBRSxZQUFZLENBQUMsRUFBRTtvQkFDbkIsR0FBRyxFQUFFLFlBQVksQ0FBQyxRQUFRO29CQUMxQixNQUFNLEVBQUUsaUJBQWlCO29CQUN6QixZQUFZLEVBQUUsRUFBYztpQkFDN0IsQ0FBQztnQkFFRixJQUFJLEtBQUssQ0FBQztnQkFDVixJQUFJO29CQUNGLEtBQUssR0FBRyxDQUFDLE1BQU0sVUFBVSxDQUFDLElBQUksQ0FBQzt3QkFDN0IsSUFBSSxFQUFFLGNBQWM7d0JBQ3BCLGNBQWMsRUFBRSxZQUFZLENBQUMsRUFBRTtxQkFDaEMsQ0FBUyxDQUFBLENBQUMsS0FBSyxDQUFDO2lCQUNsQjtnQkFBQyxPQUFPLENBQUMsRUFBRTtvQkFDVixtQkFBbUIsQ0FBQyxNQUFNLEdBQUcsNENBQTRDLENBQUMsRUFBRSxDQUFDO29CQUM3RSxTQUFTO2lCQUNWO2dCQUVELElBQUksT0FBTyxDQUFDO2dCQUNaLElBQUk7b0JBQ0YsT0FBTyxHQUFHLElBQUksY0FBTyxDQUFDLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO2lCQUNqRDtnQkFBQyxPQUFPLENBQUMsRUFBRTtvQkFDVixtQkFBbUIsQ0FBQyxNQUFNLEdBQUcscUNBQXFDLENBQUMsRUFBRSxDQUFDO29CQUN0RSxTQUFTO2lCQUNWO2dCQUVELElBQUk7b0JBQ0YsTUFBTSxZQUFZLEdBQUcsQ0FBQyxNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsZ0NBQWdDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUM7b0JBQ2pHLEtBQUssTUFBTSxJQUFJLElBQUksWUFBWSxFQUFFO3dCQUMvQixtQkFBbUIsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFtQixDQUFDLENBQUM7cUJBQ2pFO2lCQUNGO2dCQUFDLE9BQU8sQ0FBQyxFQUFFO29CQUNWLG1CQUFtQixDQUFDLE1BQU0sR0FBRyxvREFBb0QsQ0FBQyxFQUFFLENBQUM7b0JBQ3JGLFNBQVM7aUJBQ1Y7Z0JBRUQsbUJBQW1CLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQztnQkFDbEMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQzthQUNoRTtTQUNGO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLEdBQUcsa0NBQWtDLENBQUM7WUFDL0QsT0FBTyxlQUFlLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1NBQ3ZDO1FBRUQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQztRQUVqQyx1QkFBdUI7UUFDdkIsSUFBSTtZQUNGLE1BQU0sUUFBUSxHQUFHLE1BQU0sVUFBVSxDQUFDLE9BQU8sQ0FBQyxzQkFBc0IsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUV0RSxJQUFJLFFBQVEsQ0FBQyxJQUFJLENBQUMsR0FBRyxLQUFLLE9BQU8sQ0FBQyxHQUFHLENBQUMsV0FBVyxFQUFFO2dCQUNqRCxNQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEdBQUcseUNBQXlDLENBQUM7YUFDMUU7aUJBQU07Z0JBQ0wsbUVBQW1FO2dCQUNuRSxNQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEdBQUcsdURBQXVELENBQUM7YUFDeEY7U0FDRjtRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsTUFBTSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsTUFBTSxHQUFHLHNDQUFzQyxDQUFDLEVBQUUsQ0FBQztZQUN6RSxPQUFPLGVBQWUsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7U0FDdkM7S0FDRjtJQUVELE9BQU8sZUFBZSxDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsQ0FBQztBQUN4QyxDQUFDLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKiBlc2xpbnQtZGlzYWJsZSBpbXBvcnQvbm8tZXh0cmFuZW91cy1kZXBlbmRlbmNpZXMgKi9cbmltcG9ydCB7IGNyZWF0ZUFwcEF1dGggfSBmcm9tICdAb2N0b2tpdC9hdXRoLWFwcCc7XG5pbXBvcnQgeyBPY3Rva2l0IH0gZnJvbSAnQG9jdG9raXQvY29yZSc7XG5pbXBvcnQgKiBhcyBBV1NMYW1iZGEgZnJvbSAnYXdzLWxhbWJkYSc7XG4vKiBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgaW1wb3J0L25vLWV4dHJhbmVvdXMtZGVwZW5kZW5jaWVzLGltcG9ydC9uby11bnJlc29sdmVkICovXG5pbXBvcnQgKiBhcyBBV1MgZnJvbSAnYXdzLXNkayc7XG5pbXBvcnQgeyBiYXNlVXJsRnJvbURvbWFpbiB9IGZyb20gJy4vZ2l0aHViJztcbmltcG9ydCB7IGdldFNlY3JldEpzb25WYWx1ZSwgZ2V0U2VjcmV0VmFsdWUgfSBmcm9tICcuL2xhbWJkYS1oZWxwZXJzJztcblxuY29uc3QgY2ZuID0gbmV3IEFXUy5DbG91ZEZvcm1hdGlvbigpO1xuY29uc3QgZWMyID0gbmV3IEFXUy5FQzIoKTtcbmNvbnN0IGVjciA9IG5ldyBBV1MuRUNSKCk7XG5jb25zdCBzZiA9IG5ldyBBV1MuU3RlcEZ1bmN0aW9ucygpO1xuXG5mdW5jdGlvbiBzZWNyZXRBcm5Ub1VybChhcm46IHN0cmluZykge1xuICBjb25zdCBwYXJ0cyA9IGFybi5zcGxpdCgnOicpOyAvLyBhcm46YXdzOnNlY3JldHNtYW5hZ2VyOnVzLWVhc3QtMToxMjM0NTY3ODpzZWNyZXQ6c2VjcmV0LW5hbWUtUkVWSVNJT05cbiAgY29uc3QgcmVnaW9uID0gcGFydHNbM107XG4gIGNvbnN0IGZ1bGxOYW1lID0gcGFydHNbNl07XG4gIGNvbnN0IG5hbWUgPSBmdWxsTmFtZS5zbGljZSgwLCBmdWxsTmFtZS5sYXN0SW5kZXhPZignLScpKTtcblxuICByZXR1cm4gYGh0dHBzOi8vJHtyZWdpb259LmNvbnNvbGUuYXdzLmFtYXpvbi5jb20vc2VjcmV0c21hbmFnZXIvaG9tZT9yZWdpb249JHtyZWdpb259IyEvc2VjcmV0P25hbWU9JHtuYW1lfWA7XG59XG5cbmZ1bmN0aW9uIGxhbWJkYUFyblRvVXJsKGFybjogc3RyaW5nKSB7XG4gIGNvbnN0IHBhcnRzID0gYXJuLnNwbGl0KCc6Jyk7IC8vIGFybjphd3M6bGFtYmRhOnVzLWVhc3QtMToxMjM0NTY3ODpmdW5jdGlvbjpuYW1lLVhZWlxuICBjb25zdCByZWdpb24gPSBwYXJ0c1szXTtcbiAgY29uc3QgbmFtZSA9IHBhcnRzWzZdO1xuXG4gIHJldHVybiBgaHR0cHM6Ly8ke3JlZ2lvbn0uY29uc29sZS5hd3MuYW1hem9uLmNvbS9sYW1iZGEvaG9tZT9yZWdpb249JHtyZWdpb259Iy9mdW5jdGlvbnMvJHtuYW1lfT90YWI9bW9uaXRvcmluZ2A7XG59XG5cbmZ1bmN0aW9uIHN0ZXBGdW5jdGlvbkFyblRvVXJsKGFybjogc3RyaW5nKSB7XG4gIGNvbnN0IHBhcnRzID0gYXJuLnNwbGl0KCc6Jyk7IC8vIGFybjphd3M6c3RhdGVzOnVzLWVhc3QtMToxMjM0NTY3ODpzdGF0ZU1hY2hpbmU6bmFtZS1YWVpcbiAgY29uc3QgcmVnaW9uID0gcGFydHNbM107XG5cbiAgcmV0dXJuIGBodHRwczovLyR7cmVnaW9ufS5jb25zb2xlLmF3cy5hbWF6b24uY29tL3N0YXRlcy9ob21lP3JlZ2lvbj0ke3JlZ2lvbn0jL3N0YXRlbWFjaGluZXMvdmlldy8ke2Fybn1gO1xufVxuXG5hc3luYyBmdW5jdGlvbiBnZW5lcmF0ZVByb3ZpZGVyc1N0YXR1cyhzdGFjazogc3RyaW5nLCBsb2dpY2FsSWQ6IHN0cmluZykge1xuICBjb25zdCByZXNvdXJjZSA9IGF3YWl0IGNmbi5kZXNjcmliZVN0YWNrUmVzb3VyY2UoeyBTdGFja05hbWU6IHN0YWNrLCBMb2dpY2FsUmVzb3VyY2VJZDogbG9naWNhbElkIH0pLnByb21pc2UoKTtcbiAgY29uc3QgcHJvdmlkZXJzID0gSlNPTi5wYXJzZShyZXNvdXJjZS5TdGFja1Jlc291cmNlRGV0YWlsPy5NZXRhZGF0YSA/PyAne30nKS5wcm92aWRlcnMgYXMgYW55W10gfCB1bmRlZmluZWQ7XG5cbiAgaWYgKCFwcm92aWRlcnMpIHtcbiAgICByZXR1cm4ge307XG4gIH1cblxuICByZXR1cm4gUHJvbWlzZS5hbGwocHJvdmlkZXJzLm1hcChhc3luYyAocCkgPT4ge1xuICAgIC8vIGFkZCBFQ1IgZGF0YSwgaWYgaW1hZ2UgaXMgZnJvbSBFQ1JcbiAgICBpZiAocC5pbWFnZT8uaW1hZ2VSZXBvc2l0b3J5Py5tYXRjaCgvWzAtOV0rXFwuZGtyXFwuZWNyXFwuW2EtejAtOVxcLV0rXFwuYW1hem9uYXdzXFwuY29tXFwvLisvKSkge1xuICAgICAgY29uc3QgdGFncyA9IGF3YWl0IGVjci5kZXNjcmliZUltYWdlcyh7XG4gICAgICAgIHJlcG9zaXRvcnlOYW1lOiBwLmltYWdlLmltYWdlUmVwb3NpdG9yeS5zcGxpdCgnLycpWzFdLFxuICAgICAgICBmaWx0ZXI6IHtcbiAgICAgICAgICB0YWdTdGF0dXM6ICdUQUdHRUQnLFxuICAgICAgICB9LFxuICAgICAgICBtYXhSZXN1bHRzOiAxLFxuICAgICAgfSkucHJvbWlzZSgpO1xuICAgICAgaWYgKHRhZ3MuaW1hZ2VEZXRhaWxzICYmIHRhZ3MuaW1hZ2VEZXRhaWxzPy5sZW5ndGggPj0gMSkge1xuICAgICAgICBwLmltYWdlLmxhdGVzdEltYWdlID0ge1xuICAgICAgICAgIHRhZ3M6IHRhZ3MuaW1hZ2VEZXRhaWxzWzBdLmltYWdlVGFncyxcbiAgICAgICAgICBkaWdlc3Q6IHRhZ3MuaW1hZ2VEZXRhaWxzWzBdLmltYWdlRGlnZXN0LFxuICAgICAgICAgIGRhdGU6IHRhZ3MuaW1hZ2VEZXRhaWxzWzBdLmltYWdlUHVzaGVkQXQsXG4gICAgICAgIH07XG4gICAgICB9XG4gICAgfVxuICAgIC8vIGFkZCBBTUkgZGF0YSwgaWYgaW1hZ2UgaXMgQU1JXG4gICAgaWYgKHAuYW1pPy5sYXVuY2hUZW1wbGF0ZSkge1xuICAgICAgY29uc3QgdmVyc2lvbnMgPSBhd2FpdCBlYzIuZGVzY3JpYmVMYXVuY2hUZW1wbGF0ZVZlcnNpb25zKHtcbiAgICAgICAgTGF1bmNoVGVtcGxhdGVJZDogcC5hbWkubGF1bmNoVGVtcGxhdGUsXG4gICAgICAgIFZlcnNpb25zOiBbJyREZWZhdWx0J10sXG4gICAgICB9KS5wcm9taXNlKCk7XG4gICAgICBpZiAodmVyc2lvbnMuTGF1bmNoVGVtcGxhdGVWZXJzaW9ucyAmJiB2ZXJzaW9ucy5MYXVuY2hUZW1wbGF0ZVZlcnNpb25zLmxlbmd0aCA+PSAxKSB7XG4gICAgICAgIHAuYW1pLmxhdGVzdEFtaSA9IHZlcnNpb25zLkxhdW5jaFRlbXBsYXRlVmVyc2lvbnNbMF0uTGF1bmNoVGVtcGxhdGVEYXRhPy5JbWFnZUlkO1xuICAgICAgfVxuICAgIH1cbiAgICByZXR1cm4gcDtcbiAgfSkpO1xufVxuXG5pbnRlcmZhY2UgQXBwSW5zdGFsbGF0aW9uIHtcbiAgcmVhZG9ubHkgaWQ6IG51bWJlcjtcbiAgcmVhZG9ubHkgdXJsOiBzdHJpbmc7XG4gIHJlYWRvbmx5IHN0YXR1czogc3RyaW5nO1xuICByZWFkb25seSByZXBvc2l0b3JpZXM6IHN0cmluZ1tdO1xufVxuXG5pbnRlcmZhY2UgUmVjZW50UnVuIHtcbiAgcmVhZG9ubHkgb3duZXI/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IHJlcG8/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IHJ1bklkPzogc3RyaW5nO1xuICByZWFkb25seSBleGVjdXRpb25Bcm4/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IHN0YXR1czogc3RyaW5nO1xufVxuXG5mdW5jdGlvbiBzYWZlUmV0dXJuVmFsdWUoZXZlbnQ6IFBhcnRpYWw8QVdTTGFtYmRhLkFQSUdhdGV3YXlQcm94eUV2ZW50Piwgc3RhdHVzOiBhbnkpIHtcbiAgaWYgKGV2ZW50LnBhdGgpIHtcbiAgICByZXR1cm4ge1xuICAgICAgc3RhdHVzQ29kZTogMjAwLFxuICAgICAgaGVhZGVyczoge1xuICAgICAgICAnQ29udGVudC1UeXBlJzogJ2FwcGxpY2F0aW9uL2pzb24nLFxuICAgICAgfSxcbiAgICAgIGJvZHk6IEpTT04uc3RyaW5naWZ5KHN0YXR1cyksXG4gICAgfTtcbiAgfVxuXG4gIHJldHVybiBzdGF0dXM7XG59XG5cbmV4cG9ydHMuaGFuZGxlciA9IGFzeW5jIGZ1bmN0aW9uIChldmVudDogUGFydGlhbDxBV1NMYW1iZGEuQVBJR2F0ZXdheVByb3h5RXZlbnQ+KSB7XG4gIC8vIGNvbmZpcm0gcmVxdWlyZWQgZW52aXJvbm1lbnQgdmFyaWFibGVzXG4gIGlmICghcHJvY2Vzcy5lbnYuV0VCSE9PS19TRUNSRVRfQVJOIHx8ICFwcm9jZXNzLmVudi5HSVRIVUJfU0VDUkVUX0FSTiB8fCAhcHJvY2Vzcy5lbnYuR0lUSFVCX1BSSVZBVEVfS0VZX1NFQ1JFVF9BUk4gfHwgIXByb2Nlc3MuZW52LkxPR0lDQUxfSUQgfHxcbiAgICAgICFwcm9jZXNzLmVudi5XRUJIT09LX0hBTkRMRVJfQVJOIHx8ICFwcm9jZXNzLmVudi5TVEVQX0ZVTkNUSU9OX0FSTiB8fCAhcHJvY2Vzcy5lbnYuU0VUVVBfU0VDUkVUX0FSTiB8fCAhcHJvY2Vzcy5lbnYuU0VUVVBfRlVOQ1RJT05fVVJMIHx8XG4gICAgICAhcHJvY2Vzcy5lbnYuU1RBQ0tfTkFNRSkge1xuICAgIHRocm93IG5ldyBFcnJvcignTWlzc2luZyBlbnZpcm9ubWVudCB2YXJpYWJsZXMnKTtcbiAgfVxuXG4gIC8vIGJhc2Ugc3RhdHVzXG4gIGNvbnN0IHN0YXR1cyA9IHtcbiAgICBnaXRodWI6IHtcbiAgICAgIHNldHVwOiB7XG4gICAgICAgIHN0YXR1czogJ1Vua25vd24nLFxuICAgICAgICB1cmw6ICcnLFxuICAgICAgICBzZWNyZXRBcm46IHByb2Nlc3MuZW52LlNFVFVQX1NFQ1JFVF9BUk4sXG4gICAgICAgIHNlY3JldFVybDogc2VjcmV0QXJuVG9VcmwocHJvY2Vzcy5lbnYuU0VUVVBfU0VDUkVUX0FSTiksXG4gICAgICB9LFxuICAgICAgZG9tYWluOiAnVW5rbm93bicsXG4gICAgICB3ZWJob29rOiB7XG4gICAgICAgIHVybDogcHJvY2Vzcy5lbnYuV0VCSE9PS19VUkwsXG4gICAgICAgIHN0YXR1czogJ1VuYWJsZSB0byBjaGVjaycsXG4gICAgICAgIHNlY3JldEFybjogcHJvY2Vzcy5lbnYuV0VCSE9PS19TRUNSRVRfQVJOLFxuICAgICAgICBzZWNyZXRVcmw6IHNlY3JldEFyblRvVXJsKHByb2Nlc3MuZW52LldFQkhPT0tfU0VDUkVUX0FSTiksXG4gICAgICB9LFxuICAgICAgYXV0aDoge1xuICAgICAgICB0eXBlOiAnVW5rbm93bicsXG4gICAgICAgIHN0YXR1czogJ1Vua25vd24nLFxuICAgICAgICBzZWNyZXRBcm46IHByb2Nlc3MuZW52LkdJVEhVQl9TRUNSRVRfQVJOLFxuICAgICAgICBzZWNyZXRVcmw6IHNlY3JldEFyblRvVXJsKHByb2Nlc3MuZW52LkdJVEhVQl9TRUNSRVRfQVJOKSxcbiAgICAgICAgcHJpdmF0ZUtleVNlY3JldEFybjogcHJvY2Vzcy5lbnYuR0lUSFVCX1BSSVZBVEVfS0VZX1NFQ1JFVF9BUk4sXG4gICAgICAgIHByaXZhdGVLZXlTZWNyZXRVcmw6IHNlY3JldEFyblRvVXJsKHByb2Nlc3MuZW52LkdJVEhVQl9QUklWQVRFX0tFWV9TRUNSRVRfQVJOKSxcbiAgICAgICAgYXBwOiB7XG4gICAgICAgICAgaWQ6ICcnLFxuICAgICAgICAgIHVybDogJycsXG4gICAgICAgICAgaW5zdGFsbGF0aW9uczogW10gYXMgQXBwSW5zdGFsbGF0aW9uW10sXG4gICAgICAgIH0sXG4gICAgICAgIHBlcnNvbmFsQXV0aFRva2VuOiAnJyxcbiAgICAgIH0sXG4gICAgfSxcbiAgICBwcm92aWRlcnM6IGF3YWl0IGdlbmVyYXRlUHJvdmlkZXJzU3RhdHVzKHByb2Nlc3MuZW52LlNUQUNLX05BTUUsIHByb2Nlc3MuZW52LkxPR0lDQUxfSUQpLFxuICAgIHRyb3VibGVzaG9vdGluZzoge1xuICAgICAgd2ViaG9va0hhbmRsZXJBcm46IHByb2Nlc3MuZW52LldFQkhPT0tfSEFORExFUl9BUk4sXG4gICAgICB3ZWJob29rSGFuZGxlclVybDogbGFtYmRhQXJuVG9VcmwocHJvY2Vzcy5lbnYuV0VCSE9PS19IQU5ETEVSX0FSTiksXG4gICAgICBzdGVwRnVuY3Rpb25Bcm46IHByb2Nlc3MuZW52LlNURVBfRlVOQ1RJT05fQVJOLFxuICAgICAgc3RlcEZ1bmN0aW9uVXJsOiBzdGVwRnVuY3Rpb25Bcm5Ub1VybChwcm9jZXNzLmVudi5TVEVQX0ZVTkNUSU9OX0FSTiksXG4gICAgICBzdGVwRnVuY3Rpb25Mb2dHcm91cDogcHJvY2Vzcy5lbnYuU1RFUF9GVU5DVElPTl9MT0dfR1JPVVAsXG4gICAgICByZWNlbnRSdW5zOiBbXSBhcyBSZWNlbnRSdW5bXSxcbiAgICB9LFxuICB9O1xuXG4gIC8vIHNldHVwIHVybFxuICBjb25zdCBzZXR1cFRva2VuID0gKGF3YWl0IGdldFNlY3JldEpzb25WYWx1ZShwcm9jZXNzLmVudi5TRVRVUF9TRUNSRVRfQVJOKSkudG9rZW47XG4gIGlmIChzZXR1cFRva2VuKSB7XG4gICAgc3RhdHVzLmdpdGh1Yi5zZXR1cC5zdGF0dXMgPSAnUGVuZGluZyc7XG4gICAgc3RhdHVzLmdpdGh1Yi5zZXR1cC51cmwgPSBgJHtwcm9jZXNzLmVudi5TRVRVUF9GVU5DVElPTl9VUkx9P3Rva2VuPSR7c2V0dXBUb2tlbn1gO1xuICB9IGVsc2Uge1xuICAgIHN0YXR1cy5naXRodWIuc2V0dXAuc3RhdHVzID0gJ0NvbXBsZXRlJztcbiAgfVxuXG4gIC8vIGxpc3QgbGFzdCAxMCBleGVjdXRpb25zIGFuZCB0aGVpciBzdGF0dXNcbiAgdHJ5IHtcbiAgICBjb25zdCBleGVjdXRpb25zID0gYXdhaXQgc2YubGlzdEV4ZWN1dGlvbnMoe1xuICAgICAgc3RhdGVNYWNoaW5lQXJuOiBwcm9jZXNzLmVudi5TVEVQX0ZVTkNUSU9OX0FSTixcbiAgICAgIG1heFJlc3VsdHM6IDEwLFxuICAgIH0pLnByb21pc2UoKTtcbiAgICBmb3IgKGNvbnN0IGV4ZWN1dGlvbiBvZiBleGVjdXRpb25zLmV4ZWN1dGlvbnMpIHtcbiAgICAgIGNvbnN0IGV4ZWN1dGlvbkRldGFpbHMgPSBhd2FpdCBzZi5kZXNjcmliZUV4ZWN1dGlvbih7XG4gICAgICAgIGV4ZWN1dGlvbkFybjogZXhlY3V0aW9uLmV4ZWN1dGlvbkFybixcbiAgICAgIH0pLnByb21pc2UoKTtcbiAgICAgIGNvbnN0IGlucHV0ID0gSlNPTi5wYXJzZShleGVjdXRpb25EZXRhaWxzLmlucHV0IHx8ICd7fScpO1xuXG4gICAgICBzdGF0dXMudHJvdWJsZXNob290aW5nLnJlY2VudFJ1bnMucHVzaCh7XG4gICAgICAgIGV4ZWN1dGlvbkFybjogZXhlY3V0aW9uLmV4ZWN1dGlvbkFybixcbiAgICAgICAgc3RhdHVzOiBleGVjdXRpb24uc3RhdHVzLFxuICAgICAgICBvd25lcjogaW5wdXQub3duZXIsXG4gICAgICAgIHJlcG86IGlucHV0LnJlcG8sXG4gICAgICAgIHJ1bklkOiBpbnB1dC5ydW5JZCxcbiAgICAgIH0pO1xuICAgIH1cbiAgfSBjYXRjaCAoZSkge1xuICAgIHN0YXR1cy50cm91Ymxlc2hvb3RpbmcucmVjZW50UnVucy5wdXNoKHsgc3RhdHVzOiBgRXJyb3IgZ2V0dGluZyBleGVjdXRpb25zOiAke2V9YCB9KTtcbiAgfVxuXG4gIC8vIGdldCBzZWNyZXRzXG4gIGxldCBnaXRodWJTZWNyZXRzO1xuICB0cnkge1xuICAgIGdpdGh1YlNlY3JldHMgPSBhd2FpdCBnZXRTZWNyZXRKc29uVmFsdWUocHJvY2Vzcy5lbnYuR0lUSFVCX1NFQ1JFVF9BUk4pO1xuICB9IGNhdGNoIChlKSB7XG4gICAgc3RhdHVzLmdpdGh1Yi5hdXRoLnN0YXR1cyA9IGBVbmFibGUgdG8gcmVhZCBzZWNyZXQ6ICR7ZX1gO1xuICAgIHJldHVybiBzYWZlUmV0dXJuVmFsdWUoZXZlbnQsIHN0YXR1cyk7XG4gIH1cblxuICBsZXQgcHJpdmF0ZUtleTtcbiAgdHJ5IHtcbiAgICBwcml2YXRlS2V5ID0gYXdhaXQgZ2V0U2VjcmV0VmFsdWUocHJvY2Vzcy5lbnYuR0lUSFVCX1BSSVZBVEVfS0VZX1NFQ1JFVF9BUk4pO1xuICB9IGNhdGNoIChlKSB7XG4gICAgc3RhdHVzLmdpdGh1Yi5hdXRoLnN0YXR1cyA9IGBVbmFibGUgdG8gcmVhZCBwcml2YXRlIGtleSBzZWNyZXQ6ICR7ZX1gO1xuICAgIHJldHVybiBzYWZlUmV0dXJuVmFsdWUoZXZlbnQsIHN0YXR1cyk7XG4gIH1cblxuICAvLyBjYWxjdWxhdGUgYmFzZSB1cmxcbiAgbGV0IGJhc2VVcmwgPSBiYXNlVXJsRnJvbURvbWFpbihnaXRodWJTZWNyZXRzLmRvbWFpbik7XG4gIHN0YXR1cy5naXRodWIuZG9tYWluID0gZ2l0aHViU2VjcmV0cy5kb21haW47XG5cbiAgaWYgKGdpdGh1YlNlY3JldHMucGVyc29uYWxBdXRoVG9rZW4pIHtcbiAgICAvLyB0cnkgYXV0aGVudGljYXRpbmcgd2l0aCBwZXJzb25hbCBhdXRoZW50aWNhdGlvbiB0b2tlblxuICAgIHN0YXR1cy5naXRodWIuYXV0aC50eXBlID0gJ1BlcnNvbmFsIEF1dGggVG9rZW4nO1xuICAgIHN0YXR1cy5naXRodWIuYXV0aC5wZXJzb25hbEF1dGhUb2tlbiA9ICcqcmVkYWN0ZWQqJztcblxuICAgIGxldCBvY3Rva2l0O1xuICAgIHRyeSB7XG4gICAgICBvY3Rva2l0ID0gbmV3IE9jdG9raXQoeyBiYXNlVXJsLCBhdXRoOiBnaXRodWJTZWNyZXRzLnBlcnNvbmFsQXV0aFRva2VuIH0pO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIHN0YXR1cy5naXRodWIuYXV0aC5zdGF0dXMgPSBgVW5hYmxlIHRvIGF1dGhlbnRpY2F0ZSB1c2luZyBwZXJzb25hbCBhdXRoIHRva2VuOiAke2V9YDtcbiAgICAgIHJldHVybiBzYWZlUmV0dXJuVmFsdWUoZXZlbnQsIHN0YXR1cyk7XG4gICAgfVxuXG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IHVzZXIgPSBhd2FpdCBvY3Rva2l0LnJlcXVlc3QoJ0dFVCAvdXNlcicpO1xuICAgICAgc3RhdHVzLmdpdGh1Yi5hdXRoLnBlcnNvbmFsQXV0aFRva2VuID0gYHVzZXJuYW1lOiAke3VzZXIuZGF0YS5sb2dpbn1gO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIHN0YXR1cy5naXRodWIuYXV0aC5zdGF0dXMgPSBgVW5hYmxlIHRvIGNhbGwgL3VzZXIgd2l0aCBwZXJzb25hbCBhdXRoIHRva2VuOiAke2V9YDtcbiAgICAgIHJldHVybiBzYWZlUmV0dXJuVmFsdWUoZXZlbnQsIHN0YXR1cyk7XG4gICAgfVxuXG4gICAgc3RhdHVzLmdpdGh1Yi5hdXRoLnN0YXR1cyA9ICdPSyc7XG4gICAgc3RhdHVzLmdpdGh1Yi53ZWJob29rLnN0YXR1cyA9ICdVbmFibGUgdG8gdmVyaWZ5IGF1dG9tYXRpY2FsbHknO1xuICB9IGVsc2Uge1xuICAgIC8vIHRyeSBhdXRoZW50aWNhdGluZyB3aXRoIEdpdEh1YiBhcHBcbiAgICBzdGF0dXMuZ2l0aHViLmF1dGgudHlwZSA9ICdHaXRIdWIgQXBwJztcbiAgICBzdGF0dXMuZ2l0aHViLmF1dGguYXBwLmlkID0gZ2l0aHViU2VjcmV0cy5hcHBJZDtcblxuICAgIGxldCBhcHBPY3Rva2l0O1xuICAgIHRyeSB7XG4gICAgICBhcHBPY3Rva2l0ID0gbmV3IE9jdG9raXQoe1xuICAgICAgICBiYXNlVXJsLFxuICAgICAgICBhdXRoU3RyYXRlZ3k6IGNyZWF0ZUFwcEF1dGgsXG4gICAgICAgIGF1dGg6IHtcbiAgICAgICAgICBhcHBJZDogZ2l0aHViU2VjcmV0cy5hcHBJZCxcbiAgICAgICAgICBwcml2YXRlS2V5OiBwcml2YXRlS2V5LFxuICAgICAgICB9LFxuICAgICAgfSk7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgc3RhdHVzLmdpdGh1Yi5hdXRoLnN0YXR1cyA9IGBVbmFibGUgdG8gYXV0aGVudGljYXRlIGFwcDogJHtlfWA7XG4gICAgICByZXR1cm4gc2FmZVJldHVyblZhbHVlKGV2ZW50LCBzdGF0dXMpO1xuICAgIH1cblxuICAgIC8vIGdldCBhcHAgdXJsXG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IGFwcCA9IChhd2FpdCBhcHBPY3Rva2l0LnJlcXVlc3QoJ0dFVCAvYXBwJykpLmRhdGE7XG4gICAgICBzdGF0dXMuZ2l0aHViLmF1dGguYXBwLnVybCA9IGFwcC5odG1sX3VybDtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICBzdGF0dXMuZ2l0aHViLmF1dGguc3RhdHVzID0gYFVuYWJsZSB0byBnZXQgYXBwIGRldGFpbHM6ICR7ZX1gO1xuICAgICAgcmV0dXJuIHNhZmVSZXR1cm5WYWx1ZShldmVudCwgc3RhdHVzKTtcbiAgICB9XG5cbiAgICAvLyBsaXN0IGFsbCBhcHAgaW5zdGFsbGF0aW9uc1xuICAgIHRyeSB7XG4gICAgICBjb25zdCBpbnN0YWxsYXRpb25zID0gKGF3YWl0IGFwcE9jdG9raXQucmVxdWVzdCgnR0VUIC9hcHAvaW5zdGFsbGF0aW9ucycpKS5kYXRhO1xuICAgICAgZm9yIChjb25zdCBpbnN0YWxsYXRpb24gb2YgaW5zdGFsbGF0aW9ucykge1xuICAgICAgICBsZXQgaW5zdGFsbGF0aW9uRGV0YWlscyA9IHtcbiAgICAgICAgICBpZDogaW5zdGFsbGF0aW9uLmlkLFxuICAgICAgICAgIHVybDogaW5zdGFsbGF0aW9uLmh0bWxfdXJsLFxuICAgICAgICAgIHN0YXR1czogJ1VuYWJsZSB0byBxdWVyeScsXG4gICAgICAgICAgcmVwb3NpdG9yaWVzOiBbXSBhcyBzdHJpbmdbXSxcbiAgICAgICAgfTtcblxuICAgICAgICBsZXQgdG9rZW47XG4gICAgICAgIHRyeSB7XG4gICAgICAgICAgdG9rZW4gPSAoYXdhaXQgYXBwT2N0b2tpdC5hdXRoKHtcbiAgICAgICAgICAgIHR5cGU6ICdpbnN0YWxsYXRpb24nLFxuICAgICAgICAgICAgaW5zdGFsbGF0aW9uSWQ6IGluc3RhbGxhdGlvbi5pZCxcbiAgICAgICAgICB9KSBhcyBhbnkpLnRva2VuO1xuICAgICAgICB9IGNhdGNoIChlKSB7XG4gICAgICAgICAgaW5zdGFsbGF0aW9uRGV0YWlscy5zdGF0dXMgPSBgVW5hYmxlIHRvIGF1dGhlbnRpY2F0ZSBhcHAgaW5zdGFsbGF0aW9uOiAke2V9YDtcbiAgICAgICAgICBjb250aW51ZTtcbiAgICAgICAgfVxuXG4gICAgICAgIGxldCBvY3Rva2l0O1xuICAgICAgICB0cnkge1xuICAgICAgICAgIG9jdG9raXQgPSBuZXcgT2N0b2tpdCh7IGJhc2VVcmwsIGF1dGg6IHRva2VuIH0pO1xuICAgICAgICB9IGNhdGNoIChlKSB7XG4gICAgICAgICAgaW5zdGFsbGF0aW9uRGV0YWlscy5zdGF0dXMgPSBgVW5hYmxlIHRvIGF1dGhlbnRpY2F0ZSB1c2luZyBhcHA6ICR7ZX1gO1xuICAgICAgICAgIGNvbnRpbnVlO1xuICAgICAgICB9XG5cbiAgICAgICAgdHJ5IHtcbiAgICAgICAgICBjb25zdCByZXBvc2l0b3JpZXMgPSAoYXdhaXQgb2N0b2tpdC5yZXF1ZXN0KCdHRVQgL2luc3RhbGxhdGlvbi9yZXBvc2l0b3JpZXMnKSkuZGF0YS5yZXBvc2l0b3JpZXM7XG4gICAgICAgICAgZm9yIChjb25zdCByZXBvIG9mIHJlcG9zaXRvcmllcykge1xuICAgICAgICAgICAgaW5zdGFsbGF0aW9uRGV0YWlscy5yZXBvc2l0b3JpZXMucHVzaChyZXBvLmZ1bGxfbmFtZSBhcyBzdHJpbmcpO1xuICAgICAgICAgIH1cbiAgICAgICAgfSBjYXRjaCAoZSkge1xuICAgICAgICAgIGluc3RhbGxhdGlvbkRldGFpbHMuc3RhdHVzID0gYFVuYWJsZSB0byBhdXRoZW50aWNhdGUgdXNpbmcgaW5zdGFsbGF0aW9uIHRva2VuOiAke2V9YDtcbiAgICAgICAgICBjb250aW51ZTtcbiAgICAgICAgfVxuXG4gICAgICAgIGluc3RhbGxhdGlvbkRldGFpbHMuc3RhdHVzID0gJ09LJztcbiAgICAgICAgc3RhdHVzLmdpdGh1Yi5hdXRoLmFwcC5pbnN0YWxsYXRpb25zLnB1c2goaW5zdGFsbGF0aW9uRGV0YWlscyk7XG4gICAgICB9XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgc3RhdHVzLmdpdGh1Yi5hdXRoLnN0YXR1cyA9ICdVbmFibGUgdG8gbGlzdCBhcHAgaW5zdGFsbGF0aW9ucyc7XG4gICAgICByZXR1cm4gc2FmZVJldHVyblZhbHVlKGV2ZW50LCBzdGF0dXMpO1xuICAgIH1cblxuICAgIHN0YXR1cy5naXRodWIuYXV0aC5zdGF0dXMgPSAnT0snO1xuXG4gICAgLy8gY2hlY2sgd2ViaG9vayBjb25maWdcbiAgICB0cnkge1xuICAgICAgY29uc3QgcmVzcG9uc2UgPSBhd2FpdCBhcHBPY3Rva2l0LnJlcXVlc3QoJ0dFVCAvYXBwL2hvb2svY29uZmlnJywge30pO1xuXG4gICAgICBpZiAocmVzcG9uc2UuZGF0YS51cmwgIT09IHByb2Nlc3MuZW52LldFQkhPT0tfVVJMKSB7XG4gICAgICAgIHN0YXR1cy5naXRodWIud2ViaG9vay5zdGF0dXMgPSAnR2l0SHViIGhhcyB3cm9uZyB3ZWJob29rIFVSTCBjb25maWd1cmVkJztcbiAgICAgIH0gZWxzZSB7XG4gICAgICAgIC8vIFRPRE8gY2hlY2sgc2VjcmV0IGJ5IGRvaW5nIGEgZHVtbXkgZGVsaXZlcnk/IGZvcmNlIGFwcGx5IHNlY3JldD9cbiAgICAgICAgc3RhdHVzLmdpdGh1Yi53ZWJob29rLnN0YXR1cyA9ICdPSyAobm90ZSB0aGF0IHNlY3JldCBjYW5ub3QgYmUgY2hlY2tlZCBhdXRvbWF0aWNhbGx5KSc7XG4gICAgICB9XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgc3RhdHVzLmdpdGh1Yi53ZWJob29rLnN0YXR1cyA9IGBVbmFibGUgdG8gY2hlY2sgYXBwIGNvbmZpZ3VyYXRpb246ICR7ZX1gO1xuICAgICAgcmV0dXJuIHNhZmVSZXR1cm5WYWx1ZShldmVudCwgc3RhdHVzKTtcbiAgICB9XG4gIH1cblxuICByZXR1cm4gc2FmZVJldHVyblZhbHVlKGV2ZW50LCBzdGF0dXMpO1xufTtcbiJdfQ==

package/lib/{lambdas/token-retriever-function.d.ts → token-retriever-function.d.ts} RENAMED Viewed

@@ -6,7 +6,7 @@ import { Construct } from 'constructs';
 export interface TokenRetrieverFunctionProps extends lambda.FunctionOptions {
 }
 /**
- * An AWS Lambda function which executes src/lambdas/token-retriever.
+ * An AWS Lambda function which executes src/token-retriever.
  */
 export declare class TokenRetrieverFunction extends lambda.Function {
     constructor(scope: Construct, id: string, props?: TokenRetrieverFunctionProps);

package/lib/token-retriever-function.js ADDED Viewed

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TokenRetrieverFunction = void 0;
+// ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen".
+const path = require("path");
+const lambda = require("aws-cdk-lib/aws-lambda");
+/**
+ * An AWS Lambda function which executes src/token-retriever.
+ */
+class TokenRetrieverFunction extends lambda.Function {
+    constructor(scope, id, props) {
+        super(scope, id, {
+            description: 'src/token-retriever.lambda.ts',
+            ...props,
+            runtime: new lambda.Runtime('nodejs16.x', lambda.RuntimeFamily.NODEJS),
+            handler: 'index.handler',
+            code: lambda.Code.fromAsset(path.join(__dirname, '../assets/token-retriever.lambda')),
+        });
+        this.addEnvironment('AWS_NODEJS_CONNECTION_REUSE_ENABLED', '1', { removeInEdge: true });
+    }
+}
+exports.TokenRetrieverFunction = TokenRetrieverFunction;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidG9rZW4tcmV0cmlldmVyLWZ1bmN0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3Rva2VuLXJldHJpZXZlci1mdW5jdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2RUFBNkU7QUFDN0UsNkJBQTZCO0FBQzdCLGlEQUFpRDtBQVNqRDs7R0FFRztBQUNILE1BQWEsc0JBQXVCLFNBQVEsTUFBTSxDQUFDLFFBQVE7SUFDekQsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFtQztRQUMzRSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLFdBQVcsRUFBRSwrQkFBK0I7WUFDNUMsR0FBRyxLQUFLO1lBQ1IsT0FBTyxFQUFFLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxZQUFZLEVBQUUsTUFBTSxDQUFDLGFBQWEsQ0FBQyxNQUFNLENBQUM7WUFDdEUsT0FBTyxFQUFFLGVBQWU7WUFDeEIsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFFLGtDQUFrQyxDQUFDLENBQUM7U0FDdEYsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLGNBQWMsQ0FBQyxxQ0FBcUMsRUFBRSxHQUFHLEVBQUUsRUFBRSxZQUFZLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztJQUMxRixDQUFDO0NBQ0Y7QUFYRCx3REFXQyIsInNvdXJjZXNDb250ZW50IjpbIi8vIH5+IEdlbmVyYXRlZCBieSBwcm9qZW4uIFRvIG1vZGlmeSwgZWRpdCAucHJvamVucmMuanMgYW5kIHJ1biBcIm5weCBwcm9qZW5cIi5cbmltcG9ydCAqIGFzIHBhdGggZnJvbSAncGF0aCc7XG5pbXBvcnQgKiBhcyBsYW1iZGEgZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcblxuLyoqXG4gKiBQcm9wcyBmb3IgVG9rZW5SZXRyaWV2ZXJGdW5jdGlvblxuICovXG5leHBvcnQgaW50ZXJmYWNlIFRva2VuUmV0cmlldmVyRnVuY3Rpb25Qcm9wcyBleHRlbmRzIGxhbWJkYS5GdW5jdGlvbk9wdGlvbnMge1xufVxuXG4vKipcbiAqIEFuIEFXUyBMYW1iZGEgZnVuY3Rpb24gd2hpY2ggZXhlY3V0ZXMgc3JjL3Rva2VuLXJldHJpZXZlci5cbiAqL1xuZXhwb3J0IGNsYXNzIFRva2VuUmV0cmlldmVyRnVuY3Rpb24gZXh0ZW5kcyBsYW1iZGEuRnVuY3Rpb24ge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IFRva2VuUmV0cmlldmVyRnVuY3Rpb25Qcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgZGVzY3JpcHRpb246ICdzcmMvdG9rZW4tcmV0cmlldmVyLmxhbWJkYS50cycsXG4gICAgICAuLi5wcm9wcyxcbiAgICAgIHJ1bnRpbWU6IG5ldyBsYW1iZGEuUnVudGltZSgnbm9kZWpzMTYueCcsIGxhbWJkYS5SdW50aW1lRmFtaWx5Lk5PREVKUyksXG4gICAgICBoYW5kbGVyOiAnaW5kZXguaGFuZGxlcicsXG4gICAgICBjb2RlOiBsYW1iZGEuQ29kZS5mcm9tQXNzZXQocGF0aC5qb2luKF9fZGlybmFtZSwgJy4uL2Fzc2V0cy90b2tlbi1yZXRyaWV2ZXIubGFtYmRhJykpLFxuICAgIH0pO1xuICAgIHRoaXMuYWRkRW52aXJvbm1lbnQoJ0FXU19OT0RFSlNfQ09OTkVDVElPTl9SRVVTRV9FTkFCTEVEJywgJzEnLCB7IHJlbW92ZUluRWRnZTogdHJ1ZSB9KTtcbiAgfVxufSJdfQ==