@drunk-pulumi/azure 0.0.19

package/Cdn/index.d.ts

@@ -0,0 +1,11 @@
+import { KeyVaultInfo, ResourceGroupInfo } from '../types';
+interface Props {
+    name: string;
+    group?: ResourceGroupInfo;
+    vaultAccess?: {
+        enableRbacAccess?: boolean;
+        vaultInfo: KeyVaultInfo;
+    };
+}
+declare const _default: ({ name, group, vaultAccess, }: Props) => import("@pulumi/azure-native/cdn/profile").Profile;
+export default _default;

package/Cdn/index.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const cdn = require("@pulumi/azure-native/cdn");
+const azureAd = require("@pulumi/azuread");
+const Naming_1 = require("../Common/Naming");
+const Common_1 = require("../Common");
+const AzureEnv_1 = require("../Common/AzureEnv");
+const VaultPermissions_1 = require("../KeyVault/VaultPermissions");
+exports.default = ({ name, group = Common_1.global.groupInfo, vaultAccess, }) => {
+    name = (0, Naming_1.getCdnProfileName)(name);
+    const profile = new cdn.Profile(name, {
+        profileName: name,
+        ...group,
+        location: 'global',
+        sku: { name: cdn.SkuName.Standard_Microsoft },
+        tags: AzureEnv_1.defaultTags,
+    });
+    if (vaultAccess) {
+        //https://docs.microsoft.com/en-us/azure/cdn/cdn-custom-ssl?tabs=option-2-enable-https-with-your-own-certificate
+        const n = `${name}-sp`;
+        const sp = new azureAd.ServicePrincipal(n, {
+            //applicationId: '205478c0-bd83-4e1b-a9d6-db63a3e1e1c8',
+            clientId: '205478c0-bd83-4e1b-a9d6-db63a3e1e1c8',
+        });
+        if (vaultAccess.enableRbacAccess) {
+            (0, VaultPermissions_1.grantVaultRbacPermission)({
+                name: n,
+                objectId: sp.objectId,
+                permission: 'ReadOnly',
+                applicationId: sp.clientId,
+                principalType: 'ServicePrincipal',
+                scope: vaultAccess.vaultInfo.id,
+            });
+        }
+        // else
+        //   grantVaultAccessPolicy({
+        //     name: n,
+        //     objectId: sp.objectId,
+        //     permission: "ReadOnly",
+        //     applicationId: sp.applicationId,
+        //     principalType: "ServicePrincipal",
+        //     vaultInfo: vaultAccess.vaultInfo,
+        //   });
+    }
+    return profile;
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQ2RuL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQ0EsZ0RBQWdEO0FBQ2hELDJDQUEyQztBQUMzQyw2Q0FBcUQ7QUFDckQsc0NBQW1DO0FBQ25DLGlEQUFpRDtBQUNqRCxtRUFBd0U7QUFXeEUsa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixLQUFLLEdBQUcsZUFBTSxDQUFDLFNBQVMsRUFDeEIsV0FBVyxHQUNMLEVBQUUsRUFBRTtJQUNWLElBQUksR0FBRyxJQUFBLDBCQUFpQixFQUFDLElBQUksQ0FBQyxDQUFDO0lBRS9CLE1BQU0sT0FBTyxHQUFHLElBQUksR0FBRyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUU7UUFDcEMsV0FBVyxFQUFFLElBQUk7UUFDakIsR0FBRyxLQUFLO1FBQ1IsUUFBUSxFQUFFLFFBQVE7UUFDbEIsR0FBRyxFQUFFLEVBQUUsSUFBSSxFQUFFLEdBQUcsQ0FBQyxPQUFPLENBQUMsa0JBQWtCLEVBQUU7UUFDN0MsSUFBSSxFQUFFLHNCQUFXO0tBQ2xCLENBQUMsQ0FBQztJQUVILElBQUksV0FBVyxFQUFFLENBQUM7UUFDaEIsZ0hBQWdIO1FBQ2hILE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBSSxLQUFLLENBQUM7UUFFdkIsTUFBTSxFQUFFLEdBQUcsSUFBSSxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxFQUFFO1lBQ3pDLHdEQUF3RDtZQUN4RCxRQUFRLEVBQUUsc0NBQXNDO1NBQ2pELENBQUMsQ0FBQztRQUVILElBQUksV0FBVyxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDakMsSUFBQSwyQ0FBd0IsRUFBQztnQkFDdkIsSUFBSSxFQUFFLENBQUM7Z0JBQ1AsUUFBUSxFQUFFLEVBQUUsQ0FBQyxRQUFRO2dCQUNyQixVQUFVLEVBQUUsVUFBVTtnQkFDdEIsYUFBYSxFQUFFLEVBQUUsQ0FBQyxRQUFRO2dCQUMxQixhQUFhLEVBQUUsa0JBQWtCO2dCQUNqQyxLQUFLLEVBQUUsV0FBVyxDQUFDLFNBQVMsQ0FBQyxFQUFFO2FBQ2hDLENBQUMsQ0FBQztRQUNMLENBQUM7UUFDRCxPQUFPO1FBQ1AsNkJBQTZCO1FBQzdCLGVBQWU7UUFDZiw2QkFBNkI7UUFDN0IsOEJBQThCO1FBQzlCLHVDQUF1QztRQUN2Qyx5Q0FBeUM7UUFDekMsd0NBQXdDO1FBQ3hDLFFBQVE7SUFDVixDQUFDO0lBRUQsT0FBTyxPQUFPLENBQUM7QUFDakIsQ0FBQyxDQUFDIn0=

package/Certificate/index.d.ts

@@ -0,0 +1,41 @@
+import { KeyVaultInfo } from '../types';
+export declare const defaultAllowedUses: string[];
+export declare const defaultCodeSignUses: string[];
+export declare const createSelfSignCertV2: ({ dnsName, commonName, organization, allowedUses, validYears, vaultInfo, }: {
+    dnsName: string;
+    commonName: string;
+    organization: string;
+    allowedUses?: string[] | undefined;
+    validYears?: number | undefined;
+    vaultInfo?: KeyVaultInfo | undefined;
+}) => {
+    cert: import("@pulumi/pulumi").Output<string>;
+    privateKey: import("@pulumi/pulumi").Output<string>;
+    ca: import("@pulumi/pulumi").Output<string>;
+};
+export declare const createSelfSignCert: ({ dnsName, commonName, organization, allowedUses, validYears, vaultInfo, }: {
+    dnsName: string;
+    commonName: string;
+    organization: string;
+    allowedUses?: string[] | undefined;
+    validYears?: number | undefined;
+    vaultInfo?: KeyVaultInfo | undefined;
+}) => {
+    cert: import("@pulumi/pulumi").Output<string>;
+    privateKey: import("@pulumi/pulumi").Output<string>;
+    ca: undefined;
+};
+export declare const convertPfxFileToPem: ({ certPath, password, }: {
+    certPath: string;
+    password?: string | undefined;
+}) => Promise<{
+    cert: string;
+    privateKey: string;
+}>;
+export declare const convertPfxToPem: ({ base64Cert, password, }: {
+    base64Cert: string;
+    password?: string | undefined;
+}) => {
+    cert: string;
+    privateKey: string;
+};

package/Certificate/index.js

@@ -0,0 +1,156 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertPfxToPem = exports.convertPfxFileToPem = exports.createSelfSignCert = exports.createSelfSignCertV2 = exports.defaultCodeSignUses = exports.defaultAllowedUses = void 0;
+const tls = require("@pulumi/tls");
+const fs = require("fs");
+const pem = require("./p12");
+const CustomHelper_1 = require("../KeyVault/CustomHelper");
+exports.defaultAllowedUses = [
+    'data_encipherment',
+    'digital_signature',
+    'cert_signing',
+    'client_auth',
+    'key_agreement',
+    'key_encipherment',
+    'server_auth',
+    'timestamping',
+];
+exports.defaultCodeSignUses = [
+    'cert_signing',
+    'code_signing',
+    'content_commitment',
+    'data_encipherment',
+    'digital_signature',
+    'email_protection',
+    'key_agreement',
+    'key_encipherment',
+    'microsoft_Commercial_Code_Signing',
+    'microsoft_Kernel_Code_Signing',
+    'ocsp_signing',
+];
+const createSelfSignCertV2 = ({ dnsName, commonName, organization, allowedUses = exports.defaultAllowedUses, validYears = 3, vaultInfo, }) => {
+    const vaultCertName = `${dnsName}-cert`;
+    const vaultCAName = `${dnsName}-ca`;
+    const vaultPrivateKeyName = `${dnsName}-key`;
+    const validityPeriodHours = validYears * 365 * 24;
+    // Create a private key
+    const privateKey = new tls.PrivateKey(vaultCertName, {
+        algorithm: 'RSA',
+        rsaBits: 2048,
+    });
+    // Create a certificate authority
+    const ca = new tls.SelfSignedCert(vaultCAName, {
+        dnsNames: [dnsName],
+        subject: {
+            commonName,
+            organization,
+        },
+        allowedUses,
+        isCaCertificate: true,
+        privateKeyPem: privateKey.privateKeyPem,
+        validityPeriodHours,
+        earlyRenewalHours: 30 * 24,
+    });
+    //Create Cert Request
+    const certRequest = new tls.CertRequest(`${dnsName}-cert-request`, {
+        dnsNames: [dnsName],
+        subject: {
+            commonName,
+            organization,
+        },
+        privateKeyPem: privateKey.privateKeyPem,
+    });
+    // Create a local certificate signed by the certificate authority
+    const cert = new tls.LocallySignedCert(vaultCertName, {
+        certRequestPem: certRequest.certRequestPem,
+        caPrivateKeyPem: ca.privateKeyPem,
+        caCertPem: ca.certPem,
+        validityPeriodHours,
+        isCaCertificate: false,
+        allowedUses: ['key_encipherment', 'digital_signature', 'server_auth'],
+    });
+    if (vaultInfo) {
+        (0, CustomHelper_1.addCustomSecret)({
+            name: vaultCertName,
+            vaultInfo,
+            value: cert.certPem,
+            contentType: `${dnsName} self sign cert.`,
+        });
+        (0, CustomHelper_1.addCustomSecret)({
+            name: vaultCAName,
+            vaultInfo,
+            value: ca.certPem,
+            contentType: `${dnsName} self sign ca cert.`,
+        });
+        (0, CustomHelper_1.addCustomSecret)({
+            name: vaultPrivateKeyName,
+            vaultInfo,
+            value: privateKey.privateKeyPem,
+            contentType: `${dnsName} self sign private key.`,
+        });
+    }
+    return {
+        cert: cert.certPem,
+        privateKey: privateKey.privateKeyPem,
+        ca: ca.certPem,
+    };
+};
+exports.createSelfSignCertV2 = createSelfSignCertV2;
+const createSelfSignCert = ({ dnsName, commonName, organization, allowedUses = exports.defaultAllowedUses, validYears = 3, vaultInfo, }) => {
+    const vaultCertName = `${dnsName}-cert`;
+    const vaultPrivateKeyName = `${dnsName}-key`;
+    const validityPeriodHours = validYears * 365 * 24;
+    // Create a private key
+    const privateKey = new tls.PrivateKey(vaultCertName, {
+        algorithm: 'RSA',
+        rsaBits: 2048,
+    });
+    // Create a certificate authority
+    const cert = new tls.SelfSignedCert(vaultCertName, {
+        dnsNames: [dnsName],
+        subject: {
+            commonName,
+            organization,
+        },
+        allowedUses,
+        isCaCertificate: false,
+        privateKeyPem: privateKey.privateKeyPem,
+        validityPeriodHours,
+        earlyRenewalHours: 30 * 24,
+    });
+    if (vaultInfo) {
+        (0, CustomHelper_1.addCustomSecret)({
+            name: vaultCertName,
+            vaultInfo,
+            value: cert.certPem,
+            contentType: `${dnsName} self sign cert.`,
+        });
+        (0, CustomHelper_1.addCustomSecret)({
+            name: vaultPrivateKeyName,
+            vaultInfo,
+            value: privateKey.privateKeyPem,
+            contentType: `${dnsName} self sign private key.`,
+        });
+    }
+    return {
+        cert: cert.certPem,
+        privateKey: privateKey.privateKeyPem,
+        ca: undefined,
+    };
+};
+exports.createSelfSignCert = createSelfSignCert;
+const convertPfxFileToPem = async ({ certPath, password, }) => {
+    const p12File = await fs.promises.readFile(certPath, { encoding: 'binary' });
+    const cert = pem.convertToPem(p12File, password);
+    console.log('Loaded P12 file', certPath);
+    return { cert: cert.pemCertificate, privateKey: cert.pemKey };
+};
+exports.convertPfxFileToPem = convertPfxFileToPem;
+const convertPfxToPem = ({ base64Cert, password, }) => {
+    const byteArray = Buffer.from(base64Cert, 'base64');
+    const cert = pem.convertToPem(byteArray.toString('binary'), password);
+    console.log('Loaded P12 base64');
+    return { cert: cert.pemCertificate, privateKey: cert.pemKey };
+};
+exports.convertPfxToPem = convertPfxToPem;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQ2VydGlmaWNhdGUvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsbUNBQW1DO0FBQ25DLHlCQUF5QjtBQUN6Qiw2QkFBNkI7QUFFN0IsMkRBQTJEO0FBRTlDLFFBQUEsa0JBQWtCLEdBQUc7SUFDaEMsbUJBQW1CO0lBQ25CLG1CQUFtQjtJQUNuQixjQUFjO0lBQ2QsYUFBYTtJQUNiLGVBQWU7SUFDZixrQkFBa0I7SUFDbEIsYUFBYTtJQUNiLGNBQWM7Q0FDZixDQUFDO0FBRVcsUUFBQSxtQkFBbUIsR0FBRztJQUNqQyxjQUFjO0lBQ2QsY0FBYztJQUNkLG9CQUFvQjtJQUNwQixtQkFBbUI7SUFDbkIsbUJBQW1CO0lBQ25CLGtCQUFrQjtJQUNsQixlQUFlO0lBQ2Ysa0JBQWtCO0lBQ2xCLG1DQUFtQztJQUNuQywrQkFBK0I7SUFDL0IsY0FBYztDQUNmLENBQUM7QUFFSyxNQUFNLG9CQUFvQixHQUFHLENBQUMsRUFDbkMsT0FBTyxFQUNQLFVBQVUsRUFDVixZQUFZLEVBQ1osV0FBVyxHQUFHLDBCQUFrQixFQUNoQyxVQUFVLEdBQUcsQ0FBQyxFQUNkLFNBQVMsR0FRVixFQUFFLEVBQUU7SUFDSCxNQUFNLGFBQWEsR0FBRyxHQUFHLE9BQU8sT0FBTyxDQUFDO0lBQ3hDLE1BQU0sV0FBVyxHQUFHLEdBQUcsT0FBTyxLQUFLLENBQUM7SUFDcEMsTUFBTSxtQkFBbUIsR0FBRyxHQUFHLE9BQU8sTUFBTSxDQUFDO0lBQzdDLE1BQU0sbUJBQW1CLEdBQUcsVUFBVSxHQUFHLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFFbEQsdUJBQXVCO0lBQ3ZCLE1BQU0sVUFBVSxHQUFHLElBQUksR0FBRyxDQUFDLFVBQVUsQ0FBQyxhQUFhLEVBQUU7UUFDbkQsU0FBUyxFQUFFLEtBQUs7UUFDaEIsT0FBTyxFQUFFLElBQUk7S0FDZCxDQUFDLENBQUM7SUFFSCxpQ0FBaUM7SUFDakMsTUFBTSxFQUFFLEdBQUcsSUFBSSxHQUFHLENBQUMsY0FBYyxDQUFDLFdBQVcsRUFBRTtRQUM3QyxRQUFRLEVBQUUsQ0FBQyxPQUFPLENBQUM7UUFDbkIsT0FBTyxFQUFFO1lBQ1AsVUFBVTtZQUNWLFlBQVk7U0FDYjtRQUNELFdBQVc7UUFDWCxlQUFlLEVBQUUsSUFBSTtRQUNyQixhQUFhLEVBQUUsVUFBVSxDQUFDLGFBQWE7UUFDdkMsbUJBQW1CO1FBQ25CLGlCQUFpQixFQUFFLEVBQUUsR0FBRyxFQUFFO0tBQzNCLENBQUMsQ0FBQztJQUVILHFCQUFxQjtJQUNyQixNQUFNLFdBQVcsR0FBRyxJQUFJLEdBQUcsQ0FBQyxXQUFXLENBQUMsR0FBRyxPQUFPLGVBQWUsRUFBRTtRQUNqRSxRQUFRLEVBQUUsQ0FBQyxPQUFPLENBQUM7UUFDbkIsT0FBTyxFQUFFO1lBQ1AsVUFBVTtZQUNWLFlBQVk7U0FDYjtRQUNELGFBQWEsRUFBRSxVQUFVLENBQUMsYUFBYTtLQUN4QyxDQUFDLENBQUM7SUFFSCxpRUFBaUU7SUFDakUsTUFBTSxJQUFJLEdBQUcsSUFBSSxHQUFHLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFO1FBQ3BELGNBQWMsRUFBRSxXQUFXLENBQUMsY0FBYztRQUMxQyxlQUFlLEVBQUUsRUFBRSxDQUFDLGFBQWE7UUFDakMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxPQUFPO1FBQ3JCLG1CQUFtQjtRQUNuQixlQUFlLEVBQUUsS0FBSztRQUN0QixXQUFXLEVBQUUsQ0FBQyxrQkFBa0IsRUFBRSxtQkFBbUIsRUFBRSxhQUFhLENBQUM7S0FDdEUsQ0FBQyxDQUFDO0lBRUgsSUFBSSxTQUFTLEVBQUUsQ0FBQztRQUNkLElBQUEsOEJBQWUsRUFBQztZQUNkLElBQUksRUFBRSxhQUFhO1lBQ25CLFNBQVM7WUFDVCxLQUFLLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDbkIsV0FBVyxFQUFFLEdBQUcsT0FBTyxrQkFBa0I7U0FDMUMsQ0FBQyxDQUFDO1FBRUgsSUFBQSw4QkFBZSxFQUFDO1lBQ2QsSUFBSSxFQUFFLFdBQVc7WUFDakIsU0FBUztZQUNULEtBQUssRUFBRSxFQUFFLENBQUMsT0FBTztZQUNqQixXQUFXLEVBQUUsR0FBRyxPQUFPLHFCQUFxQjtTQUM3QyxDQUFDLENBQUM7UUFFSCxJQUFBLDhCQUFlLEVBQUM7WUFDZCxJQUFJLEVBQUUsbUJBQW1CO1lBQ3pCLFNBQVM7WUFDVCxLQUFLLEVBQUUsVUFBVSxDQUFDLGFBQWE7WUFDL0IsV0FBVyxFQUFFLEdBQUcsT0FBTyx5QkFBeUI7U0FDakQsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE9BQU87UUFDTCxJQUFJLEVBQUUsSUFBSSxDQUFDLE9BQU87UUFDbEIsVUFBVSxFQUFFLFVBQVUsQ0FBQyxhQUFhO1FBQ3BDLEVBQUUsRUFBRSxFQUFFLENBQUMsT0FBTztLQUNmLENBQUM7QUFDSixDQUFDLENBQUM7QUF4RlcsUUFBQSxvQkFBb0Isd0JBd0YvQjtBQUVLLE1BQU0sa0JBQWtCLEdBQUcsQ0FBQyxFQUNqQyxPQUFPLEVBQ1AsVUFBVSxFQUNWLFlBQVksRUFDWixXQUFXLEdBQUcsMEJBQWtCLEVBQ2hDLFVBQVUsR0FBRyxDQUFDLEVBQ2QsU0FBUyxHQVFWLEVBQUUsRUFBRTtJQUNILE1BQU0sYUFBYSxHQUFHLEdBQUcsT0FBTyxPQUFPLENBQUM7SUFDeEMsTUFBTSxtQkFBbUIsR0FBRyxHQUFHLE9BQU8sTUFBTSxDQUFDO0lBQzdDLE1BQU0sbUJBQW1CLEdBQUcsVUFBVSxHQUFHLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFFbEQsdUJBQXVCO0lBQ3ZCLE1BQU0sVUFBVSxHQUFHLElBQUksR0FBRyxDQUFDLFVBQVUsQ0FBQyxhQUFhLEVBQUU7UUFDbkQsU0FBUyxFQUFFLEtBQUs7UUFDaEIsT0FBTyxFQUFFLElBQUk7S0FDZCxDQUFDLENBQUM7SUFFSCxpQ0FBaUM7SUFDakMsTUFBTSxJQUFJLEdBQUcsSUFBSSxHQUFHLENBQUMsY0FBYyxDQUFDLGFBQWEsRUFBRTtRQUNqRCxRQUFRLEVBQUUsQ0FBQyxPQUFPLENBQUM7UUFDbkIsT0FBTyxFQUFFO1lBQ1AsVUFBVTtZQUNWLFlBQVk7U0FDYjtRQUNELFdBQVc7UUFDWCxlQUFlLEVBQUUsS0FBSztRQUN0QixhQUFhLEVBQUUsVUFBVSxDQUFDLGFBQWE7UUFDdkMsbUJBQW1CO1FBQ25CLGlCQUFpQixFQUFFLEVBQUUsR0FBRyxFQUFFO0tBQzNCLENBQUMsQ0FBQztJQUVILElBQUksU0FBUyxFQUFFLENBQUM7UUFDZCxJQUFBLDhCQUFlLEVBQUM7WUFDZCxJQUFJLEVBQUUsYUFBYTtZQUNuQixTQUFTO1lBQ1QsS0FBSyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ25CLFdBQVcsRUFBRSxHQUFHLE9BQU8sa0JBQWtCO1NBQzFDLENBQUMsQ0FBQztRQUVILElBQUEsOEJBQWUsRUFBQztZQUNkLElBQUksRUFBRSxtQkFBbUI7WUFDekIsU0FBUztZQUNULEtBQUssRUFBRSxVQUFVLENBQUMsYUFBYTtZQUMvQixXQUFXLEVBQUUsR0FBRyxPQUFPLHlCQUF5QjtTQUNqRCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsT0FBTztRQUNMLElBQUksRUFBRSxJQUFJLENBQUMsT0FBTztRQUNsQixVQUFVLEVBQUUsVUFBVSxDQUFDLGFBQWE7UUFDcEMsRUFBRSxFQUFFLFNBQVM7S0FDZCxDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBNURXLFFBQUEsa0JBQWtCLHNCQTREN0I7QUFFSyxNQUFNLG1CQUFtQixHQUFHLEtBQUssRUFBRSxFQUN4QyxRQUFRLEVBQ1IsUUFBUSxHQUlULEVBQUUsRUFBRTtJQUNILE1BQU0sT0FBTyxHQUFHLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsUUFBUSxFQUFFLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDN0UsTUFBTSxJQUFJLEdBQUcsR0FBRyxDQUFDLFlBQVksQ0FBQyxPQUFPLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFFakQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsRUFBRSxRQUFRLENBQUMsQ0FBQztJQUN6QyxPQUFPLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxjQUFjLEVBQUUsVUFBVSxFQUFFLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztBQUNoRSxDQUFDLENBQUM7QUFaVyxRQUFBLG1CQUFtQix1QkFZOUI7QUFFSyxNQUFNLGVBQWUsR0FBRyxDQUFDLEVBQzlCLFVBQVUsRUFDVixRQUFRLEdBSVQsRUFBRSxFQUFFO0lBQ0gsTUFBTSxTQUFTLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFDcEQsTUFBTSxJQUFJLEdBQUcsR0FBRyxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBRXRFLE9BQU8sQ0FBQyxHQUFHLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUNqQyxPQUFPLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxjQUFjLEVBQUUsVUFBVSxFQUFFLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztBQUNoRSxDQUFDLENBQUM7QUFaVyxRQUFBLGVBQWUsbUJBWTFCIn0=

package/Certificate/p12.d.ts

@@ -0,0 +1,5 @@
+import { util } from 'node-forge';
+export declare function convertToPem(p12base64: string | util.ByteBuffer, password: string | undefined): {
+    pemKey: string;
+    pemCertificate: string;
+};

package/Certificate/p12.js

@@ -0,0 +1,37 @@
+"use strict";
+/* eslint-disable  @typescript-eslint/no-explicit-any */
+/* eslint-disable  @typescript-eslint/no-unsafe-call */
+/* eslint-disable  @typescript-eslint/no-unsafe-argument */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertToPem = void 0;
+const forge = require("node-forge");
+function convertToPem(p12base64, password) {
+    const p12Asn1 = forge.asn1.fromDer(p12base64);
+    const p12 = forge.pkcs12.pkcs12FromAsn1(p12Asn1, false, password);
+    const pemKey = getKeyFromP12(p12, password);
+    const cert = getCertificateFromP12(p12);
+    return { pemKey, pemCertificate: cert.pemCertificate };
+}
+exports.convertToPem = convertToPem;
+function getKeyFromP12(p12, password) {
+    const keyData = p12.getBags({ bagType: forge.pki.oids.pkcs8ShroudedKeyBag }, password);
+    let pkcs8Key = keyData[forge.pki.oids.pkcs8ShroudedKeyBag][0];
+    if (typeof pkcs8Key === 'undefined') {
+        pkcs8Key = keyData[forge.pki.oids.keyBag][0];
+    }
+    if (typeof pkcs8Key === 'undefined') {
+        throw new Error('Unable to get private key.');
+    }
+    let pemKey = forge.pki.privateKeyToPem(pkcs8Key.key);
+    pemKey = pemKey.replace(/\r\n/g, '');
+    return pemKey;
+}
+function getCertificateFromP12(p12) {
+    const certData = p12.getBags({ bagType: forge.pki.oids.certBag });
+    const certificate = certData[forge.pki.oids.certBag][0];
+    let pemCertificate = forge.pki.certificateToPem(certificate.cert);
+    pemCertificate = pemCertificate.replace(/\r\n/g, '');
+    //const commonName = certificate.cert.subject.attributes[0].value;
+    return { pemCertificate };
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicDEyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL0NlcnRpZmljYXRlL3AxMi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsd0RBQXdEO0FBQ3hELHVEQUF1RDtBQUN2RCwyREFBMkQ7OztBQUUzRCxvQ0FBb0M7QUFHcEMsU0FBZ0IsWUFBWSxDQUMxQixTQUFtQyxFQUNuQyxRQUE0QjtJQUU1QixNQUFNLE9BQU8sR0FBRyxLQUFLLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUM5QyxNQUFNLEdBQUcsR0FBRyxLQUFLLENBQUMsTUFBTSxDQUFDLGNBQWMsQ0FBQyxPQUFPLEVBQUUsS0FBSyxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBRWxFLE1BQU0sTUFBTSxHQUFHLGFBQWEsQ0FBQyxHQUFHLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFDNUMsTUFBTSxJQUFJLEdBQUcscUJBQXFCLENBQUMsR0FBRyxDQUFDLENBQUM7SUFFeEMsT0FBTyxFQUFFLE1BQU0sRUFBRSxjQUFjLEVBQUUsSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO0FBQ3pELENBQUM7QUFYRCxvQ0FXQztBQUVELFNBQVMsYUFBYSxDQUFDLEdBQVEsRUFBRSxRQUE0QjtJQUMzRCxNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsT0FBTyxDQUN6QixFQUFFLE9BQU8sRUFBRSxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxFQUMvQyxRQUFRLENBQ1QsQ0FBQztJQUVGLElBQUksUUFBUSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxtQkFBbUIsQ0FBRSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQy9ELElBQUksT0FBTyxRQUFRLEtBQUssV0FBVyxFQUFFLENBQUM7UUFDcEMsUUFBUSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNoRCxDQUFDO0lBRUQsSUFBSSxPQUFPLFFBQVEsS0FBSyxXQUFXLEVBQUUsQ0FBQztRQUNwQyxNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFDaEQsQ0FBQztJQUVELElBQUksTUFBTSxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsZUFBZSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNyRCxNQUFNLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFFckMsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVELFNBQVMscUJBQXFCLENBQUMsR0FBMkI7SUFDeEQsTUFBTSxRQUFRLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxFQUFFLE9BQU8sRUFBRSxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO0lBQ2xFLE1BQU0sV0FBVyxHQUFHLFFBQVEsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUV6RCxJQUFJLGNBQWMsR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDLGdCQUFnQixDQUFDLFdBQVcsQ0FBQyxJQUFLLENBQUMsQ0FBQztJQUNuRSxjQUFjLEdBQUcsY0FBYyxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDckQsa0VBQWtFO0lBQ2xFLE9BQU8sRUFBRSxjQUFjLEVBQUUsQ0FBQztBQUM1QixDQUFDIn0=

package/Common/AppConfigs/dotnetConfig.d.ts

@@ -0,0 +1,15 @@
+export declare const defaultDotNetConfig: {
+    COMPlus_EnableDiagnostics: string;
+    ASPNETCORE_URLS: string;
+    AllowedHosts: string;
+    Logging__LogLevel__Default: string;
+    Logging__LogLevel__System: string;
+    Logging__LogLevel__Microsoft: string;
+    Console__IncludeScopes: string;
+    Console__LogLevel__Default: string;
+    Console__LogLevel__System: string;
+    Console__LogLevel__Microsoft: string;
+    Debug__LogLevel__Default: string;
+    Debug__LogLevel__System: string;
+    Debug__LogLevel__Microsoft: string;
+};

package/Common/AppConfigs/dotnetConfig.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultDotNetConfig = void 0;
+exports.defaultDotNetConfig = {
+    COMPlus_EnableDiagnostics: '0',
+    ASPNETCORE_URLS: 'http://*:8080',
+    //ASPNETCORE_ENVIRONMENT: 'Production',
+    AllowedHosts: '*',
+    Logging__LogLevel__Default: 'Warning',
+    Logging__LogLevel__System: 'Error',
+    Logging__LogLevel__Microsoft: 'Error',
+    Console__IncludeScopes: 'false',
+    Console__LogLevel__Default: 'Warning',
+    Console__LogLevel__System: 'Error',
+    Console__LogLevel__Microsoft: 'Error',
+    Debug__LogLevel__Default: 'None',
+    Debug__LogLevel__System: 'None',
+    Debug__LogLevel__Microsoft: 'None',
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZG90bmV0Q29uZmlnLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL0NvbW1vbi9BcHBDb25maWdzL2RvdG5ldENvbmZpZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBYSxRQUFBLG1CQUFtQixHQUFHO0lBQ2pDLHlCQUF5QixFQUFFLEdBQUc7SUFDOUIsZUFBZSxFQUFFLGVBQWU7SUFDaEMsdUNBQXVDO0lBQ3ZDLFlBQVksRUFBRSxHQUFHO0lBRWpCLDBCQUEwQixFQUFFLFNBQVM7SUFDckMseUJBQXlCLEVBQUUsT0FBTztJQUNsQyw0QkFBNEIsRUFBRSxPQUFPO0lBQ3JDLHNCQUFzQixFQUFFLE9BQU87SUFDL0IsMEJBQTBCLEVBQUUsU0FBUztJQUNyQyx5QkFBeUIsRUFBRSxPQUFPO0lBQ2xDLDRCQUE0QixFQUFFLE9BQU87SUFDckMsd0JBQXdCLEVBQUUsTUFBTTtJQUNoQyx1QkFBdUIsRUFBRSxNQUFNO0lBQy9CLDBCQUEwQixFQUFFLE1BQU07Q0FDbkMsQ0FBQyJ9

package/Common/AutoTags.d.ts

@@ -0,0 +1 @@
+export declare function registerAutoTags(autoTags: Record<string, string>): void;

package/Common/AutoTags.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.registerAutoTags = void 0;
+const pulumi_1 = require("@pulumi/pulumi");
+const ignoredTags = [
+    'group:Group',
+    'application:Application',
+    'applicationPassword:ApplicationPassword',
+    'servicePrincipal:ServicePrincipal',
+    'servicePrincipalPassword:ServicePrincipalPassword',
+    'kubernetes',
+];
+function registerAutoTags(autoTags) {
+    pulumi_1.runtime.registerStackTransformation((args) => {
+        //Check and ignore tag
+        if (ignoredTags.find((t) => args.type.includes(t)))
+            return { props: args.props, opts: args.opts };
+        //Apply default tag
+        args.props['tags'] = { ...args.props['tags'], ...autoTags };
+        return { props: args.props, opts: args.opts };
+    });
+}
+exports.registerAutoTags = registerAutoTags;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXV0b1RhZ3MuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQ29tbW9uL0F1dG9UYWdzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF5QztBQUV6QyxNQUFNLFdBQVcsR0FBRztJQUNsQixhQUFhO0lBQ2IseUJBQXlCO0lBQ3pCLHlDQUF5QztJQUN6QyxtQ0FBbUM7SUFDbkMsbURBQW1EO0lBQ25ELFlBQVk7Q0FDYixDQUFDO0FBRUYsU0FBZ0IsZ0JBQWdCLENBQUMsUUFBZ0M7SUFDL0QsZ0JBQU8sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFO1FBQzNDLHNCQUFzQjtRQUN0QixJQUFJLFdBQVcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ2hELE9BQU8sRUFBRSxLQUFLLEVBQUUsSUFBSSxDQUFDLEtBQUssRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1FBRWhELG1CQUFtQjtRQUNuQixJQUFJLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxFQUFFLEdBQUcsUUFBUSxFQUFFLENBQUM7UUFDNUQsT0FBTyxFQUFFLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSyxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDaEQsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBVkQsNENBVUMifQ==

package/Common/AzureEnv.d.ts

@@ -0,0 +1,37 @@
+import { KeyVaultInfo, ResourceGroupInfo } from '../types';
+import { ResourceInfoArg } from './ResourceEnv';
+export declare const tenantId: string;
+export declare const subscriptionId: string;
+export declare const currentLocation: string;
+export declare const defaultScope: import("@pulumi/pulumi").Output<string>;
+/** ======== Default Variables ================*/
+export declare const defaultTags: {
+    environment: string;
+    organization: string;
+    'pulumi-project': string;
+};
+export declare enum Environments {
+    Global = "global",
+    Local = "local",
+    Dev = "dev",
+    Sandbox = "sandbox",
+    Prd = "prd"
+}
+export declare const isEnv: (env: Environments) => boolean;
+export declare const isDev: boolean;
+export declare const isSandbox: boolean;
+export declare const isPrd: boolean;
+export declare const isGlobal: boolean;
+export declare const isLocal: boolean;
+export declare const currentEnv: Environments;
+/** Get Key Vault by Group Name. Group Name is the name use to create the resource and resource group together. */
+export declare const getKeyVaultInfo: (groupName: string) => KeyVaultInfo;
+export declare const getResourceIdFromInfo: ({ group, name, provider, }: ResourceInfoArg) => import("@pulumi/pulumi").Output<string>;
+/**Get Resource Info from Resource ID. Sample ID is "/subscriptions/01af663e-76dd-45ac-9e57-9c8e0d3ee350/resourceGroups/sandbox-codehbd-group-hbd/providers/Microsoft.Network/virtualNetworks/sandbox-codehbd-vnet-hbd"*/
+export interface ResourceInfo {
+    name: string;
+    group: ResourceGroupInfo;
+    subscriptionId: string;
+    id: string;
+}
+export declare const getResourceInfoFromId: (id: string) => ResourceInfo | undefined;

package/Common/AzureEnv.js

@@ -0,0 +1,94 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getResourceInfoFromId = exports.getResourceIdFromInfo = exports.getKeyVaultInfo = exports.currentEnv = exports.isLocal = exports.isGlobal = exports.isPrd = exports.isSandbox = exports.isDev = exports.isEnv = exports.Environments = exports.defaultTags = exports.defaultScope = exports.currentLocation = exports.subscriptionId = exports.tenantId = void 0;
+const pulumi_1 = require("@pulumi/pulumi");
+const AutoTags_1 = require("./AutoTags");
+const Naming_1 = require("./Naming");
+const StackEnv_1 = require("./StackEnv");
+const config = JSON.parse(process.env.PULUMI_CONFIG ?? '{}');
+exports.tenantId = config['azure-native:config:tenantId'];
+exports.subscriptionId = config['azure-native:config:subscriptionId'];
+//export const currentServicePrincipal = config.objectId;
+exports.currentLocation = config['azure-native:config:location'];
+exports.defaultScope = (0, pulumi_1.interpolate) `/subscriptions/${exports.subscriptionId}`;
+//Print and Check
+(0, pulumi_1.all)([exports.subscriptionId, exports.tenantId]).apply(([s, t]) => {
+    console.log(`Current Azure:`, { TenantId: t, SubscriptionId: s });
+});
+/** ======== Default Variables ================*/
+exports.defaultTags = {
+    environment: StackEnv_1.stack,
+    organization: StackEnv_1.organization,
+    'pulumi-project': StackEnv_1.projectName,
+};
+(0, AutoTags_1.registerAutoTags)(exports.defaultTags);
+var Environments;
+(function (Environments) {
+    Environments["Global"] = "global";
+    Environments["Local"] = "local";
+    Environments["Dev"] = "dev";
+    Environments["Sandbox"] = "sandbox";
+    Environments["Prd"] = "prd";
+})(Environments || (exports.Environments = Environments = {}));
+const isEnv = (env) => StackEnv_1.stack.includes(env);
+exports.isEnv = isEnv;
+exports.isDev = (0, exports.isEnv)(Environments.Dev);
+exports.isSandbox = (0, exports.isEnv)(Environments.Sandbox);
+exports.isPrd = (0, exports.isEnv)(Environments.Prd);
+exports.isGlobal = (0, exports.isEnv)(Environments.Global);
+exports.isLocal = (0, exports.isEnv)(Environments.Local);
+const getCurrentEnv = () => {
+    if (exports.isGlobal)
+        return Environments.Global;
+    if (exports.isPrd)
+        return Environments.Prd;
+    if (exports.isSandbox)
+        return Environments.Sandbox;
+    if (exports.isDev)
+        return Environments.Dev;
+    return Environments.Local;
+};
+exports.currentEnv = getCurrentEnv();
+/** Get Key Vault by Group Name. Group Name is the name use to create the resource and resource group together. */
+const getKeyVaultInfo = (groupName) => {
+    const vaultName = (0, Naming_1.getKeyVaultName)(groupName);
+    const resourceGroupName = (0, Naming_1.getResourceGroupName)(groupName);
+    return {
+        name: vaultName,
+        group: { resourceGroupName: resourceGroupName, location: exports.currentLocation },
+        id: (0, pulumi_1.interpolate) `/subscriptions/${exports.subscriptionId}/resourceGroups/${resourceGroupName}/providers/Microsoft.KeyVault/vaults/${vaultName}`,
+    };
+};
+exports.getKeyVaultInfo = getKeyVaultInfo;
+const getResourceIdFromInfo = ({ group, name, provider, }) => {
+    if (!name && !provider)
+        return (0, pulumi_1.interpolate) `/subscriptions/${exports.subscriptionId}/resourceGroups/${group.resourceGroupName}`;
+    else if (name && provider)
+        return (0, pulumi_1.interpolate) `/subscriptions/${exports.subscriptionId}/resourceGroups/${group.resourceGroupName}/providers/${provider}/${name}`;
+    throw new Error('Resource Info is invalid.');
+};
+exports.getResourceIdFromInfo = getResourceIdFromInfo;
+const getResourceInfoFromId = (id) => {
+    if (!id)
+        return undefined;
+    const details = id.split('/');
+    let name = '';
+    let groupName = '';
+    let subscriptionId = '';
+    details.forEach((d, index) => {
+        if (d === 'subscriptions')
+            subscriptionId = details[index + 1];
+        if (d === 'resourceGroups' || d === 'resourcegroups')
+            groupName = details[index + 1];
+        if (index === details.length - 1)
+            name = d;
+    });
+    return {
+        name,
+        id,
+        group: { resourceGroupName: groupName, location: exports.currentLocation },
+        subscriptionId,
+    };
+};
+exports.getResourceInfoFromId = getResourceInfoFromId;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXp1cmVFbnYuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQ29tbW9uL0F6dXJlRW52LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUFrRDtBQUNsRCx5Q0FBOEM7QUFFOUMscUNBQWlFO0FBRWpFLHlDQUE4RDtBQUU5RCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsYUFBYSxJQUFJLElBQUksQ0FBQyxDQUFDO0FBQ2hELFFBQUEsUUFBUSxHQUFHLE1BQU0sQ0FBQyw4QkFBOEIsQ0FBVyxDQUFDO0FBQzVELFFBQUEsY0FBYyxHQUFHLE1BQU0sQ0FDbEMsb0NBQW9DLENBQzNCLENBQUM7QUFDWix5REFBeUQ7QUFDNUMsUUFBQSxlQUFlLEdBQUcsTUFBTSxDQUFDLDhCQUE4QixDQUFXLENBQUM7QUFDbkUsUUFBQSxZQUFZLEdBQUcsSUFBQSxvQkFBVyxFQUFBLGtCQUFrQixzQkFBYyxFQUFFLENBQUM7QUFFMUUsaUJBQWlCO0FBQ2pCLElBQUEsWUFBRyxFQUFDLENBQUMsc0JBQWMsRUFBRSxnQkFBUSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxFQUFFO0lBQy9DLE9BQU8sQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLEVBQUUsRUFBRSxRQUFRLEVBQUUsQ0FBQyxFQUFFLGNBQWMsRUFBRSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0FBQ3BFLENBQUMsQ0FBQyxDQUFDO0FBRUgsaURBQWlEO0FBRXBDLFFBQUEsV0FBVyxHQUFHO0lBQ3pCLFdBQVcsRUFBRSxnQkFBSztJQUNsQixZQUFZLEVBQUUsdUJBQVk7SUFDMUIsZ0JBQWdCLEVBQUUsc0JBQVc7Q0FDOUIsQ0FBQztBQUVGLElBQUEsMkJBQWdCLEVBQUMsbUJBQVcsQ0FBQyxDQUFDO0FBRTlCLElBQVksWUFNWDtBQU5ELFdBQVksWUFBWTtJQUN0QixpQ0FBaUIsQ0FBQTtJQUNqQiwrQkFBZSxDQUFBO0lBQ2YsMkJBQVcsQ0FBQTtJQUNYLG1DQUFtQixDQUFBO0lBQ25CLDJCQUFXLENBQUE7QUFDYixDQUFDLEVBTlcsWUFBWSw0QkFBWixZQUFZLFFBTXZCO0FBRU0sTUFBTSxLQUFLLEdBQUcsQ0FBQyxHQUFpQixFQUFFLEVBQUUsQ0FBQyxnQkFBSyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQztBQUFuRCxRQUFBLEtBQUssU0FBOEM7QUFDbkQsUUFBQSxLQUFLLEdBQUcsSUFBQSxhQUFLLEVBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0FBQ2hDLFFBQUEsU0FBUyxHQUFHLElBQUEsYUFBSyxFQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsQ0FBQztBQUN4QyxRQUFBLEtBQUssR0FBRyxJQUFBLGFBQUssRUFBQyxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUM7QUFDaEMsUUFBQSxRQUFRLEdBQUcsSUFBQSxhQUFLLEVBQUMsWUFBWSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0FBQ3RDLFFBQUEsT0FBTyxHQUFHLElBQUEsYUFBSyxFQUFDLFlBQVksQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUVqRCxNQUFNLGFBQWEsR0FBRyxHQUFHLEVBQUU7SUFDekIsSUFBSSxnQkFBUTtRQUFFLE9BQU8sWUFBWSxDQUFDLE1BQU0sQ0FBQztJQUN6QyxJQUFJLGFBQUs7UUFBRSxPQUFPLFlBQVksQ0FBQyxHQUFHLENBQUM7SUFDbkMsSUFBSSxpQkFBUztRQUFFLE9BQU8sWUFBWSxDQUFDLE9BQU8sQ0FBQztJQUUzQyxJQUFJLGFBQUs7UUFBRSxPQUFPLFlBQVksQ0FBQyxHQUFHLENBQUM7SUFFbkMsT0FBTyxZQUFZLENBQUMsS0FBSyxDQUFDO0FBQzVCLENBQUMsQ0FBQztBQUVXLFFBQUEsVUFBVSxHQUFHLGFBQWEsRUFBRSxDQUFDO0FBRTFDLGtIQUFrSDtBQUMzRyxNQUFNLGVBQWUsR0FBRyxDQUFDLFNBQWlCLEVBQWdCLEVBQUU7SUFDakUsTUFBTSxTQUFTLEdBQUcsSUFBQSx3QkFBZSxFQUFDLFNBQVMsQ0FBQyxDQUFDO0lBQzdDLE1BQU0saUJBQWlCLEdBQUcsSUFBQSw2QkFBb0IsRUFBQyxTQUFTLENBQUMsQ0FBQztJQUUxRCxPQUFPO1FBQ0wsSUFBSSxFQUFFLFNBQVM7UUFDZixLQUFLLEVBQUUsRUFBRSxpQkFBaUIsRUFBRSxpQkFBaUIsRUFBRSxRQUFRLEVBQUUsdUJBQWUsRUFBRTtRQUMxRSxFQUFFLEVBQUUsSUFBQSxvQkFBVyxFQUFBLGtCQUFrQixzQkFBYyxtQkFBbUIsaUJBQWlCLHdDQUF3QyxTQUFTLEVBQUU7S0FDdkksQ0FBQztBQUNKLENBQUMsQ0FBQztBQVRXLFFBQUEsZUFBZSxtQkFTMUI7QUFFSyxNQUFNLHFCQUFxQixHQUFHLENBQUMsRUFDcEMsS0FBSyxFQUNMLElBQUksRUFDSixRQUFRLEdBQ1EsRUFBRSxFQUFFO0lBQ3BCLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxRQUFRO1FBQ3BCLE9BQU8sSUFBQSxvQkFBVyxFQUFBLGtCQUFrQixzQkFBYyxtQkFBbUIsS0FBSyxDQUFDLGlCQUFpQixFQUFFLENBQUM7U0FDNUYsSUFBSSxJQUFJLElBQUksUUFBUTtRQUN2QixPQUFPLElBQUEsb0JBQVcsRUFBQSxrQkFBa0Isc0JBQWMsbUJBQW1CLEtBQUssQ0FBQyxpQkFBaUIsY0FBYyxRQUFRLElBQUksSUFBSSxFQUFFLENBQUM7SUFFL0gsTUFBTSxJQUFJLEtBQUssQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0FBQy9DLENBQUMsQ0FBQztBQVhXLFFBQUEscUJBQXFCLHlCQVdoQztBQVVLLE1BQU0scUJBQXFCLEdBQUcsQ0FBQyxFQUFVLEVBQTRCLEVBQUU7SUFDNUUsSUFBSSxDQUFDLEVBQUU7UUFBRSxPQUFPLFNBQVMsQ0FBQztJQUUxQixNQUFNLE9BQU8sR0FBRyxFQUFFLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzlCLElBQUksSUFBSSxHQUFHLEVBQUUsQ0FBQztJQUNkLElBQUksU0FBUyxHQUFHLEVBQUUsQ0FBQztJQUNuQixJQUFJLGNBQWMsR0FBRyxFQUFFLENBQUM7SUFFeEIsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxLQUFLLEVBQUUsRUFBRTtRQUMzQixJQUFJLENBQUMsS0FBSyxlQUFlO1lBQUUsY0FBYyxHQUFHLE9BQU8sQ0FBQyxLQUFLLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFDL0QsSUFBSSxDQUFDLEtBQUssZ0JBQWdCLElBQUksQ0FBQyxLQUFLLGdCQUFnQjtZQUNsRCxTQUFTLEdBQUcsT0FBTyxDQUFDLEtBQUssR0FBRyxDQUFDLENBQUMsQ0FBQztRQUNqQyxJQUFJLEtBQUssS0FBSyxPQUFPLENBQUMsTUFBTSxHQUFHLENBQUM7WUFBRSxJQUFJLEdBQUcsQ0FBQyxDQUFDO0lBQzdDLENBQUMsQ0FBQyxDQUFDO0lBRUgsT0FBTztRQUNMLElBQUk7UUFDSixFQUFFO1FBQ0YsS0FBSyxFQUFFLEVBQUUsaUJBQWlCLEVBQUUsU0FBUyxFQUFFLFFBQVEsRUFBRSx1QkFBZSxFQUFFO1FBQ2xFLGNBQWM7S0FDZixDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBckJXLFFBQUEscUJBQXFCLHlCQXFCaEMifQ==

package/Common/ConfigHelper.d.ts

@@ -0,0 +1,5 @@
+import * as pulumi from '@pulumi/pulumi';
+export declare const getValue: (name: string) => string | undefined;
+export declare const requireValue: (name: string) => string;
+export declare const getSecret: (name: string) => pulumi.Output<string> | undefined;
+export declare const requireSecret: (name: string) => pulumi.Output<string>;

package/Common/ConfigHelper.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireSecret = exports.getSecret = exports.requireValue = exports.getValue = void 0;
+const pulumi = require("@pulumi/pulumi");
+const config = new pulumi.Config();
+const getValue = (name) => config.get(name);
+exports.getValue = getValue;
+const requireValue = (name) => config.require(name);
+exports.requireValue = requireValue;
+const getSecret = (name) => config.getSecret(name);
+exports.getSecret = getSecret;
+const requireSecret = (name) => config.requireSecret(name);
+exports.requireSecret = requireSecret;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ29uZmlnSGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL0NvbW1vbi9Db25maWdIZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseUNBQXlDO0FBRXpDLE1BQU0sTUFBTSxHQUFHLElBQUksTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO0FBRTVCLE1BQU0sUUFBUSxHQUFHLENBQUMsSUFBWSxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDO0FBQTlDLFFBQUEsUUFBUSxZQUFzQztBQUNwRCxNQUFNLFlBQVksR0FBRyxDQUFDLElBQVksRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUF0RCxRQUFBLFlBQVksZ0JBQTBDO0FBRTVELE1BQU0sU0FBUyxHQUFHLENBQUMsSUFBWSxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO0FBQXJELFFBQUEsU0FBUyxhQUE0QztBQUMzRCxNQUFNLGFBQWEsR0FBRyxDQUFDLElBQVksRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUE3RCxRQUFBLGFBQWEsaUJBQWdEIn0=

package/Common/GlobalEnv.d.ts

@@ -0,0 +1,14 @@
+import { ConventionProps, KeyVaultInfo, ResourceGroupInfo } from '../types';
+export declare const globalKeyName = "global";
+/**The Global resource group name.*/
+export declare const globalConvention: ConventionProps;
+export declare const groupInfo: ResourceGroupInfo;
+export declare const logGroupInfo: ResourceGroupInfo;
+export declare const cdnProfileInfo: {
+    resourceGroupName: string;
+    location?: import("@pulumi/pulumi").Input<string> | undefined;
+    profileName: string;
+};
+/** Global Key Vault Info */
+export declare const keyVaultInfo: KeyVaultInfo;
+/** Log will send to either storage or log workspace. Only a few important resources will use workspace like Firewall, Aks */

package/Common/GlobalEnv.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.keyVaultInfo = exports.cdnProfileInfo = exports.logGroupInfo = exports.groupInfo = exports.globalConvention = exports.globalKeyName = void 0;
+const AzureEnv_1 = require("./AzureEnv");
+const ResourceEnv_1 = require("./ResourceEnv");
+const pulumi_1 = require("@pulumi/pulumi");
+const StackEnv_1 = require("./StackEnv");
+exports.globalKeyName = 'global';
+/**The Global resource group name.*/
+exports.globalConvention = {
+    prefix: exports.globalKeyName,
+    suffix: StackEnv_1.organization ? `grp-${StackEnv_1.organization}` : 'grp',
+};
+exports.groupInfo = {
+    resourceGroupName: (0, ResourceEnv_1.getResourceName)(exports.globalKeyName, exports.globalConvention),
+};
+exports.logGroupInfo = {
+    resourceGroupName: (0, ResourceEnv_1.getResourceName)('logs', exports.globalConvention),
+};
+exports.cdnProfileInfo = {
+    profileName: `${exports.globalKeyName}-${StackEnv_1.organization}-cdn-pfl`,
+    ...exports.groupInfo,
+};
+/** Global Key Vault Info */
+exports.keyVaultInfo = {
+    name: `${exports.globalKeyName}-${StackEnv_1.organization}-vlt`,
+    group: exports.groupInfo,
+    id: (0, pulumi_1.interpolate) `/subscriptions/${AzureEnv_1.subscriptionId}/resourceGroups/${exports.groupInfo.resourceGroupName}/providers/Microsoft.KeyVault/vaults/${exports.globalKeyName}-${StackEnv_1.organization}-vlt`,
+};
+/** Log will send to either storage or log workspace. Only a few important resources will use workspace like Firewall, Aks */
+// export const logWpInfo: BasicMonitorArgs = {
+//   logWpId: interpolate`/subscriptions/${subscriptionId}/resourcegroups/${logGroupInfo.resourceGroupName}/providers/microsoft.operationalinsights/workspaces/${globalKeyName}-${organization}-logs-log`,
+// };
+//
+// export const logStorageInfo: BasicMonitorArgs = {
+//   logStorageId: interpolate`/subscriptions/${subscriptionId}/resourceGroups/${logGroupInfo.resourceGroupName}/providers/Microsoft.Storage/storageAccounts/${globalKeyName}${organization}logsstg`,
+// };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiR2xvYmFsRW52LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL0NvbW1vbi9HbG9iYWxFbnYudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EseUNBQTRDO0FBQzVDLCtDQUFnRDtBQUNoRCwyQ0FBNkM7QUFDN0MseUNBQTBDO0FBRTdCLFFBQUEsYUFBYSxHQUFHLFFBQVEsQ0FBQztBQUV0QyxvQ0FBb0M7QUFDdkIsUUFBQSxnQkFBZ0IsR0FBb0I7SUFDL0MsTUFBTSxFQUFFLHFCQUFhO0lBQ3JCLE1BQU0sRUFBRSx1QkFBWSxDQUFDLENBQUMsQ0FBQyxPQUFPLHVCQUFZLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSztDQUNyRCxDQUFDO0FBRVcsUUFBQSxTQUFTLEdBQXNCO0lBQzFDLGlCQUFpQixFQUFFLElBQUEsNkJBQWUsRUFBQyxxQkFBYSxFQUFFLHdCQUFnQixDQUFDO0NBQ3BFLENBQUM7QUFFVyxRQUFBLFlBQVksR0FBc0I7SUFDN0MsaUJBQWlCLEVBQUUsSUFBQSw2QkFBZSxFQUFDLE1BQU0sRUFBRSx3QkFBZ0IsQ0FBQztDQUM3RCxDQUFDO0FBRVcsUUFBQSxjQUFjLEdBQUc7SUFDNUIsV0FBVyxFQUFFLEdBQUcscUJBQWEsSUFBSSx1QkFBWSxVQUFVO0lBQ3ZELEdBQUcsaUJBQVM7Q0FDYixDQUFDO0FBRUYsNEJBQTRCO0FBQ2YsUUFBQSxZQUFZLEdBQWlCO0lBQ3hDLElBQUksRUFBRSxHQUFHLHFCQUFhLElBQUksdUJBQVksTUFBTTtJQUM1QyxLQUFLLEVBQUUsaUJBQVM7SUFDaEIsRUFBRSxFQUFFLElBQUEsb0JBQVcsRUFBQSxrQkFBa0IseUJBQWMsbUJBQW1CLGlCQUFTLENBQUMsaUJBQWlCLHdDQUF3QyxxQkFBYSxJQUFJLHVCQUFZLE1BQU07Q0FDekssQ0FBQztBQUVGLDZIQUE2SDtBQUM3SCwrQ0FBK0M7QUFDL0MsME1BQTBNO0FBQzFNLEtBQUs7QUFDTCxFQUFFO0FBQ0Ysb0RBQW9EO0FBQ3BELHFNQUFxTTtBQUNyTSxLQUFLIn0=

package/Common/Helpers.d.ts

@@ -0,0 +1,10 @@
+/** Replace all characters in string*/
+export declare function replaceAll(value: string, search: string, replace: string): string;
+export declare const toBase64: (value: string) => string;
+export declare const shallowEquals: (obj1: any, obj2: any) => boolean;
+/** Get Domain from Url*/
+export declare const getDomainFromUrl: (url: string) => string;
+/** Get Root Domain from Url or Sub domain*/
+export declare const getRootDomainFromUrl: (url: string) => string;
+/** Create Range*/
+export declare const RangeOf: (length: number) => number[];