@fjall/components-infrastructure 0.89.4 → 0.89.6

package/dist/lib/patterns/aws/storage.js

@@ -1,32 +1,27 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.StorageFactory = exports.Storage = exports.isStorage = void 0;
-exports.validateStorageProps = validateStorageProps;
-const constructs_1 = require("constructs");
-const aws_s3_1 = require("aws-cdk-lib/aws-s3");
-const aws_s3_deployment_1 = require("aws-cdk-lib/aws-s3-deployment");
-const aws_kms_1 = require("aws-cdk-lib/aws-kms");
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const storage_1 = require("../../resources/aws/storage");
-const validationLogger_js_1 = require("../../utils/validationLogger.js");
-var storage_js_1 = require("./interfaces/storage.js");
-Object.defineProperty(exports, "isStorage", { enumerable: true, get: function () { return storage_js_1.isStorage; } });
+import { Construct } from "constructs";
+import { BucketEncryption, HttpMethods } from "aws-cdk-lib/aws-s3";
+import { BucketDeployment, Source, CacheControl } from "aws-cdk-lib/aws-s3-deployment";
+import { Key } from "aws-cdk-lib/aws-kms";
+import { CfnOutput, Duration, RemovalPolicy, Stack } from "aws-cdk-lib";
+import { S3Bucket } from "../../resources/aws/storage/index.js";
+import { FjallLogger } from "../../utils/validationLogger.js";
+export { isStorage } from "./interfaces/storage.js";
 function toBucketEncryption(encryption) {
     if (!encryption)
         return undefined;
     return encryption === "AES256"
-        ? aws_s3_1.BucketEncryption.S3_MANAGED
-        : aws_s3_1.BucketEncryption.KMS;
+        ? BucketEncryption.S3_MANAGED
+        : BucketEncryption.KMS;
 }
 function toHttpMethod(method) {
     const methodMap = {
-        GET: aws_s3_1.HttpMethods.GET,
-        PUT: aws_s3_1.HttpMethods.PUT,
-        POST: aws_s3_1.HttpMethods.POST,
-        DELETE: aws_s3_1.HttpMethods.DELETE,
-        HEAD: aws_s3_1.HttpMethods.HEAD
+        GET: HttpMethods.GET,
+        PUT: HttpMethods.PUT,
+        POST: HttpMethods.POST,
+        DELETE: HttpMethods.DELETE,
+        HEAD: HttpMethods.HEAD
     };
-    return methodMap[method] ?? aws_s3_1.HttpMethods.GET;
+    return methodMap[method] ?? HttpMethods.GET;
 }
 function toCorsRules(cors) {
     if (!cors)
@@ -39,24 +34,26 @@ function toCorsRules(cors) {
         ...(rule.maxAge !== undefined && { maxAge: rule.maxAge })
     }));
 }
-function validateStorageProps(props) {
+export function validateStorageProps(props) {
     if (props.encryption === "KMS" && !props.kmsKeyArn) {
-        validationLogger_js_1.FjallLogger.warn("'encryption' is set to 'KMS' but 'kmsKeyArn' is not provided. " +
+        FjallLogger.warn("'encryption' is set to 'KMS' but 'kmsKeyArn' is not provided. " +
             "The bucket will use the default AWS managed key.");
     }
     if (props.kmsKeyArn && props.encryption !== "KMS") {
-        validationLogger_js_1.FjallLogger.warn("'kmsKeyArn' is provided but 'encryption' is not set to 'KMS'. " +
+        FjallLogger.warn("'kmsKeyArn' is provided but 'encryption' is not set to 'KMS'. " +
             "The KMS key will be ignored. Set encryption: 'KMS' to use the key.");
     }
 }
-class Storage extends constructs_1.Construct {
+export class Storage extends Construct {
+    connectorType = "storage";
+    bucket;
+    bucketDeployment;
     constructor(scope, id, props) {
         super(scope, id);
-        this.connectorType = "storage";
         const encryptionKey = props.kmsKeyArn
-            ? aws_kms_1.Key.fromKeyArn(this, `${id}KmsKey`, props.kmsKeyArn)
+            ? Key.fromKeyArn(this, `${id}KmsKey`, props.kmsKeyArn)
             : undefined;
-        this.bucket = new storage_1.S3Bucket(this, `${id}Bucket`, {
+        this.bucket = new S3Bucket(this, `${id}Bucket`, {
             bucketName: props.bucketName,
             versioned: props.versioned,
             encryption: toBucketEncryption(props.encryption),
@@ -64,7 +61,8 @@ class Storage extends constructs_1.Construct {
             backupVaultTier: props.backupVaultTier,
             publicReadAccess: props.publicReadAccess,
             websiteHosting: props.websiteHosting,
-            ...(props.cors && { cors: toCorsRules(props.cors) })
+            ...(props.cors && { cors: toCorsRules(props.cors) }),
+            ...(props.retain && { removalPolicy: RemovalPolicy.RETAIN })
         });
         if (props.deployment) {
             this.bucketDeployment = this.createDeployment(id, props.deployment);
@@ -74,13 +72,13 @@ class Storage extends constructs_1.Construct {
     createDeployment(id, config) {
         const cacheControlHeaders = [];
         if (config.cacheControl?.maxAge !== undefined) {
-            cacheControlHeaders.push(aws_s3_deployment_1.CacheControl.maxAge(aws_cdk_lib_1.Duration.seconds(config.cacheControl.maxAge)));
+            cacheControlHeaders.push(CacheControl.maxAge(Duration.seconds(config.cacheControl.maxAge)));
         }
         if (config.cacheControl?.immutable) {
-            cacheControlHeaders.push(aws_s3_deployment_1.CacheControl.immutable());
+            cacheControlHeaders.push(CacheControl.immutable());
         }
-        return new aws_s3_deployment_1.BucketDeployment(this, `${id}Deployment`, {
-            sources: [aws_s3_deployment_1.Source.asset(config.source)],
+        return new BucketDeployment(this, `${id}Deployment`, {
+            sources: [Source.asset(config.source)],
             destinationBucket: this.bucket,
             prune: config.prune ?? true,
             ...(cacheControlHeaders.length > 0 && {
@@ -89,14 +87,14 @@ class Storage extends constructs_1.Construct {
         });
     }
     addOutputs(id) {
-        const stackName = aws_cdk_lib_1.Stack.of(this).stackName;
-        new aws_cdk_lib_1.CfnOutput(this, `${id}BucketArn`, {
+        const stackName = Stack.of(this).stackName;
+        new CfnOutput(this, `${id}BucketArn`, {
             key: `${stackName}${id}BucketArn`,
             exportName: `${stackName}${id}BucketArn`,
             value: this.bucket.bucketArn,
             description: `S3 Bucket ARN for ${id}`
         });
-        new aws_cdk_lib_1.CfnOutput(this, `${id}BucketName`, {
+        new CfnOutput(this, `${id}BucketName`, {
             key: `${stackName}${id}BucketName`,
             exportName: `${stackName}${id}BucketName`,
             value: this.bucket.bucketName,
@@ -152,8 +150,7 @@ class Storage extends constructs_1.Construct {
         this.bucket.addObjectRemovedNotification(dest, ...filters);
     }
 }
-exports.Storage = Storage;
-class StorageFactory {
+export class StorageFactory {
     static build(id, props = {}) {
         const { stackPlacement, ...s3Props } = props;
         const fn = (_app, scope) => {
@@ -166,5 +163,3 @@ class StorageFactory {
         return fn;
     }
 }
-exports.StorageFactory = StorageFactory;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RvcmFnZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL2xpYi9wYXR0ZXJucy9hd3Mvc3RvcmFnZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUF5R0Esb0RBY0M7QUF2SEQsMkNBQXVDO0FBQ3ZDLCtDQVE0QjtBQUM1QixxRUFJdUM7QUFFdkMsaURBQTBDO0FBQzFDLDZDQUF5RDtBQUd6RCx5REFHcUM7QUFFckMseUVBQThEO0FBSTlELHNEQUFtRTtBQUEzQyx1R0FBQSxTQUFTLE9BQUE7QUE2Q2pDLFNBQVMsa0JBQWtCLENBQ3pCLFVBQTZCO0lBRTdCLElBQUksQ0FBQyxVQUFVO1FBQUUsT0FBTyxTQUFTLENBQUM7SUFDbEMsT0FBTyxVQUFVLEtBQUssUUFBUTtRQUM1QixDQUFDLENBQUMseUJBQWdCLENBQUMsVUFBVTtRQUM3QixDQUFDLENBQUMseUJBQWdCLENBQUMsR0FBRyxDQUFDO0FBQzNCLENBQUM7QUFFRCxTQUFTLFlBQVksQ0FBQyxNQUFjO0lBQ2xDLE1BQU0sU0FBUyxHQUFnQztRQUM3QyxHQUFHLEVBQUUsb0JBQVcsQ0FBQyxHQUFHO1FBQ3BCLEdBQUcsRUFBRSxvQkFBVyxDQUFDLEdBQUc7UUFDcEIsSUFBSSxFQUFFLG9CQUFXLENBQUMsSUFBSTtRQUN0QixNQUFNLEVBQUUsb0JBQVcsQ0FBQyxNQUFNO1FBQzFCLElBQUksRUFBRSxvQkFBVyxDQUFDLElBQUk7S0FDdkIsQ0FBQztJQUNGLE9BQU8sU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLG9CQUFXLENBQUMsR0FBRyxDQUFDO0FBQzlDLENBQUM7QUFFRCxTQUFTLFdBQVcsQ0FBQyxJQUFpQjtJQUNwQyxJQUFJLENBQUMsSUFBSTtRQUFFLE9BQU8sU0FBUyxDQUFDO0lBQzVCLE9BQU8sSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztRQUN6QixjQUFjLEVBQUUsSUFBSSxDQUFDLGNBQWM7UUFDbkMsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLFlBQVksQ0FBQztRQUNyRCxHQUFHLENBQUMsSUFBSSxDQUFDLGNBQWMsSUFBSSxFQUFFLGNBQWMsRUFBRSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7UUFDbkUsR0FBRyxDQUFDLElBQUksQ0FBQyxjQUFjLElBQUksRUFBRSxjQUFjLEVBQUUsSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO1FBQ25FLEdBQUcsQ0FBQyxJQUFJLENBQUMsTUFBTSxLQUFLLFNBQVMsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7S0FDMUQsQ0FBQyxDQUFDLENBQUM7QUFDTixDQUFDO0FBRUQsU0FBZ0Isb0JBQW9CLENBQUMsS0FBYztJQUNqRCxJQUFJLEtBQUssQ0FBQyxVQUFVLEtBQUssS0FBSyxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVMsRUFBRSxDQUFDO1FBQ25ELGlDQUFXLENBQUMsSUFBSSxDQUNkLGdFQUFnRTtZQUM5RCxrREFBa0QsQ0FDckQsQ0FBQztJQUNKLENBQUM7SUFFRCxJQUFJLEtBQUssQ0FBQyxTQUFTLElBQUksS0FBSyxDQUFDLFVBQVUsS0FBSyxLQUFLLEVBQUUsQ0FBQztRQUNsRCxpQ0FBVyxDQUFDLElBQUksQ0FDZCxnRUFBZ0U7WUFDOUQsb0VBQW9FLENBQ3ZFLENBQUM7SUFDSixDQUFDO0FBQ0gsQ0FBQztBQUVELE1BQWEsT0FBUSxTQUFRLHNCQUFTO0lBS3BDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBYztRQUN0RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBTEgsa0JBQWEsR0FBRyxTQUFrQixDQUFDO1FBT2pELE1BQU0sYUFBYSxHQUFHLEtBQUssQ0FBQyxTQUFTO1lBQ25DLENBQUMsQ0FBQyxhQUFHLENBQUMsVUFBVSxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsUUFBUSxFQUFFLEtBQUssQ0FBQyxTQUFTLENBQUM7WUFDdEQsQ0FBQyxDQUFDLFNBQVMsQ0FBQztRQUVkLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxrQkFBUSxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsUUFBUSxFQUFFO1lBQzlDLFVBQVUsRUFBRSxLQUFLLENBQUMsVUFBVTtZQUM1QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsVUFBVSxFQUFFLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUM7WUFDaEQsYUFBYTtZQUNiLGVBQWUsRUFBRSxLQUFLLENBQUMsZUFBZTtZQUN0QyxnQkFBZ0IsRUFBRSxLQUFLLENBQUMsZ0JBQWdCO1lBQ3hDLGNBQWMsRUFBRSxLQUFLLENBQUMsY0FBYztZQUNwQyxHQUFHLENBQUMsS0FBSyxDQUFDLElBQUksSUFBSSxFQUFFLElBQUksRUFBRSxXQUFXLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7U0FDckQsQ0FBQyxDQUFDO1FBRUgsSUFBSSxLQUFLLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDckIsSUFBSSxDQUFDLGdCQUFnQixHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLEVBQUUsS0FBSyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ3RFLENBQUM7UUFFRCxJQUFJLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQ3RCLENBQUM7SUFFTyxnQkFBZ0IsQ0FDdEIsRUFBVSxFQUNWLE1BQTBCO1FBRTFCLE1BQU0sbUJBQW1CLEdBQW1CLEVBQUUsQ0FBQztRQUUvQyxJQUFJLE1BQU0sQ0FBQyxZQUFZLEVBQUUsTUFBTSxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQzlDLG1CQUFtQixDQUFDLElBQUksQ0FDdEIsZ0NBQVksQ0FBQyxNQUFNLENBQUMsc0JBQVEsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUNsRSxDQUFDO1FBQ0osQ0FBQztRQUNELElBQUksTUFBTSxDQUFDLFlBQVksRUFBRSxTQUFTLEVBQUUsQ0FBQztZQUNuQyxtQkFBbUIsQ0FBQyxJQUFJLENBQUMsZ0NBQVksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDO1FBQ3JELENBQUM7UUFFRCxPQUFPLElBQUksb0NBQWdCLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxZQUFZLEVBQUU7WUFDbkQsT0FBTyxFQUFFLENBQUMsMEJBQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3RDLGlCQUFpQixFQUFFLElBQUksQ0FBQyxNQUFNO1lBQzlCLEtBQUssRUFBRSxNQUFNLENBQUMsS0FBSyxJQUFJLElBQUk7WUFDM0IsR0FBRyxDQUFDLG1CQUFtQixDQUFDLE1BQU0sR0FBRyxDQUFDLElBQUk7Z0JBQ3BDLFlBQVksRUFBRSxtQkFBbUI7YUFDbEMsQ0FBQztTQUNILENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyxVQUFVLENBQUMsRUFBVTtRQUMzQixNQUFNLFNBQVMsR0FBRyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxTQUFTLENBQUM7UUFFM0MsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsV0FBVyxFQUFFO1lBQ3BDLEdBQUcsRUFBRSxHQUFHLFNBQVMsR0FBRyxFQUFFLFdBQVc7WUFDakMsVUFBVSxFQUFFLEdBQUcsU0FBUyxHQUFHLEVBQUUsV0FBVztZQUN4QyxLQUFLLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTO1lBQzVCLFdBQVcsRUFBRSxxQkFBcUIsRUFBRSxFQUFFO1NBQ3ZDLENBQUMsQ0FBQztRQUVILElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxFQUFFLFlBQVksRUFBRTtZQUNyQyxHQUFHLEVBQUUsR0FBRyxTQUFTLEdBQUcsRUFBRSxZQUFZO1lBQ2xDLFVBQVUsRUFBRSxHQUFHLFNBQVMsR0FBRyxFQUFFLFlBQVk7WUFDekMsS0FBSyxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsVUFBVTtZQUM3QixXQUFXLEVBQUUsc0JBQXNCLEVBQUUsRUFBRTtTQUN4QyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsU0FBUztRQUNQLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQztJQUNyQixDQUFDO0lBRUQsYUFBYTtRQUNYLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUM7SUFDaEMsQ0FBQztJQUVELFlBQVk7UUFDVixPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDO0lBQy9CLENBQUM7SUFFRCxtQkFBbUI7UUFDakIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDO0lBQ3RDLENBQUM7SUFFRCwyQkFBMkI7UUFDekIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLHdCQUF3QixDQUFDO0lBQzlDLENBQUM7SUFFRCxhQUFhO1FBQ1gsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDO0lBQ3RDLENBQUM7SUFFRCxhQUFhO1FBQ1gsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUM7SUFDL0IsQ0FBQztJQUVELFNBQVMsQ0FBQyxPQUFtQjtRQUMzQixPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRCxVQUFVLENBQUMsT0FBbUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUN6QyxDQUFDO0lBRUQsY0FBYyxDQUFDLE9BQW1CO1FBQ2hDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVELFdBQVcsQ0FBQyxPQUFtQjtRQUM3QixPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFRCxRQUFRLENBQUMsT0FBbUI7UUFDMUIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQsaUJBQWlCLENBQUMsR0FBRyxTQUFtQjtRQUN0QyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsaUJBQWlCLENBQUMsR0FBRyxTQUFTLENBQUMsQ0FBQztJQUNyRCxDQUFDO0lBRUQsb0JBQW9CLENBQ2xCLEtBQWdCLEVBQ2hCLElBQW9DLEVBQ3BDLEdBQUcsT0FBZ0M7UUFFbkMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxvQkFBb0IsQ0FBQyxLQUFLLEVBQUUsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLENBQUM7SUFDNUQsQ0FBQztJQUVELDRCQUE0QixDQUMxQixJQUFvQyxFQUNwQyxHQUFHLE9BQWdDO1FBRW5DLElBQUksQ0FBQyxNQUFNLENBQUMsNEJBQTRCLENBQUMsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLENBQUM7SUFDN0QsQ0FBQztJQUVELDRCQUE0QixDQUMxQixJQUFvQyxFQUNwQyxHQUFHLE9BQWdDO1FBRW5DLElBQUksQ0FBQyxNQUFNLENBQUMsNEJBQTRCLENBQUMsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLENBQUM7SUFDN0QsQ0FBQztDQUNGO0FBbEpELDBCQWtKQztBQUVELE1BQWEsY0FBYztJQUN6QixNQUFNLENBQUMsS0FBSyxDQUFDLEVBQVUsRUFBRSxRQUEyQixFQUFFO1FBQ3BELE1BQU0sRUFBRSxjQUFjLEVBQUUsR0FBRyxPQUFPLEVBQUUsR0FBRyxLQUFLLENBQUM7UUFDN0MsTUFBTSxFQUFFLEdBQXFCLENBQUMsSUFBUyxFQUFFLEtBQWdCLEVBQUUsRUFBRTtZQUMzRCxvQkFBb0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUM5QixPQUFPLElBQUksT0FBTyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDekMsQ0FBQyxDQUFDO1FBQ0YsSUFBSSxjQUFjLEVBQUUsQ0FBQztZQUNuQixFQUFFLENBQUMsY0FBYyxHQUFHLGNBQWMsQ0FBQztRQUNyQyxDQUFDO1FBQ0QsT0FBTyxFQUFFLENBQUM7SUFDWixDQUFDO0NBQ0Y7QUFaRCx3Q0FZQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQge1xuICB0eXBlIElCdWNrZXQsXG4gIHR5cGUgRXZlbnRUeXBlLFxuICB0eXBlIElCdWNrZXROb3RpZmljYXRpb25EZXN0aW5hdGlvbixcbiAgdHlwZSBOb3RpZmljYXRpb25LZXlGaWx0ZXIsXG4gIEJ1Y2tldEVuY3J5cHRpb24sXG4gIEh0dHBNZXRob2RzLFxuICB0eXBlIENvcnNSdWxlIGFzIENka0NvcnNSdWxlXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIjtcbmltcG9ydCB7XG4gIEJ1Y2tldERlcGxveW1lbnQsXG4gIFNvdXJjZSxcbiAgQ2FjaGVDb250cm9sXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczMtZGVwbG95bWVudFwiO1xuaW1wb3J0IHsgdHlwZSBJR3JhbnRhYmxlLCB0eXBlIEdyYW50IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIjtcbmltcG9ydCB7IEtleSB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mta21zXCI7XG5pbXBvcnQgeyBDZm5PdXRwdXQsIER1cmF0aW9uLCBTdGFjayB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuXG5pbXBvcnQgdHlwZSBBcHAgZnJvbSBcIi4uLy4uL2FwcFwiO1xuaW1wb3J0IHtcbiAgUzNCdWNrZXQsXG4gIHR5cGUgV2Vic2l0ZUhvc3RpbmdDb25maWdcbn0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3Mvc3RvcmFnZVwiO1xuaW1wb3J0IHsgdHlwZSBCYWNrdXBUaWVyIH0gZnJvbSBcIi4uLy4uL3V0aWxzL2JhY2t1cFRpZXJNYXBwaW5nXCI7XG5pbXBvcnQgeyBGamFsbExvZ2dlciB9IGZyb20gXCIuLi8uLi91dGlscy92YWxpZGF0aW9uTG9nZ2VyLmpzXCI7XG5pbXBvcnQgeyB0eXBlIElTdG9yYWdlIH0gZnJvbSBcIi4vaW50ZXJmYWNlcy9zdG9yYWdlLmpzXCI7XG5pbXBvcnQgeyB0eXBlIElTdG9yYWdlQ29ubmVjdG9yIH0gZnJvbSBcIi4vaW50ZXJmYWNlcy9jb25uZWN0b3IuanNcIjtcblxuZXhwb3J0IHsgdHlwZSBJU3RvcmFnZSwgaXNTdG9yYWdlIH0gZnJvbSBcIi4vaW50ZXJmYWNlcy9zdG9yYWdlLmpzXCI7XG5leHBvcnQgeyB0eXBlIFdlYnNpdGVIb3N0aW5nQ29uZmlnIH0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3Mvc3RvcmFnZVwiO1xuXG5leHBvcnQgaW50ZXJmYWNlIENvcnNSdWxlIHtcbiAgcmVhZG9ubHkgYWxsb3dlZE9yaWdpbnM6IHN0cmluZ1tdO1xuICByZWFkb25seSBhbGxvd2VkTWV0aG9kczogc3RyaW5nW107XG4gIHJlYWRvbmx5IGFsbG93ZWRIZWFkZXJzPzogc3RyaW5nW107XG4gIHJlYWRvbmx5IGV4cG9zZWRIZWFkZXJzPzogc3RyaW5nW107XG4gIHJlYWRvbmx5IG1heEFnZT86IG51bWJlcjtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBTM0RlcGxveW1lbnRDb25maWcge1xuICAvKiogUGF0aCB0byB0aGUgYXNzZXQgZGlyZWN0b3J5IChyZWxhdGl2ZSB0byBDREsgYXBwIHJvb3QpICovXG4gIHNvdXJjZTogc3RyaW5nO1xuICAvKiogV2hldGhlciB0byByZW1vdmUgZmlsZXMgZnJvbSBidWNrZXQgdGhhdCBhcmUgbm90IGluIHRoZSBzb3VyY2UuIERlZmF1bHQ6IHRydWUgKi9cbiAgcHJ1bmU/OiBib29sZWFuO1xuICAvKiogQ2FjaGUgY29udHJvbCBzZXR0aW5ncyBmb3IgdXBsb2FkZWQgZmlsZXMgKi9cbiAgY2FjaGVDb250cm9sPzoge1xuICAgIC8qKiBNYXggYWdlIGluIHNlY29uZHMgKGUuZy4sIDMxNTM2MDAwIGZvciAxIHllYXIpICovXG4gICAgbWF4QWdlPzogbnVtYmVyO1xuICAgIC8qKiBNYXJrIGFzIGltbXV0YWJsZSAoYnJvd3NlciB3aWxsIG5vdCByZXZhbGlkYXRlKSAqL1xuICAgIGltbXV0YWJsZT86IGJvb2xlYW47XG4gIH07XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUzNQcm9wcyB7XG4gIHJlYWRvbmx5IGJ1Y2tldE5hbWU/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IHB1YmxpY1JlYWRBY2Nlc3M/OiBib29sZWFuO1xuICByZWFkb25seSB3ZWJzaXRlSG9zdGluZz86IFdlYnNpdGVIb3N0aW5nQ29uZmlnO1xuICByZWFkb25seSB2ZXJzaW9uZWQ/OiBib29sZWFuO1xuICByZWFkb25seSBlbmNyeXB0aW9uPzogXCJBRVMyNTZcIiB8IFwiS01TXCI7XG4gIHJlYWRvbmx5IGttc0tleUFybj86IHN0cmluZztcbiAgcmVhZG9ubHkgYmFja3VwVmF1bHRUaWVyPzogQmFja3VwVGllcjtcbiAgcmVhZG9ubHkgY29ycz86IENvcnNSdWxlW107XG4gIHJlYWRvbmx5IGRlcGxveW1lbnQ/OiBTM0RlcGxveW1lbnRDb25maWc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgU3RvcmFnZUJ1aWxkUHJvcHMgZXh0ZW5kcyBTM1Byb3BzIHtcbiAgcmVhZG9ubHkgc3RhY2tQbGFjZW1lbnQ/OiBcInN0b3JhZ2VcIiB8IFwiY2RuXCIgfCBcImNvbXB1dGVcIjtcbn1cblxuZXhwb3J0IHR5cGUgU3RvcmFnZUZhY3RvcnlGbiA9ICgoYXBwOiBBcHAsIHNjb3BlOiBDb25zdHJ1Y3QpID0+IFN0b3JhZ2UpICYge1xuICBzdGFja1BsYWNlbWVudD86IFwic3RvcmFnZVwiIHwgXCJjZG5cIiB8IFwiY29tcHV0ZVwiO1xufTtcblxuZnVuY3Rpb24gdG9CdWNrZXRFbmNyeXB0aW9uKFxuICBlbmNyeXB0aW9uPzogXCJBRVMyNTZcIiB8IFwiS01TXCJcbik6IEJ1Y2tldEVuY3J5cHRpb24gfCB1bmRlZmluZWQge1xuICBpZiAoIWVuY3J5cHRpb24pIHJldHVybiB1bmRlZmluZWQ7XG4gIHJldHVybiBlbmNyeXB0aW9uID09PSBcIkFFUzI1NlwiXG4gICAgPyBCdWNrZXRFbmNyeXB0aW9uLlMzX01BTkFHRURcbiAgICA6IEJ1Y2tldEVuY3J5cHRpb24uS01TO1xufVxuXG5mdW5jdGlvbiB0b0h0dHBNZXRob2QobWV0aG9kOiBzdHJpbmcpOiBIdHRwTWV0aG9kcyB7XG4gIGNvbnN0IG1ldGhvZE1hcDogUmVjb3JkPHN0cmluZywgSHR0cE1ldGhvZHM+ID0ge1xuICAgIEdFVDogSHR0cE1ldGhvZHMuR0VULFxuICAgIFBVVDogSHR0cE1ldGhvZHMuUFVULFxuICAgIFBPU1Q6IEh0dHBNZXRob2RzLlBPU1QsXG4gICAgREVMRVRFOiBIdHRwTWV0aG9kcy5ERUxFVEUsXG4gICAgSEVBRDogSHR0cE1ldGhvZHMuSEVBRFxuICB9O1xuICByZXR1cm4gbWV0aG9kTWFwW21ldGhvZF0gPz8gSHR0cE1ldGhvZHMuR0VUO1xufVxuXG5mdW5jdGlvbiB0b0NvcnNSdWxlcyhjb3JzPzogQ29yc1J1bGVbXSk6IENka0NvcnNSdWxlW10gfCB1bmRlZmluZWQge1xuICBpZiAoIWNvcnMpIHJldHVybiB1bmRlZmluZWQ7XG4gIHJldHVybiBjb3JzLm1hcCgocnVsZSkgPT4gKHtcbiAgICBhbGxvd2VkT3JpZ2luczogcnVsZS5hbGxvd2VkT3JpZ2lucyxcbiAgICBhbGxvd2VkTWV0aG9kczogcnVsZS5hbGxvd2VkTWV0aG9kcy5tYXAodG9IdHRwTWV0aG9kKSxcbiAgICAuLi4ocnVsZS5hbGxvd2VkSGVhZGVycyAmJiB7IGFsbG93ZWRIZWFkZXJzOiBydWxlLmFsbG93ZWRIZWFkZXJzIH0pLFxuICAgIC4uLihydWxlLmV4cG9zZWRIZWFkZXJzICYmIHsgZXhwb3NlZEhlYWRlcnM6IHJ1bGUuZXhwb3NlZEhlYWRlcnMgfSksXG4gICAgLi4uKHJ1bGUubWF4QWdlICE9PSB1bmRlZmluZWQgJiYgeyBtYXhBZ2U6IHJ1bGUubWF4QWdlIH0pXG4gIH0pKTtcbn1cblxuZXhwb3J0IGZ1bmN0aW9uIHZhbGlkYXRlU3RvcmFnZVByb3BzKHByb3BzOiBTM1Byb3BzKTogdm9pZCB7XG4gIGlmIChwcm9wcy5lbmNyeXB0aW9uID09PSBcIktNU1wiICYmICFwcm9wcy5rbXNLZXlBcm4pIHtcbiAgICBGamFsbExvZ2dlci53YXJuKFxuICAgICAgXCInZW5jcnlwdGlvbicgaXMgc2V0IHRvICdLTVMnIGJ1dCAna21zS2V5QXJuJyBpcyBub3QgcHJvdmlkZWQuIFwiICtcbiAgICAgICAgXCJUaGUgYnVja2V0IHdpbGwgdXNlIHRoZSBkZWZhdWx0IEFXUyBtYW5hZ2VkIGtleS5cIlxuICAgICk7XG4gIH1cblxuICBpZiAocHJvcHMua21zS2V5QXJuICYmIHByb3BzLmVuY3J5cHRpb24gIT09IFwiS01TXCIpIHtcbiAgICBGamFsbExvZ2dlci53YXJuKFxuICAgICAgXCIna21zS2V5QXJuJyBpcyBwcm92aWRlZCBidXQgJ2VuY3J5cHRpb24nIGlzIG5vdCBzZXQgdG8gJ0tNUycuIFwiICtcbiAgICAgICAgXCJUaGUgS01TIGtleSB3aWxsIGJlIGlnbm9yZWQuIFNldCBlbmNyeXB0aW9uOiAnS01TJyB0byB1c2UgdGhlIGtleS5cIlxuICAgICk7XG4gIH1cbn1cblxuZXhwb3J0IGNsYXNzIFN0b3JhZ2UgZXh0ZW5kcyBDb25zdHJ1Y3QgaW1wbGVtZW50cyBJU3RvcmFnZSwgSVN0b3JhZ2VDb25uZWN0b3Ige1xuICBwdWJsaWMgcmVhZG9ubHkgY29ubmVjdG9yVHlwZSA9IFwic3RvcmFnZVwiIGFzIGNvbnN0O1xuICBwcml2YXRlIHJlYWRvbmx5IGJ1Y2tldDogUzNCdWNrZXQ7XG4gIHByaXZhdGUgcmVhZG9ubHkgYnVja2V0RGVwbG95bWVudD86IEJ1Y2tldERlcGxveW1lbnQ7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFMzUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgZW5jcnlwdGlvbktleSA9IHByb3BzLmttc0tleUFyblxuICAgICAgPyBLZXkuZnJvbUtleUFybih0aGlzLCBgJHtpZH1LbXNLZXlgLCBwcm9wcy5rbXNLZXlBcm4pXG4gICAgICA6IHVuZGVmaW5lZDtcblxuICAgIHRoaXMuYnVja2V0ID0gbmV3IFMzQnVja2V0KHRoaXMsIGAke2lkfUJ1Y2tldGAsIHtcbiAgICAgIGJ1Y2tldE5hbWU6IHByb3BzLmJ1Y2tldE5hbWUsXG4gICAgICB2ZXJzaW9uZWQ6IHByb3BzLnZlcnNpb25lZCxcbiAgICAgIGVuY3J5cHRpb246IHRvQnVja2V0RW5jcnlwdGlvbihwcm9wcy5lbmNyeXB0aW9uKSxcbiAgICAgIGVuY3J5cHRpb25LZXksXG4gICAgICBiYWNrdXBWYXVsdFRpZXI6IHByb3BzLmJhY2t1cFZhdWx0VGllcixcbiAgICAgIHB1YmxpY1JlYWRBY2Nlc3M6IHByb3BzLnB1YmxpY1JlYWRBY2Nlc3MsXG4gICAgICB3ZWJzaXRlSG9zdGluZzogcHJvcHMud2Vic2l0ZUhvc3RpbmcsXG4gICAgICAuLi4ocHJvcHMuY29ycyAmJiB7IGNvcnM6IHRvQ29yc1J1bGVzKHByb3BzLmNvcnMpIH0pXG4gICAgfSk7XG5cbiAgICBpZiAocHJvcHMuZGVwbG95bWVudCkge1xuICAgICAgdGhpcy5idWNrZXREZXBsb3ltZW50ID0gdGhpcy5jcmVhdGVEZXBsb3ltZW50KGlkLCBwcm9wcy5kZXBsb3ltZW50KTtcbiAgICB9XG5cbiAgICB0aGlzLmFkZE91dHB1dHMoaWQpO1xuICB9XG5cbiAgcHJpdmF0ZSBjcmVhdGVEZXBsb3ltZW50KFxuICAgIGlkOiBzdHJpbmcsXG4gICAgY29uZmlnOiBTM0RlcGxveW1lbnRDb25maWdcbiAgKTogQnVja2V0RGVwbG95bWVudCB7XG4gICAgY29uc3QgY2FjaGVDb250cm9sSGVhZGVyczogQ2FjaGVDb250cm9sW10gPSBbXTtcblxuICAgIGlmIChjb25maWcuY2FjaGVDb250cm9sPy5tYXhBZ2UgIT09IHVuZGVmaW5lZCkge1xuICAgICAgY2FjaGVDb250cm9sSGVhZGVycy5wdXNoKFxuICAgICAgICBDYWNoZUNvbnRyb2wubWF4QWdlKER1cmF0aW9uLnNlY29uZHMoY29uZmlnLmNhY2hlQ29udHJvbC5tYXhBZ2UpKVxuICAgICAgKTtcbiAgICB9XG4gICAgaWYgKGNvbmZpZy5jYWNoZUNvbnRyb2w/LmltbXV0YWJsZSkge1xuICAgICAgY2FjaGVDb250cm9sSGVhZGVycy5wdXNoKENhY2hlQ29udHJvbC5pbW11dGFibGUoKSk7XG4gICAgfVxuXG4gICAgcmV0dXJuIG5ldyBCdWNrZXREZXBsb3ltZW50KHRoaXMsIGAke2lkfURlcGxveW1lbnRgLCB7XG4gICAgICBzb3VyY2VzOiBbU291cmNlLmFzc2V0KGNvbmZpZy5zb3VyY2UpXSxcbiAgICAgIGRlc3RpbmF0aW9uQnVja2V0OiB0aGlzLmJ1Y2tldCxcbiAgICAgIHBydW5lOiBjb25maWcucHJ1bmUgPz8gdHJ1ZSxcbiAgICAgIC4uLihjYWNoZUNvbnRyb2xIZWFkZXJzLmxlbmd0aCA+IDAgJiYge1xuICAgICAgICBjYWNoZUNvbnRyb2w6IGNhY2hlQ29udHJvbEhlYWRlcnNcbiAgICAgIH0pXG4gICAgfSk7XG4gIH1cblxuICBwcml2YXRlIGFkZE91dHB1dHMoaWQ6IHN0cmluZyk6IHZvaWQge1xuICAgIGNvbnN0IHN0YWNrTmFtZSA9IFN0YWNrLm9mKHRoaXMpLnN0YWNrTmFtZTtcblxuICAgIG5ldyBDZm5PdXRwdXQodGhpcywgYCR7aWR9QnVja2V0QXJuYCwge1xuICAgICAga2V5OiBgJHtzdGFja05hbWV9JHtpZH1CdWNrZXRBcm5gLFxuICAgICAgZXhwb3J0TmFtZTogYCR7c3RhY2tOYW1lfSR7aWR9QnVja2V0QXJuYCxcbiAgICAgIHZhbHVlOiB0aGlzLmJ1Y2tldC5idWNrZXRBcm4sXG4gICAgICBkZXNjcmlwdGlvbjogYFMzIEJ1Y2tldCBBUk4gZm9yICR7aWR9YFxuICAgIH0pO1xuXG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHtpZH1CdWNrZXROYW1lYCwge1xuICAgICAga2V5OiBgJHtzdGFja05hbWV9JHtpZH1CdWNrZXROYW1lYCxcbiAgICAgIGV4cG9ydE5hbWU6IGAke3N0YWNrTmFtZX0ke2lkfUJ1Y2tldE5hbWVgLFxuICAgICAgdmFsdWU6IHRoaXMuYnVja2V0LmJ1Y2tldE5hbWUsXG4gICAgICBkZXNjcmlwdGlvbjogYFMzIEJ1Y2tldCBOYW1lIGZvciAke2lkfWBcbiAgICB9KTtcbiAgfVxuXG4gIGdldEJ1Y2tldCgpOiBJQnVja2V0IHtcbiAgICByZXR1cm4gdGhpcy5idWNrZXQ7XG4gIH1cblxuICBnZXRCdWNrZXROYW1lKCk6IHN0cmluZyB7XG4gICAgcmV0dXJuIHRoaXMuYnVja2V0LmJ1Y2tldE5hbWU7XG4gIH1cblxuICBnZXRCdWNrZXRBcm4oKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy5idWNrZXQuYnVja2V0QXJuO1xuICB9XG5cbiAgZ2V0QnVja2V0RG9tYWluTmFtZSgpOiBzdHJpbmcge1xuICAgIHJldHVybiB0aGlzLmJ1Y2tldC5idWNrZXREb21haW5OYW1lO1xuICB9XG5cbiAgZ2V0QnVja2V0UmVnaW9uYWxEb21haW5OYW1lKCk6IHN0cmluZyB7XG4gICAgcmV0dXJuIHRoaXMuYnVja2V0LmJ1Y2tldFJlZ2lvbmFsRG9tYWluTmFtZTtcbiAgfVxuXG4gIGdldFdlYnNpdGVVcmwoKTogc3RyaW5nIHwgdW5kZWZpbmVkIHtcbiAgICByZXR1cm4gdGhpcy5idWNrZXQuYnVja2V0V2Vic2l0ZVVybDtcbiAgfVxuXG4gIGdldERlcGxveW1lbnQoKTogQnVja2V0RGVwbG95bWVudCB8IHVuZGVmaW5lZCB7XG4gICAgcmV0dXJuIHRoaXMuYnVja2V0RGVwbG95bWVudDtcbiAgfVxuXG4gIGdyYW50UmVhZChncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQge1xuICAgIHJldHVybiB0aGlzLmJ1Y2tldC5ncmFudFJlYWQoZ3JhbnRlZSk7XG4gIH1cblxuICBncmFudFdyaXRlKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudCB7XG4gICAgcmV0dXJuIHRoaXMuYnVja2V0LmdyYW50V3JpdGUoZ3JhbnRlZSk7XG4gIH1cblxuICBncmFudFJlYWRXcml0ZShncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQge1xuICAgIHJldHVybiB0aGlzLmJ1Y2tldC5ncmFudFJlYWRXcml0ZShncmFudGVlKTtcbiAgfVxuXG4gIGdyYW50RGVsZXRlKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudCB7XG4gICAgcmV0dXJuIHRoaXMuYnVja2V0LmdyYW50RGVsZXRlKGdyYW50ZWUpO1xuICB9XG5cbiAgZ3JhbnRQdXQoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50IHtcbiAgICByZXR1cm4gdGhpcy5idWNrZXQuZ3JhbnRQdXQoZ3JhbnRlZSk7XG4gIH1cblxuICBncmFudFB1YmxpY0FjY2VzcyguLi5rZXlQcmVmaXg6IHN0cmluZ1tdKTogR3JhbnQge1xuICAgIHJldHVybiB0aGlzLmJ1Y2tldC5ncmFudFB1YmxpY0FjY2VzcyguLi5rZXlQcmVmaXgpO1xuICB9XG5cbiAgYWRkRXZlbnROb3RpZmljYXRpb24oXG4gICAgZXZlbnQ6IEV2ZW50VHlwZSxcbiAgICBkZXN0OiBJQnVja2V0Tm90aWZpY2F0aW9uRGVzdGluYXRpb24sXG4gICAgLi4uZmlsdGVyczogTm90aWZpY2F0aW9uS2V5RmlsdGVyW11cbiAgKTogdm9pZCB7XG4gICAgdGhpcy5idWNrZXQuYWRkRXZlbnROb3RpZmljYXRpb24oZXZlbnQsIGRlc3QsIC4uLmZpbHRlcnMpO1xuICB9XG5cbiAgYWRkT2JqZWN0Q3JlYXRlZE5vdGlmaWNhdGlvbihcbiAgICBkZXN0OiBJQnVja2V0Tm90aWZpY2F0aW9uRGVzdGluYXRpb24sXG4gICAgLi4uZmlsdGVyczogTm90aWZpY2F0aW9uS2V5RmlsdGVyW11cbiAgKTogdm9pZCB7XG4gICAgdGhpcy5idWNrZXQuYWRkT2JqZWN0Q3JlYXRlZE5vdGlmaWNhdGlvbihkZXN0LCAuLi5maWx0ZXJzKTtcbiAgfVxuXG4gIGFkZE9iamVjdFJlbW92ZWROb3RpZmljYXRpb24oXG4gICAgZGVzdDogSUJ1Y2tldE5vdGlmaWNhdGlvbkRlc3RpbmF0aW9uLFxuICAgIC4uLmZpbHRlcnM6IE5vdGlmaWNhdGlvbktleUZpbHRlcltdXG4gICk6IHZvaWQge1xuICAgIHRoaXMuYnVja2V0LmFkZE9iamVjdFJlbW92ZWROb3RpZmljYXRpb24oZGVzdCwgLi4uZmlsdGVycyk7XG4gIH1cbn1cblxuZXhwb3J0IGNsYXNzIFN0b3JhZ2VGYWN0b3J5IHtcbiAgc3RhdGljIGJ1aWxkKGlkOiBzdHJpbmcsIHByb3BzOiBTdG9yYWdlQnVpbGRQcm9wcyA9IHt9KTogU3RvcmFnZUZhY3RvcnlGbiB7XG4gICAgY29uc3QgeyBzdGFja1BsYWNlbWVudCwgLi4uczNQcm9wcyB9ID0gcHJvcHM7XG4gICAgY29uc3QgZm46IFN0b3JhZ2VGYWN0b3J5Rm4gPSAoX2FwcDogQXBwLCBzY29wZTogQ29uc3RydWN0KSA9PiB7XG4gICAgICB2YWxpZGF0ZVN0b3JhZ2VQcm9wcyhzM1Byb3BzKTtcbiAgICAgIHJldHVybiBuZXcgU3RvcmFnZShzY29wZSwgaWQsIHMzUHJvcHMpO1xuICAgIH07XG4gICAgaWYgKHN0YWNrUGxhY2VtZW50KSB7XG4gICAgICBmbi5zdGFja1BsYWNlbWVudCA9IHN0YWNrUGxhY2VtZW50O1xuICAgIH1cbiAgICByZXR1cm4gZm47XG4gIH1cbn1cbiJdfQ==

package/dist/lib/patterns/aws/subdomainHostedZone.js

@@ -1,24 +1,21 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SubdomainHostedZone = void 0;
-const route53 = require("aws-cdk-lib/aws-route53");
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const iam_1 = require("../../resources/aws/iam");
-const getAccountId_1 = require("../../utils/getAccountId");
-const app_1 = require("../../app");
-class SubdomainHostedZone extends aws_cdk_lib_1.Stack {
+import * as route53 from "aws-cdk-lib/aws-route53";
+import { CfnOutput, Stack } from "aws-cdk-lib";
+import { Role } from "../../resources/aws/iam/index.js";
+import getAccountId from "../../utils/getAccountId.js";
+import App from "../../app.js";
+export class SubdomainHostedZone extends Stack {
     constructor(id, props) {
-        super(app_1.default.getInstance(), id);
+        super(App.getInstance(), id);
         // DelegationRoleArn
-        const delegationRoleArn = aws_cdk_lib_1.Stack.of(this).formatArn({
-            account: (0, getAccountId_1.default)(props.parentAccountName),
+        const delegationRoleArn = Stack.of(this).formatArn({
+            account: getAccountId(props.parentAccountName),
             region: "",
             resource: "role",
             resourceName: `${props.parentHostedZoneName.split(".", 1)}DelegateHostedZoneRole`,
             service: "iam"
         });
         // Delegate Hosted Zone Role
-        const hostedZoneDelegationRole = iam_1.Role.fromRoleArn(this, "hostedZoneDelegationRole", delegationRoleArn);
+        const hostedZoneDelegationRole = Role.fromRoleArn(this, "hostedZoneDelegationRole", delegationRoleArn);
         // Subdomains
         const delegatedHostedZone = new route53.HostedZone(this, `${props.delegatedZone}HostedZone`, {
             zoneName: props.delegatedZone
@@ -28,12 +25,10 @@ class SubdomainHostedZone extends aws_cdk_lib_1.Stack {
             delegatedZone: delegatedHostedZone,
             parentHostedZoneName: props.parentHostedZoneName
         });
-        new aws_cdk_lib_1.CfnOutput(this, `${props.delegatedZone.split(".").join("")}HostedZoneId`, {
+        new CfnOutput(this, `${props.delegatedZone.split(".").join("")}HostedZoneId`, {
             key: `${props.delegatedZone.split(".").join("")}HostedZoneId`,
             value: delegatedHostedZone.hostedZoneId,
             exportName: `${props.delegatedZone.split(".").join("")}HostedZoneId`
         });
     }
 }
-exports.SubdomainHostedZone = SubdomainHostedZone;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3ViZG9tYWluSG9zdGVkWm9uZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL2xpYi9wYXR0ZXJucy9hd3Mvc3ViZG9tYWluSG9zdGVkWm9uZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxtREFBbUQ7QUFDbkQsNkNBQStDO0FBQy9DLGlEQUErQztBQUMvQywyREFBb0Q7QUFDcEQsbUNBQTRCO0FBUTVCLE1BQWEsbUJBQW9CLFNBQVEsbUJBQUs7SUFDNUMsWUFBWSxFQUFVLEVBQUUsS0FBK0I7UUFDckQsS0FBSyxDQUFDLGFBQUcsQ0FBQyxXQUFXLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQztRQUU3QixvQkFBb0I7UUFDcEIsTUFBTSxpQkFBaUIsR0FBRyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxTQUFTLENBQUM7WUFDakQsT0FBTyxFQUFFLElBQUEsc0JBQVksRUFBQyxLQUFLLENBQUMsaUJBQWlCLENBQUM7WUFDOUMsTUFBTSxFQUFFLEVBQUU7WUFDVixRQUFRLEVBQUUsTUFBTTtZQUNoQixZQUFZLEVBQUUsR0FBRyxLQUFLLENBQUMsb0JBQW9CLENBQUMsS0FBSyxDQUMvQyxHQUFHLEVBQ0gsQ0FBQyxDQUNGLHdCQUF3QjtZQUN6QixPQUFPLEVBQUUsS0FBSztTQUNmLENBQUMsQ0FBQztRQUVILDRCQUE0QjtRQUM1QixNQUFNLHdCQUF3QixHQUFHLFVBQUksQ0FBQyxXQUFXLENBQy9DLElBQUksRUFDSiwwQkFBMEIsRUFDMUIsaUJBQWlCLENBQ2xCLENBQUM7UUFFRixhQUFhO1FBQ2IsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLE9BQU8sQ0FBQyxVQUFVLENBQ2hELElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxhQUFhLFlBQVksRUFDbEM7WUFDRSxRQUFRLEVBQUUsS0FBSyxDQUFDLGFBQWE7U0FDOUIsQ0FDRixDQUFDO1FBRUYsSUFBSSxPQUFPLENBQUMsZ0NBQWdDLENBQzFDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxhQUFhLGdCQUFnQixFQUN0QztZQUNFLGNBQWMsRUFBRSx3QkFBd0I7WUFDeEMsYUFBYSxFQUFFLG1CQUFtQjtZQUNsQyxvQkFBb0IsRUFBRSxLQUFLLENBQUMsb0JBQW9CO1NBQ2pELENBQ0YsQ0FBQztRQUVGLElBQUksdUJBQVMsQ0FDWCxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWMsRUFDeEQ7WUFDRSxHQUFHLEVBQUUsR0FBRyxLQUFLLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLGNBQWM7WUFDN0QsS0FBSyxFQUFFLG1CQUFtQixDQUFDLFlBQVk7WUFDdkMsVUFBVSxFQUFFLEdBQUcsS0FBSyxDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxjQUFjO1NBQ3JFLENBQ0YsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQXBERCxrREFvREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyByb3V0ZTUzIGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtcm91dGU1M1wiO1xuaW1wb3J0IHsgQ2ZuT3V0cHV0LCBTdGFjayB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgUm9sZSB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL2lhbVwiO1xuaW1wb3J0IGdldEFjY291bnRJZCBmcm9tIFwiLi4vLi4vdXRpbHMvZ2V0QWNjb3VudElkXCI7XG5pbXBvcnQgQXBwIGZyb20gXCIuLi8uLi9hcHBcIjtcblxuZXhwb3J0IGludGVyZmFjZSBzdWJkb21haW5Ib3N0ZWRab25lUHJvcHMge1xuICBkZWxlZ2F0ZWRab25lOiBzdHJpbmc7XG4gIHBhcmVudEhvc3RlZFpvbmVOYW1lOiBzdHJpbmc7XG4gIHBhcmVudEFjY291bnROYW1lOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBjbGFzcyBTdWJkb21haW5Ib3N0ZWRab25lIGV4dGVuZHMgU3RhY2sge1xuICBjb25zdHJ1Y3RvcihpZDogc3RyaW5nLCBwcm9wczogc3ViZG9tYWluSG9zdGVkWm9uZVByb3BzKSB7XG4gICAgc3VwZXIoQXBwLmdldEluc3RhbmNlKCksIGlkKTtcblxuICAgIC8vIERlbGVnYXRpb25Sb2xlQXJuXG4gICAgY29uc3QgZGVsZWdhdGlvblJvbGVBcm4gPSBTdGFjay5vZih0aGlzKS5mb3JtYXRBcm4oe1xuICAgICAgYWNjb3VudDogZ2V0QWNjb3VudElkKHByb3BzLnBhcmVudEFjY291bnROYW1lKSxcbiAgICAgIHJlZ2lvbjogXCJcIixcbiAgICAgIHJlc291cmNlOiBcInJvbGVcIixcbiAgICAgIHJlc291cmNlTmFtZTogYCR7cHJvcHMucGFyZW50SG9zdGVkWm9uZU5hbWUuc3BsaXQoXG4gICAgICAgIFwiLlwiLFxuICAgICAgICAxXG4gICAgICApfURlbGVnYXRlSG9zdGVkWm9uZVJvbGVgLFxuICAgICAgc2VydmljZTogXCJpYW1cIlxuICAgIH0pO1xuXG4gICAgLy8gRGVsZWdhdGUgSG9zdGVkIFpvbmUgUm9sZVxuICAgIGNvbnN0IGhvc3RlZFpvbmVEZWxlZ2F0aW9uUm9sZSA9IFJvbGUuZnJvbVJvbGVBcm4oXG4gICAgICB0aGlzLFxuICAgICAgXCJob3N0ZWRab25lRGVsZWdhdGlvblJvbGVcIixcbiAgICAgIGRlbGVnYXRpb25Sb2xlQXJuXG4gICAgKTtcblxuICAgIC8vIFN1YmRvbWFpbnNcbiAgICBjb25zdCBkZWxlZ2F0ZWRIb3N0ZWRab25lID0gbmV3IHJvdXRlNTMuSG9zdGVkWm9uZShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kZWxlZ2F0ZWRab25lfUhvc3RlZFpvbmVgLFxuICAgICAge1xuICAgICAgICB6b25lTmFtZTogcHJvcHMuZGVsZWdhdGVkWm9uZVxuICAgICAgfVxuICAgICk7XG5cbiAgICBuZXcgcm91dGU1My5Dcm9zc0FjY291bnRab25lRGVsZWdhdGlvblJlY29yZChcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kZWxlZ2F0ZWRab25lfURlbGVnYXRpb25Sb2xlYCxcbiAgICAgIHtcbiAgICAgICAgZGVsZWdhdGlvblJvbGU6IGhvc3RlZFpvbmVEZWxlZ2F0aW9uUm9sZSxcbiAgICAgICAgZGVsZWdhdGVkWm9uZTogZGVsZWdhdGVkSG9zdGVkWm9uZSxcbiAgICAgICAgcGFyZW50SG9zdGVkWm9uZU5hbWU6IHByb3BzLnBhcmVudEhvc3RlZFpvbmVOYW1lXG4gICAgICB9XG4gICAgKTtcblxuICAgIG5ldyBDZm5PdXRwdXQoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGVsZWdhdGVkWm9uZS5zcGxpdChcIi5cIikuam9pbihcIlwiKX1Ib3N0ZWRab25lSWRgLFxuICAgICAge1xuICAgICAgICBrZXk6IGAke3Byb3BzLmRlbGVnYXRlZFpvbmUuc3BsaXQoXCIuXCIpLmpvaW4oXCJcIil9SG9zdGVkWm9uZUlkYCxcbiAgICAgICAgdmFsdWU6IGRlbGVnYXRlZEhvc3RlZFpvbmUuaG9zdGVkWm9uZUlkLFxuICAgICAgICBleHBvcnROYW1lOiBgJHtwcm9wcy5kZWxlZ2F0ZWRab25lLnNwbGl0KFwiLlwiKS5qb2luKFwiXCIpfUhvc3RlZFpvbmVJZGBcbiAgICAgIH1cbiAgICApO1xuICB9XG59XG4iXX0=

package/dist/lib/patterns/aws/targets/fjallTargets.d.ts

@@ -0,0 +1,37 @@
+import { type IAliasRecordTarget } from "aws-cdk-lib/aws-route53";
+import type { FjallTarget } from "../interfaces/domain.js";
+/**
+ * Intersection of the introspectable `FjallTarget` discriminant (used for
+ * eject + deploy ordering) and CDK's `IAliasRecordTarget` (used for synth).
+ * Every helper in this module returns this intersection so downstream code
+ * can treat the same value as either without re-resolving.
+ */
+export type FjallAliasTarget = FjallTarget & IAliasRecordTarget;
+/**
+ * Target helper for a Fjall ECS/ALB-fronted app.
+ *
+ * Requires the app stack to publish exports `${safeApp}AlbDnsName` and
+ * `${safeApp}AlbHostedZoneId`. Phase 2 wires these emitters; until then,
+ * deploys fail at CloudFormation execution with "No export named … found".
+ */
+export declare function fjallApp(appName: string): FjallAliasTarget;
+/**
+ * Target helper for a Fjall CloudFront-fronted app.
+ *
+ * Requires the CDN stack to publish export `${safeApp}CdnDistributionDomainName`.
+ * Phase 2 wires the emitter.
+ */
+export declare function fjallCdn(appName: string): FjallAliasTarget;
+/**
+ * Target helper for a Fjall S3 static-site bucket.
+ *
+ * Requires the bucket stack to publish exports `${safeBucket}WebsiteEndpoint`
+ * and `${safeBucket}WebsiteHostedZoneId`. Phase 2 wires these emitters.
+ */
+export declare function fjallBucket(bucketName: string): FjallAliasTarget;
+/**
+ * Target helper for an arbitrary `(dnsName, hostedZoneId)` pair. Accepts
+ * literal strings or CDK tokens (e.g. a `CfnOutput.value`). No
+ * `Fn.importValue` wrapping — the values pass through verbatim.
+ */
+export declare function aliasTo(dnsName: string, hostedZoneId: string): FjallAliasTarget;

package/dist/lib/patterns/aws/targets/fjallTargets.js

@@ -0,0 +1,66 @@
+import { resolveBucketTarget, resolveCdnTarget, resolveCustomTarget, resolveEcsTarget } from "./targetResolution.js";
+/**
+ * Target helper for a Fjall ECS/ALB-fronted app.
+ *
+ * Requires the app stack to publish exports `${safeApp}AlbDnsName` and
+ * `${safeApp}AlbHostedZoneId`. Phase 2 wires these emitters; until then,
+ * deploys fail at CloudFormation execution with "No export named … found".
+ */
+export function fjallApp(appName) {
+    const resolved = resolveEcsTarget(appName);
+    return {
+        kind: "ecs",
+        appName,
+        bind(record, zone) {
+            return resolved.bind(record, zone);
+        }
+    };
+}
+/**
+ * Target helper for a Fjall CloudFront-fronted app.
+ *
+ * Requires the CDN stack to publish export `${safeApp}CdnDistributionDomainName`.
+ * Phase 2 wires the emitter.
+ */
+export function fjallCdn(appName) {
+    const resolved = resolveCdnTarget(appName);
+    return {
+        kind: "cdn",
+        appName,
+        bind(record, zone) {
+            return resolved.bind(record, zone);
+        }
+    };
+}
+/**
+ * Target helper for a Fjall S3 static-site bucket.
+ *
+ * Requires the bucket stack to publish exports `${safeBucket}WebsiteEndpoint`
+ * and `${safeBucket}WebsiteHostedZoneId`. Phase 2 wires these emitters.
+ */
+export function fjallBucket(bucketName) {
+    const resolved = resolveBucketTarget(bucketName);
+    return {
+        kind: "bucket",
+        bucketName,
+        bind(record, zone) {
+            return resolved.bind(record, zone);
+        }
+    };
+}
+/**
+ * Target helper for an arbitrary `(dnsName, hostedZoneId)` pair. Accepts
+ * literal strings or CDK tokens (e.g. a `CfnOutput.value`). No
+ * `Fn.importValue` wrapping — the values pass through verbatim.
+ */
+export function aliasTo(dnsName, hostedZoneId) {
+    const resolved = resolveCustomTarget(dnsName, hostedZoneId);
+    return {
+        kind: "custom",
+        dnsName,
+        hostedZoneId,
+        bind(record, zone) {
+            return resolved.bind(record, zone);
+        }
+    };
+}

package/dist/lib/patterns/aws/targets/index.d.ts

@@ -0,0 +1,2 @@
+export { fjallApp, fjallCdn, fjallBucket, aliasTo, type FjallAliasTarget } from "./fjallTargets.js";
+export { CLOUDFRONT_HOSTED_ZONE_ID } from "./targetResolution.js";

package/dist/lib/patterns/aws/targets/index.js

@@ -0,0 +1,2 @@
+export { fjallApp, fjallCdn, fjallBucket, aliasTo } from "./fjallTargets.js";
+export { CLOUDFRONT_HOSTED_ZONE_ID } from "./targetResolution.js";

package/dist/lib/patterns/aws/targets/targetResolution.d.ts

@@ -0,0 +1,76 @@
+import { type IAliasRecordTarget } from "aws-cdk-lib/aws-route53";
+import type { FjallTarget } from "../interfaces/domain.js";
+/**
+ * Cross-phase export-name contract.
+ *
+ * Phase 1 DEFINES these export names; Phase 2 is responsible for wiring the
+ * emitting stacks (`computeEcs.ts`, `cdn.ts`, `storage.ts`) to publish each
+ * `CfnOutput` with the matching `exportName`. Until Phase 2 lands the
+ * producers, a deploy of any `Domain` with a typed target fails at
+ * CloudFormation execution with "No export named … found" — the helpers
+ * compile and synthesise, but the cross-stack import resolves at deploy.
+ *
+ * Producer-consumer matrix (see Phase 1 plan §3, D6 / T0.5):
+ *
+ * | Producer (Phase 2)          | Consumer (Phase 1)      | Export name                              |
+ * |-----------------------------|-------------------------|------------------------------------------|
+ * | `computeEcs.ts` app stack   | `resolveEcsTarget`      | `${safeApp}AlbDnsName`                    |
+ * | `computeEcs.ts` app stack   | `resolveEcsTarget`      | `${safeApp}AlbHostedZoneId`               |
+ * | `cdn.ts` CDN stack          | `resolveCdnTarget`      | `${safeApp}CdnDistributionDomainName`     |
+ * | `storage.ts` bucket stack   | `resolveBucketTarget`   | `${safeBucket}WebsiteEndpoint`            |
+ * | `storage.ts` bucket stack   | `resolveBucketTarget`   | `${safeBucket}WebsiteHostedZoneId`        |
+ */
+export declare const EXPORT_NAMES: {
+    readonly ALB_DNS: (safeApp: string) => string;
+    readonly ALB_HOSTED_ZONE_ID: (safeApp: string) => string;
+    readonly CDN_DOMAIN: (safeApp: string) => string;
+    readonly BUCKET_WEBSITE_ENDPOINT: (safeBucket: string) => string;
+    readonly BUCKET_WEBSITE_HZ_ID: (safeBucket: string) => string;
+};
+/** Route53-reserved hosted-zone id for CloudFront distributions. */
+export declare const CLOUDFRONT_HOSTED_ZONE_ID = "Z2FDTNDATAQYW2";
+/**
+ * Resolve a Fjall ECS/ALB-fronted app to an `IAliasRecordTarget`.
+ *
+ * Requires the app stack to publish exports:
+ *   - `${safeApp}AlbDnsName`
+ *   - `${safeApp}AlbHostedZoneId`
+ *
+ * Phase 2 wires the emitters; until then, deploys of typed targets fail with
+ * "No export named … found".
+ */
+export declare function resolveEcsTarget(appName: string): IAliasRecordTarget;
+/**
+ * Resolve a Fjall CloudFront-fronted app to an `IAliasRecordTarget`.
+ *
+ * Requires the CDN stack to publish export `${safeApp}CdnDistributionDomainName`.
+ * The CloudFront hosted-zone id is the globally fixed `Z2FDTNDATAQYW2`.
+ *
+ * Phase 2 wires the emitter; until then, deploys of typed targets fail with
+ * "No export named … found".
+ */
+export declare function resolveCdnTarget(appName: string): IAliasRecordTarget;
+/**
+ * Resolve a Fjall S3 static-site bucket to an `IAliasRecordTarget`.
+ *
+ * Requires the bucket stack to publish exports:
+ *   - `${safeBucket}WebsiteEndpoint`
+ *   - `${safeBucket}WebsiteHostedZoneId`
+ *
+ * Phase 2 wires the emitters; until then, deploys of typed targets fail with
+ * "No export named … found".
+ */
+export declare function resolveBucketTarget(bucketName: string): IAliasRecordTarget;
+/**
+ * Pure passthrough — accepts concrete DNS name + hosted-zone id (or CDK
+ * tokens) and forwards them unchanged. No `Fn.importValue` wrapping.
+ */
+export declare function resolveCustomTarget(dnsName: string, hostedZoneId: string): IAliasRecordTarget;
+/**
+ * Resolve a `FjallTarget` to its raw DNS-name string. The return value is a
+ * CloudFormation token for the ECS/CDN/bucket variants — Phase 2 resolves the
+ * concrete host via `describeStackResources` after deploy. Used only by
+ * `externalRecordsPattern.ts` where no Route53 resource exists and manual
+ * record emission needs a string value.
+ */
+export declare function resolveTargetToDnsName(target: FjallTarget): string;

package/dist/lib/patterns/aws/targets/targetResolution.js

@@ -0,0 +1,119 @@
+import { Fn } from "aws-cdk-lib";
+import { toPascalCase } from "../../../utils/capitaliseString.js";
+/**
+ * Cross-phase export-name contract.
+ *
+ * Phase 1 DEFINES these export names; Phase 2 is responsible for wiring the
+ * emitting stacks (`computeEcs.ts`, `cdn.ts`, `storage.ts`) to publish each
+ * `CfnOutput` with the matching `exportName`. Until Phase 2 lands the
+ * producers, a deploy of any `Domain` with a typed target fails at
+ * CloudFormation execution with "No export named … found" — the helpers
+ * compile and synthesise, but the cross-stack import resolves at deploy.
+ *
+ * Producer-consumer matrix (see Phase 1 plan §3, D6 / T0.5):
+ *
+ * | Producer (Phase 2)          | Consumer (Phase 1)      | Export name                              |
+ * |-----------------------------|-------------------------|------------------------------------------|
+ * | `computeEcs.ts` app stack   | `resolveEcsTarget`      | `${safeApp}AlbDnsName`                    |
+ * | `computeEcs.ts` app stack   | `resolveEcsTarget`      | `${safeApp}AlbHostedZoneId`               |
+ * | `cdn.ts` CDN stack          | `resolveCdnTarget`      | `${safeApp}CdnDistributionDomainName`     |
+ * | `storage.ts` bucket stack   | `resolveBucketTarget`   | `${safeBucket}WebsiteEndpoint`            |
+ * | `storage.ts` bucket stack   | `resolveBucketTarget`   | `${safeBucket}WebsiteHostedZoneId`        |
+ */
+export const EXPORT_NAMES = {
+    ALB_DNS: (safeApp) => `${safeApp}AlbDnsName`,
+    ALB_HOSTED_ZONE_ID: (safeApp) => `${safeApp}AlbHostedZoneId`,
+    CDN_DOMAIN: (safeApp) => `${safeApp}CdnDistributionDomainName`,
+    BUCKET_WEBSITE_ENDPOINT: (safeBucket) => `${safeBucket}WebsiteEndpoint`,
+    BUCKET_WEBSITE_HZ_ID: (safeBucket) => `${safeBucket}WebsiteHostedZoneId`
+};
+/** Route53-reserved hosted-zone id for CloudFront distributions. */
+export const CLOUDFRONT_HOSTED_ZONE_ID = "Z2FDTNDATAQYW2";
+/**
+ * Build an object satisfying CDK's `IAliasRecordTarget` shape. The
+ * `bind(record, zone?)` signature mirrors `aws-cdk-lib/aws-route53` exactly so
+ * future CDK tightenings of the interface continue to compile.
+ */
+function buildAliasTarget(dnsName, hostedZoneId) {
+    return {
+        bind(_record, _zone) {
+            return { dnsName, hostedZoneId };
+        }
+    };
+}
+/**
+ * Resolve a Fjall ECS/ALB-fronted app to an `IAliasRecordTarget`.
+ *
+ * Requires the app stack to publish exports:
+ *   - `${safeApp}AlbDnsName`
+ *   - `${safeApp}AlbHostedZoneId`
+ *
+ * Phase 2 wires the emitters; until then, deploys of typed targets fail with
+ * "No export named … found".
+ */
+export function resolveEcsTarget(appName) {
+    const safeApp = toPascalCase(appName);
+    const dnsName = Fn.importValue(EXPORT_NAMES.ALB_DNS(safeApp));
+    const hostedZoneId = Fn.importValue(EXPORT_NAMES.ALB_HOSTED_ZONE_ID(safeApp));
+    return buildAliasTarget(dnsName, hostedZoneId);
+}
+/**
+ * Resolve a Fjall CloudFront-fronted app to an `IAliasRecordTarget`.
+ *
+ * Requires the CDN stack to publish export `${safeApp}CdnDistributionDomainName`.
+ * The CloudFront hosted-zone id is the globally fixed `Z2FDTNDATAQYW2`.
+ *
+ * Phase 2 wires the emitter; until then, deploys of typed targets fail with
+ * "No export named … found".
+ */
+export function resolveCdnTarget(appName) {
+    const safeApp = toPascalCase(appName);
+    const dnsName = Fn.importValue(EXPORT_NAMES.CDN_DOMAIN(safeApp));
+    return buildAliasTarget(dnsName, CLOUDFRONT_HOSTED_ZONE_ID);
+}
+/**
+ * Resolve a Fjall S3 static-site bucket to an `IAliasRecordTarget`.
+ *
+ * Requires the bucket stack to publish exports:
+ *   - `${safeBucket}WebsiteEndpoint`
+ *   - `${safeBucket}WebsiteHostedZoneId`
+ *
+ * Phase 2 wires the emitters; until then, deploys of typed targets fail with
+ * "No export named … found".
+ */
+export function resolveBucketTarget(bucketName) {
+    const safeBucket = toPascalCase(bucketName);
+    const dnsName = Fn.importValue(EXPORT_NAMES.BUCKET_WEBSITE_ENDPOINT(safeBucket));
+    const hostedZoneId = Fn.importValue(EXPORT_NAMES.BUCKET_WEBSITE_HZ_ID(safeBucket));
+    return buildAliasTarget(dnsName, hostedZoneId);
+}
+/**
+ * Pure passthrough — accepts concrete DNS name + hosted-zone id (or CDK
+ * tokens) and forwards them unchanged. No `Fn.importValue` wrapping.
+ */
+export function resolveCustomTarget(dnsName, hostedZoneId) {
+    return buildAliasTarget(dnsName, hostedZoneId);
+}
+/**
+ * Resolve a `FjallTarget` to its raw DNS-name string. The return value is a
+ * CloudFormation token for the ECS/CDN/bucket variants — Phase 2 resolves the
+ * concrete host via `describeStackResources` after deploy. Used only by
+ * `externalRecordsPattern.ts` where no Route53 resource exists and manual
+ * record emission needs a string value.
+ */
+export function resolveTargetToDnsName(target) {
+    switch (target.kind) {
+        case "ecs":
+            return Fn.importValue(EXPORT_NAMES.ALB_DNS(toPascalCase(target.appName)));
+        case "cdn":
+            return Fn.importValue(EXPORT_NAMES.CDN_DOMAIN(toPascalCase(target.appName)));
+        case "bucket":
+            return Fn.importValue(EXPORT_NAMES.BUCKET_WEBSITE_ENDPOINT(toPascalCase(target.bucketName)));
+        case "custom":
+            return target.dnsName;
+        default: {
+            const _exhaustive = target;
+            throw new Error(`Unsupported FjallTarget kind: ${String(_exhaustive.kind)}`);
+        }
+    }
+}

package/dist/lib/patterns/index.d.ts

@@ -0,0 +1 @@
+export * from "./aws/index.js";

package/dist/lib/patterns/index.js

@@ -0,0 +1 @@
+export * from "./aws/index.js";

package/dist/lib/resources/aws/analytics/clickhouse.d.ts

@@ -0,0 +1,15 @@
+import { Connections, type IConnectable } from "aws-cdk-lib/aws-ec2";
+import { Construct } from "constructs";
+import type { ClickHouseProps, ClickHouseOutputs } from "./clickhouseTypes.js";
+/**
+ * ClickHouse analytics infrastructure.
+ *
+ * Creates a single-node ClickHouse instance on ECS EC2 with a dedicated
+ * gp3 EBS volume for data persistence. Designed for analytical workloads
+ * (cost aggregation, deployment metrics, audit logs) rather than OLTP.
+ */
+export default class ClickHouse extends Construct implements IConnectable {
+    readonly connections: Connections;
+    readonly outputs: ClickHouseOutputs;
+    constructor(scope: Construct, id: string, props: ClickHouseProps);
+}