@granite-js/pulumi-aws 0.1.34 → 1.0.1

package/dist/{dist-es-OZGLUDWT.js → dist-es-PIWY5TOR.js}

@@ -4,37 +4,46 @@ import {
   getSSOTokenFromFile,
   loadSsoSessionData,
   parseKnownFiles
-} from "./chunk-KGNTV362.js";
+} from "./chunk-WDFKVCPC.js";
 import {
   setCredentialFeature
-} from "./chunk-ITI6QA2Q.js";
-import "./chunk-M5GUUX64.js";
+} from "./chunk-3OYGHA4S.js";
 import {
   CredentialsProviderError,
-  TokenProviderError
-} from "./chunk-W3VXP3A3.js";
-import "./chunk-JSBRDJBE.js";
+  ProviderError
+} from "./chunk-S4LJWEXU.js";
 
-// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.817.0-594516ea78-5f5d4569c9.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js
+// ../../.yarn/cache/@smithy-property-provider-npm-4.2.5-86dfaa488e-bea8cf1758.zip/node_modules/@smithy/property-provider/dist-es/TokenProviderError.js
+var TokenProviderError = class _TokenProviderError extends ProviderError {
+  name = "TokenProviderError";
+  constructor(message, options = true) {
+    super(message, options);
+    Object.setPrototypeOf(this, _TokenProviderError.prototype);
+  }
+};
+
+// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.940.0-2be651c1ce-fd6397d6df.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/isSsoProfile.js
 var isSsoProfile = (arg) => arg && (typeof arg.sso_start_url === "string" || typeof arg.sso_account_id === "string" || typeof arg.sso_session === "string" || typeof arg.sso_region === "string" || typeof arg.sso_role_name === "string");
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/constants.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/constants.js
 var EXPIRE_WINDOW_MS = 5 * 60 * 1e3;
 var REFRESH_MESSAGE = `To refresh this SSO session run 'aws sso login' with the corresponding profile.`;
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/getSsoOidcClient.js
 var getSsoOidcClient = async (ssoRegion, init = {}) => {
-  const { SSOOIDCClient } = await import("./sso-oidc-55SJ27II.js");
+  const { SSOOIDCClient } = await import("./sso-oidc-FQQGUOJL.js");
+  const coalesce = (prop) => init.clientConfig?.[prop] ?? init.parentClientConfig?.[prop];
   const ssoOidcClient = new SSOOIDCClient(Object.assign({}, init.clientConfig ?? {}, {
     region: ssoRegion ?? init.clientConfig?.region,
-    logger: init.clientConfig?.logger ?? init.parentClientConfig?.logger
+    logger: coalesce("logger"),
+    userAgentAppId: coalesce("userAgentAppId")
   }));
   return ssoOidcClient;
 };
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/getNewSsoOidcToken.js
 var getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {
-  const { CreateTokenCommand } = await import("./sso-oidc-55SJ27II.js");
+  const { CreateTokenCommand } = await import("./sso-oidc-FQQGUOJL.js");
   const ssoOidcClient = await getSsoOidcClient(ssoRegion, init);
   return ssoOidcClient.send(new CreateTokenCommand({
     clientId: ssoToken.clientId,
@@ -44,21 +53,21 @@ var getNewSsoOidcToken = async (ssoToken, ssoRegion, init = {}) => {
   }));
 };
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/validateTokenExpiry.js
 var validateTokenExpiry = (token) => {
   if (token.expiration && token.expiration.getTime() < Date.now()) {
     throw new TokenProviderError(`Token is expired. ${REFRESH_MESSAGE}`, false);
   }
 };
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/validateTokenKey.js
 var validateTokenKey = (key, value, forRefresh = false) => {
   if (typeof value === "undefined") {
     throw new TokenProviderError(`Value not present for '${key}' in SSO Token${forRefresh ? ". Cannot refresh" : ""}. ${REFRESH_MESSAGE}`, false);
   }
 };
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/writeSSOTokenToFile.js
 import { promises as fsPromises } from "fs";
 var { writeFile } = fsPromises;
 var writeSSOTokenToFile = (id, ssoToken) => {
@@ -67,7 +76,7 @@ var writeSSOTokenToFile = (id, ssoToken) => {
   return writeFile(tokenFilepath, tokenString);
 };
 
-// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.817.0-fe7c07f79c-fdb06b3bb2.zip/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js
+// ../../.yarn/cache/@aws-sdk-token-providers-npm-3.940.0-95e61914c7-6dc90385d5.zip/node_modules/@aws-sdk/token-providers/dist-es/fromSso.js
 var lastRefreshAttemptTime = /* @__PURE__ */ new Date(0);
 var fromSso = (_init = {}) => async ({ callerClientConfig } = {}) => {
   const init = {
@@ -146,14 +155,19 @@ var fromSso = (_init = {}) => async ({ callerClientConfig } = {}) => {
   }
 };
 
-// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.817.0-594516ea78-5f5d4569c9.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js
+// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.940.0-2be651c1ce-fd6397d6df.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/resolveSSOCredentials.js
 var SHOULD_FAIL_CREDENTIAL_CHAIN = false;
-var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, logger }) => {
+var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoRegion, ssoRoleName, ssoClient, clientConfig, parentClientConfig, profile, filepath, configFilepath, ignoreCache, logger }) => {
   let token;
   const refreshMessage = `To refresh this SSO session run aws sso login with the corresponding profile.`;
   if (ssoSession) {
     try {
-      const _token = await fromSso({ profile })();
+      const _token = await fromSso({
+        profile,
+        filepath,
+        configFilepath,
+        ignoreCache
+      })();
       token = {
         accessToken: _token.token,
         expiresAt: new Date(_token.expiration).toISOString()
@@ -181,10 +195,11 @@ var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoR
     });
   }
   const { accessToken } = token;
-  const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso-T7GJVVO2.js");
+  const { SSOClient, GetRoleCredentialsCommand } = await import("./loadSso-LG7MFP7N.js");
   const sso = ssoClient || new SSOClient(Object.assign({}, clientConfig ?? {}, {
     logger: clientConfig?.logger ?? parentClientConfig?.logger,
-    region: clientConfig?.region ?? ssoRegion
+    region: clientConfig?.region ?? ssoRegion,
+    userAgentAppId: clientConfig?.userAgentAppId ?? parentClientConfig?.userAgentAppId
   }));
   let ssoResp;
   try {
@@ -222,7 +237,7 @@ var resolveSSOCredentials = async ({ ssoStartUrl, ssoSession, ssoAccountId, ssoR
   return credentials;
 };
 
-// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.817.0-594516ea78-5f5d4569c9.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js
+// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.940.0-2be651c1ce-fd6397d6df.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/validateSsoProfile.js
 var validateSsoProfile = (profile, logger) => {
   const { sso_start_url, sso_account_id, sso_region, sso_role_name } = profile;
   if (!sso_start_url || !sso_account_id || !sso_region || !sso_role_name) {
@@ -232,7 +247,7 @@ Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.ht
   return profile;
 };
 
-// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.817.0-594516ea78-5f5d4569c9.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js
+// ../../.yarn/cache/@aws-sdk-credential-provider-sso-npm-3.940.0-2be651c1ce-fd6397d6df.zip/node_modules/@aws-sdk/credential-provider-sso/dist-es/fromSSO.js
 var fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {
   init.logger?.debug("@aws-sdk/credential-provider-sso - fromSSO");
   const { ssoStartUrl, ssoAccountId, ssoRegion, ssoRoleName, ssoSession } = init;
@@ -280,7 +295,11 @@ var fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {
       ssoClient,
       clientConfig: init.clientConfig,
       parentClientConfig: init.parentClientConfig,
-      profile: profileName
+      profile: profileName,
+      filepath: init.filepath,
+      configFilepath: init.configFilepath,
+      ignoreCache: init.ignoreCache,
+      logger: init.logger
     });
   } else if (!ssoStartUrl || !ssoAccountId || !ssoRegion || !ssoRoleName) {
     throw new CredentialsProviderError('Incomplete configuration. The fromSSO() argument hash must include "ssoStartUrl", "ssoAccountId", "ssoRegion", "ssoRoleName"', { tryNextLink: false, logger: init.logger });
@@ -294,7 +313,11 @@ var fromSSO = (init = {}) => async ({ callerClientConfig } = {}) => {
       ssoClient,
       clientConfig: init.clientConfig,
       parentClientConfig: init.parentClientConfig,
-      profile: profileName
+      profile: profileName,
+      filepath: init.filepath,
+      configFilepath: init.configFilepath,
+      ignoreCache: init.ignoreCache,
+      logger: init.logger
     });
   }
 };

package/dist/{dist-es-ADTONJUN-RVFWNZHO.js → dist-es-R4LD2OHZ-B5MB6BR2.js}

@@ -1,23 +1,21 @@
+import {
+  externalDataInterceptor
+} from "./chunk-GJFKL6XM.js";
 import {
   setCredentialFeature
-} from "./chunk-64IS37V6.js";
+} from "./chunk-RYIGWCGK.js";
 import {
-  CredentialsProviderError,
-  init_esm_shims
-} from "./chunk-JBVMOFGH.js";
-import "./chunk-JSBRDJBE.js";
+  CredentialsProviderError
+} from "./chunk-THUA35UY.js";
 
-// ../deployment-manager/dist/dist-es-ADTONJUN.js
+// ../deployment-manager/dist/dist-es-R4LD2OHZ.js
 import { readFileSync } from "fs";
-init_esm_shims();
-init_esm_shims();
-init_esm_shims();
 var fromWebToken = (init) => async (awsIdentityProperties) => {
   init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromWebToken");
   const { roleArn, roleSessionName, webIdentityToken, providerId, policyArns, policy, durationSeconds } = init;
   let { roleAssumerWithWebIdentity } = init;
   if (!roleAssumerWithWebIdentity) {
-    const { getDefaultRoleAssumerWithWebIdentity } = await import("./sts-P7Q3MYTS-BKGWHQE4.js");
+    const { getDefaultRoleAssumerWithWebIdentity } = await import("./sts-TBWJ374A-DHXXCVJJ.js");
     roleAssumerWithWebIdentity = getDefaultRoleAssumerWithWebIdentity({
       ...init.clientConfig,
       credentialProviderLogger: init.logger,
@@ -40,7 +38,7 @@ var fromWebToken = (init) => async (awsIdentityProperties) => {
 var ENV_TOKEN_FILE = "AWS_WEB_IDENTITY_TOKEN_FILE";
 var ENV_ROLE_ARN = "AWS_ROLE_ARN";
 var ENV_ROLE_SESSION_NAME = "AWS_ROLE_SESSION_NAME";
-var fromTokenFile = (init = {}) => async () => {
+var fromTokenFile = (init = {}) => async (awsIdentityProperties) => {
   init.logger?.debug("@aws-sdk/credential-provider-web-identity - fromTokenFile");
   const webIdentityTokenFile = init?.webIdentityTokenFile ?? process.env[ENV_TOKEN_FILE];
   const roleArn = init?.roleArn ?? process.env[ENV_ROLE_ARN];
@@ -52,10 +50,10 @@ var fromTokenFile = (init = {}) => async () => {
   }
   const credentials = await fromWebToken({
     ...init,
-    webIdentityToken: readFileSync(webIdentityTokenFile, { encoding: "ascii" }),
+    webIdentityToken: externalDataInterceptor?.getTokenRecord?.()[webIdentityTokenFile] ?? readFileSync(webIdentityTokenFile, { encoding: "ascii" }),
     roleArn,
     roleSessionName
-  })();
+  })(awsIdentityProperties);
   if (webIdentityTokenFile === process.env[ENV_TOKEN_FILE]) {
     setCredentialFeature(credentials, "CREDENTIALS_ENV_VARS_STS_WEB_ID_TOKEN", "h");
   }