npm - @jjrawlins/cdk-diff-pr-github-action - Versions diffs - 0.0.1-beta → 0.0.1 - Mend

@jjrawlins/cdk-diff-pr-github-action 0.0.1-beta → 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/.jsii +475 -33
package/.mergify.yml +102 -0
package/API.md +351 -11
package/README.md +223 -39
package/lib/CdkDiffIamTemplate.d.ts +3 -1
package/lib/CdkDiffIamTemplate.js +10 -5
package/lib/CdkDiffStackWorkflow.d.ts +2 -2
package/lib/CdkDiffStackWorkflow.js +19 -20
package/lib/CdkDriftDetectionWorkflow.d.ts +32 -0
package/lib/CdkDriftDetectionWorkflow.js +281 -0
package/lib/CdkDriftIamTemplate.d.ts +10 -0
package/lib/CdkDriftIamTemplate.js +77 -0
package/lib/bin/cdk-changeset-script.js +3 -3
package/lib/bin/cdk-drift-detection-script.d.ts +15 -0
package/lib/bin/cdk-drift-detection-script.js +196 -0
package/lib/bin/detect-drift.js +162 -0
package/lib/index.d.ts +2 -0
package/lib/index.js +3 -1
package/package.json +7 -2
package/sonar-project.properties +17 -0
package/.junie/guidelines.md +0 -62
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/.jsii +0 -3917
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/.junie/guidelines.md +0 -62
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/.tool-versions +0 -3
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/API.md +0 -276
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/LICENSE +0 -202
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/README.md +0 -146
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/CdkDiffIamTemplate.d.ts +0 -8
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/CdkDiffIamTemplate.js +0 -96
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/CdkDiffStackWorkflow.d.ts +0 -22
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/CdkDiffStackWorkflow.js +0 -144
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/bin/cdk-changeset-script.d.ts +0 -9
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/bin/cdk-changeset-script.js +0 -256
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/bin/describe-cfn-changeset.js +0 -204
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/index.d.ts +0 -2
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/index.js +0 -19
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/package.json +0 -137
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/yalc.lock +0 -10
package/.yalc/@jjrawlins/cdk-diff-pr-github-action/yalc.sig +0 -1
package/lib/bin/describe-cfn-changeset.d.ts +0 -1
package/lib/bin/describe-cfn-changeset.js +0 -204
package/yalc.lock +0 -10
/package/{.yalc/@jjrawlins/cdk-diff-pr-github-action/lib/bin/describe-cfn-changeset.d.ts → lib/bin/detect-drift.d.ts} +0 -0

package/README.md CHANGED Viewed

@@ -1,24 +1,24 @@
 # cdk-diff-pr-github-action
-A small Projen-based helper library that wires a GitHub workflow to create a CloudFormation Change Set for a CDK stack on every pull request, then comments the formatted diff back on the PR. It also provides a ready‑to‑deploy IAM template you can use to grant the minimal permissions required for the workflow to create and inspect change sets.
+A small Projen-based helper library that wires GitHub workflows for:
+- Creating CloudFormation Change Sets for your CDK stacks on pull requests and commenting a formatted diff back on the PR.
+- Detecting CloudFormation drift on a schedule or manual trigger and producing a consolidated summary (optionally creating an issue).
-This package exposes two constructs:
+It also provides ready‑to‑deploy IAM templates with the minimal permissions required for each workflow.
-- `CdkDiffStackWorkflow` — Generates one GitHub Actions workflow per stack that:
-  - Assumes your GitHub OIDC role
-  - Optionally chains into a separate CDK deploy role
-  - Runs `cdk deploy --no-execute` to create a change set
-  - Runs a generated script to render the change set as an HTML table and posts it to the PR and to the GitHub Step Summary
-  - Cleans up the change set
+This package exposes four constructs:
-- `CdkDiffIamTemplate` — Emits a CloudFormation template file (`cdk-diff-workflow-iam-template.yaml`) containing an example IAM role policy with the minimal permissions to create, describe, and delete CloudFormation change sets and read common CDK bootstrap resources. You can launch this in your account and then reference the created role.
+- `CdkDiffStackWorkflow` — Generates one GitHub Actions workflow per stack to create a change set and render the diff back to the PR and Step Summary.
+- `CdkDiffIamTemplate` — Emits a CloudFormation template file with minimal permissions for the Change Set workflow.
+- `CdkDriftDetectionWorkflow` — Generates a GitHub Actions workflow to detect CloudFormation drift per stack, upload machine‑readable results, and aggregate a summary.
+- `CdkDriftIamTemplate` — Emits a CloudFormation template file with minimal permissions for the Drift Detection workflow.
 ## Quick start
 1) Add the constructs to your Projen project (in `.projenrc.ts`).
 2) Synthesize with `npx projen`.
 3) Commit the generated files.
-4) Open a pull request — the workflow will create a change set and comment the diff.
+4) Open a pull request or run the drift detection workflow.
 ## Usage: CdkDiffStackWorkflow
@@ -32,7 +32,7 @@ import { CdkDiffStackWorkflow } from '@jjrawlins/cdk-diff-pr-github-action';
 const project = new awscdk.AwsCdkConstructLibrary({
   // ... your usual settings ...
-  name: 'my-lib',
+  workflowName: 'my-lib',
   defaultReleaseBranch: 'main',
   cdkVersion: '2.85.0',
   github: true,
@@ -40,12 +40,11 @@ const project = new awscdk.AwsCdkConstructLibrary({
 new CdkDiffStackWorkflow({
   project,
-  // Stacks to diff on PRs
   stacks: [
     {
       stackName: 'MyAppStack',
-      cdkDiffRoleToAssumeArn: 'arn:aws:iam::123456789012:role/cdk-diff-role',
-      cdkDiffRoleToAssumeRegion: 'us-east-1',
+      changesetRoleToAssumeArn: 'arn:aws:iam::123456789012:role/cdk-diff-role',
+      changesetRoleToAssumeRegion: 'us-east-1',
       // Optional per‑stack OIDC override (if not using the defaults below)
       // oidcRoleArn: 'arn:aws:iam::123456789012:role/github-oidc-role',
       // oidcRegion: 'us-east-1',
@@ -55,29 +54,31 @@ new CdkDiffStackWorkflow({
   oidcRoleArn: 'arn:aws:iam::123456789012:role/github-oidc-role',
   oidcRegion: 'us-east-1',
   // Optional: Node version used in the workflow (default: '24.x')
-  // nodeVersion: '20.x',
+  // nodeVersion: '24.x',
   // Optional: Yarn command to run CDK (default: 'cdk')
   // cdkYarnCommand: 'cdk',
-  // Optional: Where to place the helper script
+  // Optional: Where to place the helper script (default: '.github/workflows/scripts/describe-cfn-changeset.ts')
   // scriptOutputPath: '.github/workflows/scripts/describe-cfn-changeset.ts',
 });
 project.synth();
 ```
-### Required properties
-- `project` (AwsCdkTypeScriptApp) — Your Projen project instance.
-- `stacks` (array) — One entry per CDK stack you want a diff for.
-- OIDC configuration: either
-  - Provide `oidcRoleArn` and `oidcRegion` at the top level, or
-  - Provide `oidcRoleArn` and `oidcRegion` on every stack item.
+### CdkDiffStackWorkflow props
+- `project` (required) — Your Projen project instance.
+- `stacks` (required) — Array of stack entries.
+- `oidcRoleArn` (required unless provided per‑stack) — Default OIDC role ARN.
+- `oidcRegion` (required unless provided per‑stack) — Default OIDC region.
+- `nodeVersion` (optional, default `'24.x'`) — Node.js version for the workflow runner.
+- `cdkYarnCommand` (optional, default `'cdk'`) — Yarn script/command to invoke CDK.
+- `scriptOutputPath` (optional, default `'.github/workflows/scripts/describe-cfn-changeset.ts'`) — Where to write the helper script.
-If neither the defaults nor all per‑stack values are supplied, the construct throws with a helpful error.
+If neither top‑level OIDC defaults nor all per‑stack values are supplied, the construct throws a helpful error.
 ### Stack item fields
-- `stackName` — The CDK stack name to create the change set for.
-- `cdkDiffRoleToAssumeArn` — The ARN of the role used to create the change set (role chaining after OIDC).
-- `cdkDiffRoleToAssumeRegion` — The region for that role.
+- `stackName` (required) — The CDK stack name to create the change set for.
+- `changesetRoleToAssumeArn` (required) — The ARN of the role used to create the change set (role chaining after OIDC).
+- `changesetRoleToAssumeRegion` (required) — The region for that role.
 - `oidcRoleArn` (optional) — Per‑stack override for the OIDC role.
 - `oidcRegion` (optional) — Per‑stack override for the OIDC region.
@@ -89,10 +90,10 @@ If neither the defaults nor all per‑stack values are supplied, the construct t
   - Renders an HTML table with actions, logical IDs, types, replacements, and changed properties
   - Prints the HTML, appends to the GitHub Step Summary, and (if `GITHUB_TOKEN` and `GITHUB_COMMENT_URL` are present) posts a PR comment
-### Environment variables used by the script
+### Environment variables used by the change set script
 - `STACK_NAME` (required) — Stack name to describe.
 - `CHANGE_SET_NAME` (default: same as `STACK_NAME`).
-- `AWS_REGION` — Region for CloudFormation API calls. The workflow sets this via the credentials action.
+- `AWS_REGION` — Region for CloudFormation API calls. The workflow sets this via the credentials action(s).
 - `GITHUB_TOKEN` (optional) — If set with `GITHUB_COMMENT_URL`, posts a PR comment.
 - `GITHUB_COMMENT_URL` (optional) — PR comments URL.
 - `GITHUB_STEP_SUMMARY` (optional) — When present, appends the HTML to the step summary file.
@@ -101,7 +102,7 @@ If neither the defaults nor all per‑stack values are supplied, the construct t
 ## Usage: CdkDiffIamTemplate
-Add `CdkDiffIamTemplate` to your Projen project to emit an example IAM template you can deploy in your account:
+Emit an example IAM template you can deploy in your account for the Change Set workflow:
 ```ts
 import { awscdk } from 'projen';
@@ -111,29 +112,212 @@ const project = new awscdk.AwsCdkConstructLibrary({
   // ...
 });
-new CdkDiffIamTemplate({ project });
+new CdkDiffIamTemplate({
+  project,
+  roleName: 'cdk-diff-role',
+  oidcRoleArn: 'arn:aws:iam::123456789012:role/github-oidc-role',
+  oidcRegion: 'us-east-1',
+  // Optional: custom output path (default: 'cdk-diff-workflow-iam-template.yaml')
+  // outputPath: 'infra/cdk-diff-iam.yaml',
+});
 project.synth();
 ```
-This will write `cdk-diff-workflow-iam-template.yaml` at the project root. The template defines:
-- A parameter `GitHubOIDCRoleArn` — pass the ARN of your existing GitHub OIDC role that will assume the change set role.
-- An IAM role `CdkChangesetRole` with minimal permissions for:
+This writes `cdk-diff-workflow-iam-template.yaml` at the project root (or your chosen `outputPath`). The template defines:
+- Parameter `GitHubOIDCRoleArn` with a default from `oidcRoleArn` — the ARN of your existing GitHub OIDC role allowed to assume the change set role.
+- IAM role `CdkChangesetRole` with minimal permissions for:
   - CloudFormation Change Set operations
   - Access to common CDK bootstrap S3 buckets and SSM parameters
   - `iam:PassRole` to `cloudformation.amazonaws.com`
 - Outputs exporting the role name and ARN.
-You can deploy the file via CloudFormation/StackSets and then use the created role ARN as the `cdkDiffRoleToAssumeArn` in your workflow configuration.
+A Projen task is also added:
+```bash
+npx projen deploy-cdkdiff-iam-template -- --parameter-overrides GitHubOIDCRoleArn=... # plus any extra AWS CLI args
+```
+Use the created role ARN as `changesetRoleToAssumeArn` in `CdkDiffStackWorkflow`.
+---
+## Usage: CdkDriftDetectionWorkflow
+`CdkDriftDetectionWorkflow` creates a single workflow file (default `drift-detection.yml`) that can run on a schedule and via manual dispatch. It generates a helper script at `.github/workflows/scripts/detect-drift.ts` (by default) that uses AWS SDK v3 to run drift detection, write optional machine‑readable JSON, and print an HTML report for the Step Summary.
+Example `.projenrc.ts`:
+```ts
+import { awscdk } from 'projen';
+import { CdkDriftDetectionWorkflow } from '@jjrawlins/cdk-diff-pr-github-action';
+const project = new awscdk.AwsCdkConstructLibrary({ github: true, /* ... */ });
+new CdkDriftDetectionWorkflow({
+  project,
+  workflowName: 'Drift Detection',            // optional; file name derived as 'drift-detection.yml'
+  schedule: '0 1 * * *',                      // optional cron
+  createIssues: true,                         // default true; create/update issue when drift detected on schedule
+  oidcRoleArn: 'arn:aws:iam::123456789012:role/github-oidc-role',
+  oidcRegion: 'us-east-1',
+  // Optional: Node version (default '24.x')
+  // nodeVersion: '24.x',
+  // Optional: Where to place the helper script (default '.github/workflows/scripts/detect-drift.ts')
+  // scriptOutputPath: '.github/workflows/scripts/detect-drift.ts',
+  stacks: [
+    {
+      stackName: 'MyAppStack-Prod',
+      driftDetectionRoleToAssumeArn: 'arn:aws:iam::123456789012:role/cdk-drift-role',
+      driftDetectionRoleToAssumeRegion: 'us-east-1',
+      // failOnDrift: true, // optional (default true)
+    },
+  ],
+});
+project.synth();
+```
+### CdkDriftDetectionWorkflow props
+- `project` (required) — Your Projen project instance.
+- `stacks` (required) — Array of stacks to check.
+- `oidcRoleArn` (required) — Default OIDC role ARN used before chaining into per‑stack drift roles.
+- `oidcRegion` (required) — Default OIDC region.
+- `workflowName` (optional, default `'drift-detection'`) — Human‑friendly workflow name; the file name is derived in kebab‑case.
+- `schedule` (optional) — Cron expression for automatic runs.
+- `createIssues` (optional, default `true`) — When true, scheduled runs will create/update a GitHub issue if drift is detected.
+- `nodeVersion` (optional, default `'24.x'`) — Node.js version for the runner.
+- `scriptOutputPath` (optional, default `'.github/workflows/scripts/detect-drift.ts'`) — Where to write the helper script.
+### Per‑stack fields
+- `stackName` (required) — The full CloudFormation stack name.
+- `driftDetectionRoleToAssumeArn` (required) — Role to assume (after OIDC) for making drift API calls.
+- `driftDetectionRoleToAssumeRegion` (required) — Region for that role and API calls.
+- `failOnDrift` (optional, default `true`) — Intended to fail the detection step on drift. The provided script exits with non‑zero when drift is found; the job continues to allow artifact upload and issue creation.
+### What gets generated
+- `.github/workflows/<kebab(workflowName)>.yml` — A workflow with one job per stack plus a final summary job.
+- `.github/workflows/scripts/detect-drift.ts` — Helper script that:
+  - Starts drift detection and polls until completion
+  - Lists non‑`IN_SYNC` resources and builds an HTML report
+  - Writes optional JSON to `DRIFT_DETECTION_OUTPUT` when set
+  - Prints to stdout and appends to the GitHub Step Summary when available
+### Artifacts and summary
+- Each stack job uploads `drift-results-<stack>.json` (if produced).
+- A final `Drift Detection Summary` job downloads all artifacts and prints a consolidated summary.
+### Manual dispatch
+- The workflow exposes an input named `stack` with choices including each configured stack and an `all` option.
+- Choose a specific stack to run drift detection for that stack only, or select `all` (or leave the input empty) to run all stacks.
+Note: The default workflow does not post PR comments for drift. It can create/update an Issue on scheduled runs when `createIssues` is `true`.
+### Post-notification steps (e.g., Slack)
+You can add your own GitHub Action steps to run after the drift detection step for each stack using `postGitHubSteps`.
+Provide your own Slack payload/markdown (this library no longer generates a payload step for you).
+Option A: slackapi/slack-github-action (Incoming Webhook, official syntax)
+```ts
+new CdkDriftDetectionWorkflow({
+  project,
+  oidcRoleArn: 'arn:aws:iam::123456789012:role/github-oidc-role',
+  oidcRegion: 'us-east-1',
+  stacks: [/* ... */],
+  postGitHubSteps: ({ stack }) => {
+    // Build a descriptive name per stack
+    const name = `Notify Slack (${stack} post-drift)`;
+    const step = {
+      name,
+      uses: 'slackapi/slack-github-action@v2.1.1',
+      // by default, post steps run only when drift is detected; you can override `if`
+      if: "always() && steps.drift.outcome == 'failure'",
+      // Use official inputs: webhook + webhook-type, and a YAML payload with blocks
+      with: {
+        webhook: '${{ secrets.CDK_NOTIFICATIONS_SLACK_WEBHOOK }}',
+        'webhook-type': 'incoming-webhook',
+        payload: [
+          'text: "** ${{ env.STACK_NAME }} ** has drifted!"',
+          'blocks:',
+          '  - type: "section"',
+          '    text:',
+          '      type: "mrkdwn"',
+          '      text: "*Stack:* ${{ env.STACK_NAME }} (region ${{ env.AWS_REGION }}) has drifted:exclamation:"',
+          '  - type: "section"',
+          '    fields:',
+          '      - type: "mrkdwn"',
+          '        text: "*Stack ARN*\\n${{ steps.drift.outputs.stack-arn }}"',
+          '      - type: "mrkdwn"',
+          '        text: "*Issue*\\n<${{ github.server_url }}/${{ github.repository }}/issues/${{ steps.issue.outputs.result }}|#${{ steps.issue.outputs.result }}>"',
+        ].join('\n'),
+      },
+    };
+    return [step];
+  },
+});
+```
+Note: The Issue link requires `createIssues: true` (default) so that the `Create Issue on Drift` step runs before this Slack step and exposes `steps.issue.outputs.result`. This library orders the steps accordingly.
+Details:
+- `postGitHubSteps` can be:
+  - an array of step objects, or
+  - a factory function `({ stack }) => step | step[]`.
+- Each step you provide is inserted after the results are uploaded.
+- Default condition: if you do not set `if` on your step, it will default to `always() && steps.drift.outcome == 'failure'`.
+- Available context/env you can use:
+  - `${{ env.STACK_NAME }}`, `${{ env.DRIFT_DETECTION_OUTPUT }}`
+  - `${{ steps.drift.outcome }}` — success/failure of the detect step
+  - `${{ steps.drift.outputs.stack-arn }}` — Stack ARN resolved at runtime
+  - `${{ steps.issue.outputs.result }}` — Issue number if the workflow created/found one (empty when not applicable)
+```
+## Usage: CdkDriftIamTemplate
+Emit an example IAM template you can deploy in your account for the Drift Detection workflow:
+```ts
+import { awscdk } from 'projen';
+import { CdkDriftIamTemplate } from '@jjrawlins/cdk-diff-pr-github-action';
+const project = new awscdk.AwsCdkConstructLibrary({
+  // ...
+});
+new CdkDriftIamTemplate({
+  project,
+  roleName: 'cdk-drift-role',
+  oidcRoleArn: 'arn:aws:iam::123456789012:role/github-oidc-role',
+  oidcRegion: 'us-east-1',
+  // Optional: custom output path (default: 'cdk-drift-workflow-iam-template.yaml')
+  // outputPath: 'infra/cdk-drift-iam.yaml',
+});
+project.synth();
+```
+This writes `cdk-drift-workflow-iam-template.yaml` at the project root (or your chosen `outputPath`). The template defines:
+- Parameter `GitHubOIDCRoleArn` with a default from `oidcRoleArn` — the ARN of your existing GitHub OIDC role allowed to assume this drift role.
+- IAM role `CdkDriftRole` with minimal permissions for CloudFormation drift detection operations.
+- Outputs exporting the role name and ARN.
+A Projen task is also added:
+```bash
+npx projen deploy-cdkdrift-iam-template -- --parameter-overrides GitHubOIDCRoleArn=... # plus any extra AWS CLI args
+```
 ## Testing
 This repository includes Jest tests that snapshot the synthesized outputs from Projen and assert that:
-- Workflows are created per stack and contain all expected steps.
-- Only one script file is generated.
-- Per‑stack OIDC overrides are respected.
+- Diff workflows are created per stack and contain all expected steps.
+- Drift detection workflow produces one job per stack and a summary job.
+- Only one helper script file is generated per workflow type.
+- Per‑stack OIDC overrides (where supported) are respected.
 - Helpful validation errors are thrown for missing OIDC settings.
-- The IAM template file contains the expected resources and outputs.
+- The IAM template files contain the expected resources and outputs.
 Run tests with:
@@ -143,4 +327,4 @@ yarn test
 ## Notes
 - This package assumes your repository is configured with GitHub Actions and that you have a GitHub OIDC role configured in AWS.
-- The generated script uses the AWS SDK v3 for CloudFormation and posts comments using the GitHub REST API.
+- The generated scripts use the AWS SDK v3 for CloudFormation and, where applicable, the GitHub REST API.

package/lib/CdkDiffIamTemplate.d.ts CHANGED Viewed

@@ -1,7 +1,9 @@
 export interface CdkDiffIamTemplateProps {
     readonly project: any;
+    readonly roleName: string;
     readonly outputPath?: string;
-    readonly stackName?: string;
+    readonly oidcRoleArn: string;
+    readonly oidcRegion: string;
 }
 export declare class CdkDiffIamTemplate {
     constructor(props: CdkDiffIamTemplateProps);

package/lib/CdkDiffIamTemplate.js CHANGED Viewed

@@ -7,6 +7,11 @@ const projen_1 = require("projen");
 class CdkDiffIamTemplate {
     constructor(props) {
         const outputPath = props.outputPath ?? 'cdk-diff-workflow-iam-template.yaml';
+        props.project.addTask('deploy-cdkdiff-iam-template', {
+            description: 'Deploy the CDK Diff IAM template via CloudFormation (accepts extra AWS CLI args, e.g., --parameter-overrides Key=Value...)',
+            receiveArgs: true,
+            exec: `aws cloudformation deploy --template-file ${outputPath} --stack-name cdk-diff-workflow-iam-role --capabilities CAPABILITY_NAMED_IAM`,
+        });
         new projen_1.TextFile(props.project, outputPath, {
             lines: [
                 "AWSTemplateFormatVersion: '2010-09-09'",
@@ -16,14 +21,14 @@ class CdkDiffIamTemplate {
                 '  GitHubOIDCRoleArn:',
                 '    Type: String',
                 "    Description: 'ARN of the existing GitHub OIDC role that can assume this changeset role'",
-                "    Default: 'arn:aws:iam::123456789012:role/github-oidc-role'",
+                `    Default: '${props.oidcRoleArn}'`,
                 '',
                 'Resources:',
                 '  # CloudFormation ChangeSet Role - minimal permissions for changeset operations',
                 '  CdkChangesetRole:',
                 '    Type: AWS::IAM::Role',
                 '    Properties:',
-                "      RoleName: !Sub '${AWS::StackName}-cdk-changeset-role'",
+                "      RoleName: '" + props.roleName + "'",
                 '      AssumeRolePolicyDocument:',
                 "        Version: '2012-10-17'",
                 '        Statement:',
@@ -33,7 +38,7 @@ class CdkDiffIamTemplate {
                 '            Action: sts:AssumeRole',
                 '            Condition:',
                 '              StringEquals:',
-                "                'aws:RequestedRegion': 'us-east-2'  # Adjust region as needed",
+                "                aws:RequestedRegion: '" + props.oidcRegion + "'",
                 '      Policies:',
                 '        - PolicyName: CloudFormationChangeSetAccess',
                 '          PolicyDocument:',
@@ -92,5 +97,5 @@ class CdkDiffIamTemplate {
 }
 exports.CdkDiffIamTemplate = CdkDiffIamTemplate;
 _a = JSII_RTTI_SYMBOL_1;
-CdkDiffIamTemplate[_a] = { fqn: "@jjrawlins/cdk-diff-pr-github-action.CdkDiffIamTemplate", version: "0.0.0" };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2RrRGlmZklhbVRlbXBsYXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL0Nka0RpZmZJYW1UZW1wbGF0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLG1DQUFrQztBQVFsQyxNQUFhLGtCQUFrQjtJQUM3QixZQUFZLEtBQThCO1FBQ3hDLE1BQU0sVUFBVSxHQUFHLEtBQUssQ0FBQyxVQUFVLElBQUkscUNBQXFDLENBQUM7UUFFN0UsSUFBSSxpQkFBUSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsVUFBVSxFQUFFO1lBQ3RDLEtBQUssRUFBRTtnQkFDTCx3Q0FBd0M7Z0JBQ3hDLCtEQUErRDtnQkFDL0QsRUFBRTtnQkFDRixhQUFhO2dCQUNiLHNCQUFzQjtnQkFDdEIsa0JBQWtCO2dCQUNsQiw2RkFBNkY7Z0JBQzdGLGdFQUFnRTtnQkFDaEUsRUFBRTtnQkFDRixZQUFZO2dCQUNaLGtGQUFrRjtnQkFDbEYscUJBQXFCO2dCQUNyQiwwQkFBMEI7Z0JBQzFCLGlCQUFpQjtnQkFDakIsNkRBQTZEO2dCQUM3RCxpQ0FBaUM7Z0JBQ2pDLCtCQUErQjtnQkFDL0Isb0JBQW9CO2dCQUNwQiwyQkFBMkI7Z0JBQzNCLHdCQUF3QjtnQkFDeEIsMkNBQTJDO2dCQUMzQyxvQ0FBb0M7Z0JBQ3BDLHdCQUF3QjtnQkFDeEIsNkJBQTZCO2dCQUM3QiwrRUFBK0U7Z0JBQy9FLGlCQUFpQjtnQkFDakIscURBQXFEO2dCQUNyRCwyQkFBMkI7Z0JBQzNCLG1DQUFtQztnQkFDbkMsd0JBQXdCO2dCQUN4QixxREFBcUQ7Z0JBQ3JELCtCQUErQjtnQkFDL0IseUJBQXlCO2dCQUN6QixvREFBb0Q7Z0JBQ3BELHNEQUFzRDtnQkFDdEQsb0RBQW9EO2dCQUNwRCxtREFBbUQ7Z0JBQ25ELG1EQUFtRDtnQkFDbkQsK0JBQStCO2dCQUMvQixzRUFBc0U7Z0JBQ3RFLCtCQUErQjtnQkFDL0IseUJBQXlCO2dCQUN6QixrQ0FBa0M7Z0JBQ2xDLGtDQUFrQztnQkFDbEMscUNBQXFDO2dCQUNyQyxtQ0FBbUM7Z0JBQ25DLDJCQUEyQjtnQkFDM0IsZ0ZBQWdGO2dCQUNoRixrRkFBa0Y7Z0JBQ2xGLGdEQUFnRDtnQkFDaEQsK0JBQStCO2dCQUMvQix5QkFBeUI7Z0JBQ3pCLHNDQUFzQztnQkFDdEMsdUNBQXVDO2dCQUN2Qyw2Q0FBNkM7Z0JBQzdDLHlHQUF5RztnQkFDekcsaURBQWlEO2dCQUNqRCwrQkFBK0I7Z0JBQy9CLHlCQUF5QjtnQkFDekIsa0NBQWtDO2dCQUNsQywrQkFBK0I7Z0JBQy9CLDRCQUE0QjtnQkFDNUIsaUNBQWlDO2dCQUNqQywyRUFBMkU7Z0JBQzNFLEVBQUU7Z0JBQ0YsVUFBVTtnQkFDVix3QkFBd0I7Z0JBQ3hCLGtEQUFrRDtnQkFDbEQseUNBQXlDO2dCQUN6QyxhQUFhO2dCQUNiLDBEQUEwRDtnQkFDMUQsRUFBRTtnQkFDRix5QkFBeUI7Z0JBQ3pCLG1EQUFtRDtnQkFDbkQsa0NBQWtDO2dCQUNsQyxhQUFhO2dCQUNiLDJEQUEyRDthQUM1RDtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBckZILGdEQXNGQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IFRleHRGaWxlIH0gZnJvbSAncHJvamVuJztcblxuZXhwb3J0IGludGVyZmFjZSBDZGtEaWZmSWFtVGVtcGxhdGVQcm9wcyB7XG4gIHJlYWRvbmx5IHByb2plY3Q6IGFueTtcbiAgcmVhZG9ubHkgb3V0cHV0UGF0aD86IHN0cmluZztcbiAgcmVhZG9ubHkgc3RhY2tOYW1lPzogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgQ2RrRGlmZklhbVRlbXBsYXRlIHtcbiAgY29uc3RydWN0b3IocHJvcHM6IENka0RpZmZJYW1UZW1wbGF0ZVByb3BzKSB7XG4gICAgY29uc3Qgb3V0cHV0UGF0aCA9IHByb3BzLm91dHB1dFBhdGggPz8gJ2Nkay1kaWZmLXdvcmtmbG93LWlhbS10ZW1wbGF0ZS55YW1sJztcblxuICAgIG5ldyBUZXh0RmlsZShwcm9wcy5wcm9qZWN0LCBvdXRwdXRQYXRoLCB7XG4gICAgICBsaW5lczogW1xuICAgICAgICBcIkFXU1RlbXBsYXRlRm9ybWF0VmVyc2lvbjogJzIwMTAtMDktMDknXCIsXG4gICAgICAgIFwiRGVzY3JpcHRpb246ICdJQU0gcm9sZSBmb3IgQ0RLIERpZmYgU3RhY2sgV29ya2Zsb3cgY29uc3RydWN0J1wiLFxuICAgICAgICAnJyxcbiAgICAgICAgJ1BhcmFtZXRlcnM6JyxcbiAgICAgICAgJyAgR2l0SHViT0lEQ1JvbGVBcm46JyxcbiAgICAgICAgJyAgICBUeXBlOiBTdHJpbmcnLFxuICAgICAgICBcIiAgICBEZXNjcmlwdGlvbjogJ0FSTiBvZiB0aGUgZXhpc3RpbmcgR2l0SHViIE9JREMgcm9sZSB0aGF0IGNhbiBhc3N1bWUgdGhpcyBjaGFuZ2VzZXQgcm9sZSdcIixcbiAgICAgICAgXCIgICAgRGVmYXVsdDogJ2Fybjphd3M6aWFtOjoxMjM0NTY3ODkwMTI6cm9sZS9naXRodWItb2lkYy1yb2xlJ1wiLFxuICAgICAgICAnJyxcbiAgICAgICAgJ1Jlc291cmNlczonLFxuICAgICAgICAnICAjIENsb3VkRm9ybWF0aW9uIENoYW5nZVNldCBSb2xlIC0gbWluaW1hbCBwZXJtaXNzaW9ucyBmb3IgY2hhbmdlc2V0IG9wZXJhdGlvbnMnLFxuICAgICAgICAnICBDZGtDaGFuZ2VzZXRSb2xlOicsXG4gICAgICAgICcgICAgVHlwZTogQVdTOjpJQU06OlJvbGUnLFxuICAgICAgICAnICAgIFByb3BlcnRpZXM6JyxcbiAgICAgICAgXCIgICAgICBSb2xlTmFtZTogIVN1YiAnJHtBV1M6OlN0YWNrTmFtZX0tY2RrLWNoYW5nZXNldC1yb2xlJ1wiLFxuICAgICAgICAnICAgICAgQXNzdW1lUm9sZVBvbGljeURvY3VtZW50OicsXG4gICAgICAgIFwiICAgICAgICBWZXJzaW9uOiAnMjAxMi0xMC0xNydcIixcbiAgICAgICAgJyAgICAgICAgU3RhdGVtZW50OicsXG4gICAgICAgICcgICAgICAgICAgLSBFZmZlY3Q6IEFsbG93JyxcbiAgICAgICAgJyAgICAgICAgICAgIFByaW5jaXBhbDonLFxuICAgICAgICAnICAgICAgICAgICAgICBBV1M6ICFSZWYgR2l0SHViT0lEQ1JvbGVBcm4nLFxuICAgICAgICAnICAgICAgICAgICAgQWN0aW9uOiBzdHM6QXNzdW1lUm9sZScsXG4gICAgICAgICcgICAgICAgICAgICBDb25kaXRpb246JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgU3RyaW5nRXF1YWxzOicsXG4gICAgICAgIFwiICAgICAgICAgICAgICAgICdhd3M6UmVxdWVzdGVkUmVnaW9uJzogJ3VzLWVhc3QtMicgICMgQWRqdXN0IHJlZ2lvbiBhcyBuZWVkZWRcIixcbiAgICAgICAgJyAgICAgIFBvbGljaWVzOicsXG4gICAgICAgICcgICAgICAgIC0gUG9saWN5TmFtZTogQ2xvdWRGb3JtYXRpb25DaGFuZ2VTZXRBY2Nlc3MnLFxuICAgICAgICAnICAgICAgICAgIFBvbGljeURvY3VtZW50OicsXG4gICAgICAgIFwiICAgICAgICAgICAgVmVyc2lvbjogJzIwMTItMTAtMTcnXCIsXG4gICAgICAgICcgICAgICAgICAgICBTdGF0ZW1lbnQ6JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgIyBDbG91ZEZvcm1hdGlvbiBjaGFuZ2VzZXQgb3BlcmF0aW9ucycsXG4gICAgICAgICcgICAgICAgICAgICAgIC0gRWZmZWN0OiBBbGxvdycsXG4gICAgICAgICcgICAgICAgICAgICAgICAgQWN0aW9uOicsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIGNsb3VkZm9ybWF0aW9uOkNyZWF0ZUNoYW5nZVNldCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIGNsb3VkZm9ybWF0aW9uOkRlc2NyaWJlQ2hhbmdlU2V0JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gY2xvdWRmb3JtYXRpb246RGVsZXRlQ2hhbmdlU2V0JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gY2xvdWRmb3JtYXRpb246TGlzdENoYW5nZVNldHMnLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBjbG91ZGZvcm1hdGlvbjpEZXNjcmliZVN0YWNrcycsXG4gICAgICAgIFwiICAgICAgICAgICAgICAgIFJlc291cmNlOiAnKidcIixcbiAgICAgICAgJyAgICAgICAgICAgICAgIyBDREsgYm9vdHN0cmFwIGJ1Y2tldCBhY2Nlc3MgKGZvciBjaGFuZ2VzZXQgY3JlYXRpb24pJyxcbiAgICAgICAgJyAgICAgICAgICAgICAgLSBFZmZlY3Q6IEFsbG93JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICBBY3Rpb246JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gczM6R2V0T2JqZWN0JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gczM6UHV0T2JqZWN0JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gczM6RGVsZXRlT2JqZWN0JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gczM6TGlzdEJ1Y2tldCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgUmVzb3VyY2U6JyxcbiAgICAgICAgXCIgICAgICAgICAgICAgICAgICAtICFTdWIgJ2Fybjphd3M6czM6OjpjZGstJHtBV1M6OkFjY291bnRJZH0tJHtBV1M6OlJlZ2lvbn0tKidcIixcbiAgICAgICAgXCIgICAgICAgICAgICAgICAgICAtICFTdWIgJ2Fybjphd3M6czM6OjpjZGstJHtBV1M6OkFjY291bnRJZH0tJHtBV1M6OlJlZ2lvbn0tKi8qJ1wiLFxuICAgICAgICAnICAgICAgICAgICAgICAjIENESyBib290c3RyYXAgcGFyYW1ldGVyIGFjY2VzcycsXG4gICAgICAgICcgICAgICAgICAgICAgIC0gRWZmZWN0OiBBbGxvdycsXG4gICAgICAgICcgICAgICAgICAgICAgICAgQWN0aW9uOicsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIHNzbTpHZXRQYXJhbWV0ZXInLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBzc206R2V0UGFyYW1ldGVycycsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIHNzbTpHZXRQYXJhbWV0ZXJzQnlQYXRoJyxcbiAgICAgICAgXCIgICAgICAgICAgICAgICAgUmVzb3VyY2U6ICFTdWIgJ2Fybjphd3M6c3NtOiR7QVdTOjpSZWdpb259OiR7QVdTOjpBY2NvdW50SWR9OnBhcmFtZXRlci9jZGstYm9vdHN0cmFwLyonXCIsXG4gICAgICAgICcgICAgICAgICAgICAgICMgSUFNIFBhc3NSb2xlIGZvciBDREsgb3BlcmF0aW9ucycsXG4gICAgICAgICcgICAgICAgICAgICAgIC0gRWZmZWN0OiBBbGxvdycsXG4gICAgICAgICcgICAgICAgICAgICAgICAgQWN0aW9uOicsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIGlhbTpQYXNzUm9sZScsXG4gICAgICAgIFwiICAgICAgICAgICAgICAgIFJlc291cmNlOiAnKidcIixcbiAgICAgICAgJyAgICAgICAgICAgICAgICBDb25kaXRpb246JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIFN0cmluZ0VxdWFsczonLFxuICAgICAgICBcIiAgICAgICAgICAgICAgICAgICAgJ2lhbTpQYXNzZWRUb1NlcnZpY2UnOiAnY2xvdWRmb3JtYXRpb24uYW1hem9uYXdzLmNvbSdcIixcbiAgICAgICAgJycsXG4gICAgICAgICdPdXRwdXRzOicsXG4gICAgICAgICcgIENka0NoYW5nZXNldFJvbGVBcm46JyxcbiAgICAgICAgXCIgICAgRGVzY3JpcHRpb246ICdBUk4gb2YgdGhlIENESyBjaGFuZ2VzZXQgcm9sZSdcIixcbiAgICAgICAgJyAgICBWYWx1ZTogIUdldEF0dCBDZGtDaGFuZ2VzZXRSb2xlLkFybicsXG4gICAgICAgICcgICAgRXhwb3J0OicsXG4gICAgICAgIFwiICAgICAgTmFtZTogIVN1YiAnJHtBV1M6OlN0YWNrTmFtZX0tQ2RrQ2hhbmdlc2V0Um9sZUFybidcIixcbiAgICAgICAgJycsXG4gICAgICAgICcgIENka0NoYW5nZXNldFJvbGVOYW1lOicsXG4gICAgICAgIFwiICAgIERlc2NyaXB0aW9uOiAnTmFtZSBvZiB0aGUgQ0RLIGNoYW5nZXNldCByb2xlJ1wiLFxuICAgICAgICAnICAgIFZhbHVlOiAhUmVmIENka0NoYW5nZXNldFJvbGUnLFxuICAgICAgICAnICAgIEV4cG9ydDonLFxuICAgICAgICBcIiAgICAgIE5hbWU6ICFTdWIgJyR7QVdTOjpTdGFja05hbWV9LUNka0NoYW5nZXNldFJvbGVOYW1lJ1wiLFxuICAgICAgXSxcbiAgICB9KTtcbiAgfVxufVxuIl19
+CdkDiffIamTemplate[_a] = { fqn: "@jjrawlins/cdk-diff-pr-github-action.CdkDiffIamTemplate", version: "0.0.1" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2RrRGlmZklhbVRlbXBsYXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL0Nka0RpZmZJYW1UZW1wbGF0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLG1DQUFrQztBQVVsQyxNQUFhLGtCQUFrQjtJQUM3QixZQUFZLEtBQThCO1FBQ3hDLE1BQU0sVUFBVSxHQUFHLEtBQUssQ0FBQyxVQUFVLElBQUkscUNBQXFDLENBQUM7UUFDN0UsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsNkJBQTZCLEVBQUU7WUFDbkQsV0FBVyxFQUFFLDRIQUE0SDtZQUN6SSxXQUFXLEVBQUUsSUFBSTtZQUNqQixJQUFJLEVBQUUsNkNBQTZDLFVBQVUsOEVBQThFO1NBQzVJLENBQUMsQ0FBQztRQUVILElBQUksaUJBQVEsQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLFVBQVUsRUFBRTtZQUN0QyxLQUFLLEVBQUU7Z0JBQ0wsd0NBQXdDO2dCQUN4QywrREFBK0Q7Z0JBQy9ELEVBQUU7Z0JBQ0YsYUFBYTtnQkFDYixzQkFBc0I7Z0JBQ3RCLGtCQUFrQjtnQkFDbEIsNkZBQTZGO2dCQUM3RixpQkFBaUIsS0FBSyxDQUFDLFdBQVcsR0FBRztnQkFDckMsRUFBRTtnQkFDRixZQUFZO2dCQUNaLGtGQUFrRjtnQkFDbEYscUJBQXFCO2dCQUNyQiwwQkFBMEI7Z0JBQzFCLGlCQUFpQjtnQkFDakIsbUJBQW1CLEdBQUcsS0FBSyxDQUFDLFFBQVEsR0FBRyxHQUFHO2dCQUMxQyxpQ0FBaUM7Z0JBQ2pDLCtCQUErQjtnQkFDL0Isb0JBQW9CO2dCQUNwQiwyQkFBMkI7Z0JBQzNCLHdCQUF3QjtnQkFDeEIsMkNBQTJDO2dCQUMzQyxvQ0FBb0M7Z0JBQ3BDLHdCQUF3QjtnQkFDeEIsNkJBQTZCO2dCQUM3Qix3Q0FBd0MsR0FBRyxLQUFLLENBQUMsVUFBVSxHQUFHLEdBQUc7Z0JBQ2pFLGlCQUFpQjtnQkFDakIscURBQXFEO2dCQUNyRCwyQkFBMkI7Z0JBQzNCLG1DQUFtQztnQkFDbkMsd0JBQXdCO2dCQUN4QixxREFBcUQ7Z0JBQ3JELCtCQUErQjtnQkFDL0IseUJBQXlCO2dCQUN6QixvREFBb0Q7Z0JBQ3BELHNEQUFzRDtnQkFDdEQsb0RBQW9EO2dCQUNwRCxtREFBbUQ7Z0JBQ25ELG1EQUFtRDtnQkFDbkQsK0JBQStCO2dCQUMvQixzRUFBc0U7Z0JBQ3RFLCtCQUErQjtnQkFDL0IseUJBQXlCO2dCQUN6QixrQ0FBa0M7Z0JBQ2xDLGtDQUFrQztnQkFDbEMscUNBQXFDO2dCQUNyQyxtQ0FBbUM7Z0JBQ25DLDJCQUEyQjtnQkFDM0IsZ0ZBQWdGO2dCQUNoRixrRkFBa0Y7Z0JBQ2xGLGdEQUFnRDtnQkFDaEQsK0JBQStCO2dCQUMvQix5QkFBeUI7Z0JBQ3pCLHNDQUFzQztnQkFDdEMsdUNBQXVDO2dCQUN2Qyw2Q0FBNkM7Z0JBQzdDLHlHQUF5RztnQkFDekcsaURBQWlEO2dCQUNqRCwrQkFBK0I7Z0JBQy9CLHlCQUF5QjtnQkFDekIsa0NBQWtDO2dCQUNsQywrQkFBK0I7Z0JBQy9CLDRCQUE0QjtnQkFDNUIsaUNBQWlDO2dCQUNqQywyRUFBMkU7Z0JBQzNFLEVBQUU7Z0JBQ0YsVUFBVTtnQkFDVix3QkFBd0I7Z0JBQ3hCLGtEQUFrRDtnQkFDbEQseUNBQXlDO2dCQUN6QyxhQUFhO2dCQUNiLDBEQUEwRDtnQkFDMUQsRUFBRTtnQkFDRix5QkFBeUI7Z0JBQ3pCLG1EQUFtRDtnQkFDbkQsa0NBQWtDO2dCQUNsQyxhQUFhO2dCQUNiLDJEQUEyRDthQUM1RDtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7O0FBMUZILGdEQTJGQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IFRleHRGaWxlIH0gZnJvbSAncHJvamVuJztcblxuZXhwb3J0IGludGVyZmFjZSBDZGtEaWZmSWFtVGVtcGxhdGVQcm9wcyB7XG4gIHJlYWRvbmx5IHByb2plY3Q6IGFueTtcbiAgcmVhZG9ubHkgcm9sZU5hbWU6IHN0cmluZztcbiAgcmVhZG9ubHkgb3V0cHV0UGF0aD86IHN0cmluZztcbiAgcmVhZG9ubHkgb2lkY1JvbGVBcm46IHN0cmluZztcbiAgcmVhZG9ubHkgb2lkY1JlZ2lvbjogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgQ2RrRGlmZklhbVRlbXBsYXRlIHtcbiAgY29uc3RydWN0b3IocHJvcHM6IENka0RpZmZJYW1UZW1wbGF0ZVByb3BzKSB7XG4gICAgY29uc3Qgb3V0cHV0UGF0aCA9IHByb3BzLm91dHB1dFBhdGggPz8gJ2Nkay1kaWZmLXdvcmtmbG93LWlhbS10ZW1wbGF0ZS55YW1sJztcbiAgICBwcm9wcy5wcm9qZWN0LmFkZFRhc2soJ2RlcGxveS1jZGtkaWZmLWlhbS10ZW1wbGF0ZScsIHtcbiAgICAgIGRlc2NyaXB0aW9uOiAnRGVwbG95IHRoZSBDREsgRGlmZiBJQU0gdGVtcGxhdGUgdmlhIENsb3VkRm9ybWF0aW9uIChhY2NlcHRzIGV4dHJhIEFXUyBDTEkgYXJncywgZS5nLiwgLS1wYXJhbWV0ZXItb3ZlcnJpZGVzIEtleT1WYWx1ZS4uLiknLFxuICAgICAgcmVjZWl2ZUFyZ3M6IHRydWUsXG4gICAgICBleGVjOiBgYXdzIGNsb3VkZm9ybWF0aW9uIGRlcGxveSAtLXRlbXBsYXRlLWZpbGUgJHtvdXRwdXRQYXRofSAtLXN0YWNrLW5hbWUgY2RrLWRpZmYtd29ya2Zsb3ctaWFtLXJvbGUgLS1jYXBhYmlsaXRpZXMgQ0FQQUJJTElUWV9OQU1FRF9JQU1gLFxuICAgIH0pO1xuXG4gICAgbmV3IFRleHRGaWxlKHByb3BzLnByb2plY3QsIG91dHB1dFBhdGgsIHtcbiAgICAgIGxpbmVzOiBbXG4gICAgICAgIFwiQVdTVGVtcGxhdGVGb3JtYXRWZXJzaW9uOiAnMjAxMC0wOS0wOSdcIixcbiAgICAgICAgXCJEZXNjcmlwdGlvbjogJ0lBTSByb2xlIGZvciBDREsgRGlmZiBTdGFjayBXb3JrZmxvdyBjb25zdHJ1Y3QnXCIsXG4gICAgICAgICcnLFxuICAgICAgICAnUGFyYW1ldGVyczonLFxuICAgICAgICAnICBHaXRIdWJPSURDUm9sZUFybjonLFxuICAgICAgICAnICAgIFR5cGU6IFN0cmluZycsXG4gICAgICAgIFwiICAgIERlc2NyaXB0aW9uOiAnQVJOIG9mIHRoZSBleGlzdGluZyBHaXRIdWIgT0lEQyByb2xlIHRoYXQgY2FuIGFzc3VtZSB0aGlzIGNoYW5nZXNldCByb2xlJ1wiLFxuICAgICAgICBgICAgIERlZmF1bHQ6ICcke3Byb3BzLm9pZGNSb2xlQXJufSdgLFxuICAgICAgICAnJyxcbiAgICAgICAgJ1Jlc291cmNlczonLFxuICAgICAgICAnICAjIENsb3VkRm9ybWF0aW9uIENoYW5nZVNldCBSb2xlIC0gbWluaW1hbCBwZXJtaXNzaW9ucyBmb3IgY2hhbmdlc2V0IG9wZXJhdGlvbnMnLFxuICAgICAgICAnICBDZGtDaGFuZ2VzZXRSb2xlOicsXG4gICAgICAgICcgICAgVHlwZTogQVdTOjpJQU06OlJvbGUnLFxuICAgICAgICAnICAgIFByb3BlcnRpZXM6JyxcbiAgICAgICAgXCIgICAgICBSb2xlTmFtZTogJ1wiICsgcHJvcHMucm9sZU5hbWUgKyBcIidcIixcbiAgICAgICAgJyAgICAgIEFzc3VtZVJvbGVQb2xpY3lEb2N1bWVudDonLFxuICAgICAgICBcIiAgICAgICAgVmVyc2lvbjogJzIwMTItMTAtMTcnXCIsXG4gICAgICAgICcgICAgICAgIFN0YXRlbWVudDonLFxuICAgICAgICAnICAgICAgICAgIC0gRWZmZWN0OiBBbGxvdycsXG4gICAgICAgICcgICAgICAgICAgICBQcmluY2lwYWw6JyxcbiAgICAgICAgJyAgICAgICAgICAgICAgQVdTOiAhUmVmIEdpdEh1Yk9JRENSb2xlQXJuJyxcbiAgICAgICAgJyAgICAgICAgICAgIEFjdGlvbjogc3RzOkFzc3VtZVJvbGUnLFxuICAgICAgICAnICAgICAgICAgICAgQ29uZGl0aW9uOicsXG4gICAgICAgICcgICAgICAgICAgICAgIFN0cmluZ0VxdWFsczonLFxuICAgICAgICBcIiAgICAgICAgICAgICAgICBhd3M6UmVxdWVzdGVkUmVnaW9uOiAnXCIgKyBwcm9wcy5vaWRjUmVnaW9uICsgXCInXCIsXG4gICAgICAgICcgICAgICBQb2xpY2llczonLFxuICAgICAgICAnICAgICAgICAtIFBvbGljeU5hbWU6IENsb3VkRm9ybWF0aW9uQ2hhbmdlU2V0QWNjZXNzJyxcbiAgICAgICAgJyAgICAgICAgICBQb2xpY3lEb2N1bWVudDonLFxuICAgICAgICBcIiAgICAgICAgICAgIFZlcnNpb246ICcyMDEyLTEwLTE3J1wiLFxuICAgICAgICAnICAgICAgICAgICAgU3RhdGVtZW50OicsXG4gICAgICAgICcgICAgICAgICAgICAgICMgQ2xvdWRGb3JtYXRpb24gY2hhbmdlc2V0IG9wZXJhdGlvbnMnLFxuICAgICAgICAnICAgICAgICAgICAgICAtIEVmZmVjdDogQWxsb3cnLFxuICAgICAgICAnICAgICAgICAgICAgICAgIEFjdGlvbjonLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBjbG91ZGZvcm1hdGlvbjpDcmVhdGVDaGFuZ2VTZXQnLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBjbG91ZGZvcm1hdGlvbjpEZXNjcmliZUNoYW5nZVNldCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIGNsb3VkZm9ybWF0aW9uOkRlbGV0ZUNoYW5nZVNldCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIGNsb3VkZm9ybWF0aW9uOkxpc3RDaGFuZ2VTZXRzJyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gY2xvdWRmb3JtYXRpb246RGVzY3JpYmVTdGFja3MnLFxuICAgICAgICBcIiAgICAgICAgICAgICAgICBSZXNvdXJjZTogJyonXCIsXG4gICAgICAgICcgICAgICAgICAgICAgICMgQ0RLIGJvb3RzdHJhcCBidWNrZXQgYWNjZXNzIChmb3IgY2hhbmdlc2V0IGNyZWF0aW9uKScsXG4gICAgICAgICcgICAgICAgICAgICAgIC0gRWZmZWN0OiBBbGxvdycsXG4gICAgICAgICcgICAgICAgICAgICAgICAgQWN0aW9uOicsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIHMzOkdldE9iamVjdCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIHMzOlB1dE9iamVjdCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIHMzOkRlbGV0ZU9iamVjdCcsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICAtIHMzOkxpc3RCdWNrZXQnLFxuICAgICAgICAnICAgICAgICAgICAgICAgIFJlc291cmNlOicsXG4gICAgICAgIFwiICAgICAgICAgICAgICAgICAgLSAhU3ViICdhcm46YXdzOnMzOjo6Y2RrLSR7QVdTOjpBY2NvdW50SWR9LSR7QVdTOjpSZWdpb259LSonXCIsXG4gICAgICAgIFwiICAgICAgICAgICAgICAgICAgLSAhU3ViICdhcm46YXdzOnMzOjo6Y2RrLSR7QVdTOjpBY2NvdW50SWR9LSR7QVdTOjpSZWdpb259LSovKidcIixcbiAgICAgICAgJyAgICAgICAgICAgICAgIyBDREsgYm9vdHN0cmFwIHBhcmFtZXRlciBhY2Nlc3MnLFxuICAgICAgICAnICAgICAgICAgICAgICAtIEVmZmVjdDogQWxsb3cnLFxuICAgICAgICAnICAgICAgICAgICAgICAgIEFjdGlvbjonLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBzc206R2V0UGFyYW1ldGVyJyxcbiAgICAgICAgJyAgICAgICAgICAgICAgICAgIC0gc3NtOkdldFBhcmFtZXRlcnMnLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBzc206R2V0UGFyYW1ldGVyc0J5UGF0aCcsXG4gICAgICAgIFwiICAgICAgICAgICAgICAgIFJlc291cmNlOiAhU3ViICdhcm46YXdzOnNzbToke0FXUzo6UmVnaW9ufToke0FXUzo6QWNjb3VudElkfTpwYXJhbWV0ZXIvY2RrLWJvb3RzdHJhcC8qJ1wiLFxuICAgICAgICAnICAgICAgICAgICAgICAjIElBTSBQYXNzUm9sZSBmb3IgQ0RLIG9wZXJhdGlvbnMnLFxuICAgICAgICAnICAgICAgICAgICAgICAtIEVmZmVjdDogQWxsb3cnLFxuICAgICAgICAnICAgICAgICAgICAgICAgIEFjdGlvbjonLFxuICAgICAgICAnICAgICAgICAgICAgICAgICAgLSBpYW06UGFzc1JvbGUnLFxuICAgICAgICBcIiAgICAgICAgICAgICAgICBSZXNvdXJjZTogJyonXCIsXG4gICAgICAgICcgICAgICAgICAgICAgICAgQ29uZGl0aW9uOicsXG4gICAgICAgICcgICAgICAgICAgICAgICAgICBTdHJpbmdFcXVhbHM6JyxcbiAgICAgICAgXCIgICAgICAgICAgICAgICAgICAgICdpYW06UGFzc2VkVG9TZXJ2aWNlJzogJ2Nsb3VkZm9ybWF0aW9uLmFtYXpvbmF3cy5jb20nXCIsXG4gICAgICAgICcnLFxuICAgICAgICAnT3V0cHV0czonLFxuICAgICAgICAnICBDZGtDaGFuZ2VzZXRSb2xlQXJuOicsXG4gICAgICAgIFwiICAgIERlc2NyaXB0aW9uOiAnQVJOIG9mIHRoZSBDREsgY2hhbmdlc2V0IHJvbGUnXCIsXG4gICAgICAgICcgICAgVmFsdWU6ICFHZXRBdHQgQ2RrQ2hhbmdlc2V0Um9sZS5Bcm4nLFxuICAgICAgICAnICAgIEV4cG9ydDonLFxuICAgICAgICBcIiAgICAgIE5hbWU6ICFTdWIgJyR7QVdTOjpTdGFja05hbWV9LUNka0NoYW5nZXNldFJvbGVBcm4nXCIsXG4gICAgICAgICcnLFxuICAgICAgICAnICBDZGtDaGFuZ2VzZXRSb2xlTmFtZTonLFxuICAgICAgICBcIiAgICBEZXNjcmlwdGlvbjogJ05hbWUgb2YgdGhlIENESyBjaGFuZ2VzZXQgcm9sZSdcIixcbiAgICAgICAgJyAgICBWYWx1ZTogIVJlZiBDZGtDaGFuZ2VzZXRSb2xlJyxcbiAgICAgICAgJyAgICBFeHBvcnQ6JyxcbiAgICAgICAgXCIgICAgICBOYW1lOiAhU3ViICcke0FXUzo6U3RhY2tOYW1lfS1DZGtDaGFuZ2VzZXRSb2xlTmFtZSdcIixcbiAgICAgIF0sXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==

package/lib/CdkDiffStackWorkflow.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 export interface CdkDiffStack {
     readonly stackName: string;
-    readonly cdkDiffRoleToAssumeArn: string;
-    readonly cdkDiffRoleToAssumeRegion: string;
+    readonly changesetRoleToAssumeArn: string;
+    readonly changesetRoleToAssumeRegion: string;
     readonly oidcRoleArn?: string;
     readonly oidcRegion?: string;
 }

package/lib/CdkDiffStackWorkflow.js CHANGED Viewed

@@ -47,13 +47,11 @@ class CdkDiffStackWorkflow {
         }
     }
     createWorkflowForStack(workflow, stack, cdkYarnCommand, nodeVersion, scriptOutputPath, defaultOidcRoleArn, defaultOidcRegion) {
-        // Configure workflow triggers
         workflow.on({
             pullRequest: {
                 types: ['opened', 'synchronize', 'reopened'],
             },
         });
-        // Add the diff job
         workflow.addJobs({
             diff: {
                 runsOn: ['ubuntu-latest'],
@@ -68,11 +66,9 @@ class CdkDiffStackWorkflow {
                     GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}',
                 },
                 steps: [
-                    // Checkout code
                     {
                         uses: `actions/checkout@${githubActionsCheckoutVersion}`,
                     },
-                    // Setup Node.js
                     {
                         uses: `actions/setup-node@${githubActionsSetupNodeVersion}`,
                         with: {
@@ -82,13 +78,23 @@ class CdkDiffStackWorkflow {
                             'token': '${{ secrets.GITHUB_TOKEN }}',
                         },
                     },
-                    // Install dependencies
                     {
                         run: 'yarn install --frozen-lockfile',
                         env: {
                             NODE_AUTH_TOKEN: '${{ secrets.GITHUB_TOKEN }}',
                         },
                     },
+                    {
+                        uses: `aws-actions/configure-aws-credentials@${githubActionsAwsCredentialsVersion}`,
+                        with: {
+                            'role-to-assume': stack.oidcRoleArn ?? defaultOidcRoleArn,
+                            'aws-region': stack.oidcRegion ?? defaultOidcRegion,
+                        },
+                    },
+                    {
+                        name: `Create Changeset for ${stack.stackName}`,
+                        run: `yarn ${cdkYarnCommand} deploy ${stack.stackName} --no-execute --change-set-name ${stack.stackName} --require-approval never`,
+                    },
                     {
                         id: 'creds',
                         uses: `aws-actions/configure-aws-credentials@${githubActionsAwsCredentialsVersion}`,
@@ -98,25 +104,19 @@ class CdkDiffStackWorkflow {
                         },
                     },
                     {
-                        name: 'Assume CDK Deploy Role',
-                        id: 'deploy-role',
-                        uses: 'aws-actions/configure-aws-credentials@v4',
+                        name: 'Assume CloudFormation Changeset Role',
+                        id: 'changeset-role',
+                        uses: `aws-actions/configure-aws-credentials@${githubActionsAwsCredentialsVersion}`,
                         with: {
-                            'role-to-assume': stack.cdkDiffRoleToAssumeArn,
+                            'role-to-assume': stack.changesetRoleToAssumeArn,
                             'role-chaining': true,
                             'role-skip-session-tagging': true,
-                            'aws-region': stack.cdkDiffRoleToAssumeRegion,
+                            'aws-region': stack.changesetRoleToAssumeRegion,
                             'aws-access-key-id': '${{ steps.creds.outputs.aws-access-key-id }}',
                             'aws-secret-access-key': '${{ steps.creds.outputs.aws-secret-access-key }}',
                             'aws-session-token': '${{ steps.creds.outputs.aws-session-token }}',
                         },
                     },
-                    // Add changeset creation step
-                    {
-                        name: `Create Changeset for ${stack.stackName}`,
-                        run: `yarn ${cdkYarnCommand} deploy ${stack.stackName} --no-execute --change-set-name ${stack.stackName} --require-approval never`,
-                    },
-                    // Add changeset description step
                     {
                         name: `Describe change set for ${stack.stackName}`,
                         run: `npx ts-node ${scriptOutputPath}`,
@@ -127,10 +127,9 @@ class CdkDiffStackWorkflow {
                             GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}',
                         },
                     },
-                    // Add changeset cleanup step
                     {
                         name: `Delete changeset for ${stack.stackName}`,
-                        run: `aws cloudformation delete-change-set --change-set-name ${stack.stackName} --stack-name ${stack.stackName} --region ${stack.cdkDiffRoleToAssumeRegion}`,
+                        run: `aws cloudformation delete-change-set --change-set-name ${stack.stackName} --stack-name ${stack.stackName} --region ${stack.changesetRoleToAssumeRegion}`,
                     },
                 ],
             },
@@ -139,6 +138,6 @@ class CdkDiffStackWorkflow {
 }
 exports.CdkDiffStackWorkflow = CdkDiffStackWorkflow;
 _a = JSII_RTTI_SYMBOL_1;
-CdkDiffStackWorkflow[_a] = { fqn: "@jjrawlins/cdk-diff-pr-github-action.CdkDiffStackWorkflow", version: "0.0.0" };
+CdkDiffStackWorkflow[_a] = { fqn: "@jjrawlins/cdk-diff-pr-github-action.CdkDiffStackWorkflow", version: "0.0.1" };
 CdkDiffStackWorkflow.scriptCreated = false;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2RrRGlmZlN0YWNrV29ya2Zsb3cuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvQ2RrRGlmZlN0YWNrV29ya2Zsb3cudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw4Q0FBMkQ7QUFDM0QsdUVBQWtFO0FBQ2xFLHFFQUFnRTtBQUVoRSxNQUFNLGtDQUFrQyxHQUFHLElBQUksQ0FBQztBQUNoRCxNQUFNLDRCQUE0QixHQUFHLElBQUksQ0FBQztBQUMxQyxNQUFNLDZCQUE2QixHQUFHLElBQUksQ0FBQztBQW1CM0MsTUFBYSxvQkFBb0I7SUFHL0IsWUFBWSxLQUFnQztRQUMxQyxNQUFNLGNBQWMsR0FBRyxLQUFLLENBQUMsY0FBYyxJQUFJLEtBQUssQ0FBQztRQUNyRCxNQUFNLFdBQVcsR0FBRyxLQUFLLENBQUMsV0FBVyxJQUFJLE1BQU0sQ0FBQztRQUNoRCxNQUFNLGdCQUFnQixHQUFHLEtBQUssQ0FBQyxnQkFBZ0IsSUFBSSxxREFBcUQsQ0FBQztRQUV6Ryw4QkFBOEI7UUFDOUIsSUFBSSxDQUFDLHlCQUF5QixDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXRDLDREQUE0RDtRQUM1RCxJQUFJLENBQUMsb0JBQW9CLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDeEMsSUFBSSx5Q0FBa0IsQ0FBQztnQkFDckIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixVQUFVLEVBQUUsZ0JBQWdCO2FBQzdCLENBQUMsQ0FBQztZQUNILG9CQUFvQixDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUM7UUFDNUMsQ0FBQztRQUVELDRDQUE0QztRQUM1QyxLQUFLLE1BQU0sS0FBSyxJQUFJLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFlBQVksR0FBRyxRQUFRLEtBQUssQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUMvQyxNQUFNLEVBQUUsR0FBSSxLQUFhLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxJQUFJLGVBQU0sQ0FBRSxLQUFhLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDL0UsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLHVCQUFjLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxFQUFFLFFBQVEsRUFBRSxHQUFHLFlBQVksTUFBTSxFQUFFLENBQUMsQ0FBQztZQUVyRyxJQUFJLENBQUMsc0JBQXNCLENBQUMsa0JBQWtCLEVBQUUsS0FBSyxFQUFFLGNBQWMsRUFBRSxXQUFXLEVBQUUsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLFdBQVcsRUFBRSxLQUFLLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDN0ksQ0FBQztJQUNILENBQUM7SUFFTyx5QkFBeUIsQ0FBQyxLQUFnQztRQUNoRSxNQUFNLGtCQUFrQixHQUFHLENBQUMsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDO1FBQy9DLE1BQU0sb0JBQW9CLEdBQUcsQ0FBQyxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUM7UUFFaEQsd0RBQXdEO1FBQ3hELE1BQU0scUJBQXFCLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQy9FLE1BQU0sdUJBQXVCLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRWhGLGlGQUFpRjtRQUNqRixJQUFJLENBQUMsa0JBQWtCLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1lBQ2xELE1BQU0sSUFBSSxLQUFLLENBQUMsMEVBQTBFLENBQUMsQ0FBQztRQUM5RixDQUFDO1FBRUQsSUFBSSxDQUFDLG9CQUFvQixJQUFJLENBQUMsdUJBQXVCLEVBQUUsQ0FBQztZQUN0RCxNQUFNLElBQUksS0FBSyxDQUFDLHdFQUF3RSxDQUFDLENBQUM7UUFDNUYsQ0FBQztJQUNILENBQUM7SUFFTyxzQkFBc0IsQ0FDNUIsUUFBd0IsRUFDeEIsS0FBbUIsRUFDbkIsY0FBc0IsRUFDdEIsV0FBbUIsRUFDbkIsZ0JBQXdCLEVBQ3hCLGtCQUEwQixFQUMxQixpQkFBeUI7UUFFekIsOEJBQThCO1FBQzlCLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDVixXQUFXLEVBQUU7Z0JBQ1gsS0FBSyxFQUFFLENBQUMsUUFBUSxFQUFFLGFBQWEsRUFBRSxVQUFVLENBQUM7YUFDN0M7U0FDRixDQUFDLENBQUM7UUFFSCxtQkFBbUI7UUFDbkIsUUFBUSxDQUFDLE9BQU8sQ0FBQztZQUNmLElBQUksRUFBRTtnQkFDSixNQUFNLEVBQUUsQ0FBQyxlQUFlLENBQUM7Z0JBQ3pCLFdBQVcsRUFBRTtvQkFDWCxPQUFPLEVBQUUsK0JBQWEsQ0FBQyxLQUFLO29CQUM1QixRQUFRLEVBQUUsK0JBQWEsQ0FBQyxJQUFJO29CQUM1QixNQUFNLEVBQUUsK0JBQWEsQ0FBQyxLQUFLO29CQUMzQixZQUFZLEVBQUUsK0JBQWEsQ0FBQyxLQUFLO29CQUNqQyxRQUFRLEVBQUUsK0JBQWEsQ0FBQyxJQUFJO2lCQUM3QjtnQkFDRCxHQUFHLEVBQUU7b0JBQ0gsWUFBWSxFQUFFLDZCQUE2QjtpQkFDNUM7Z0JBQ0QsS0FBSyxFQUFFO29CQUNMLGdCQUFnQjtvQkFDaEI7d0JBQ0UsSUFBSSxFQUFFLG9CQUFvQiw0QkFBNEIsRUFBRTtxQkFDekQ7b0JBQ0QsZ0JBQWdCO29CQUNoQjt3QkFDRSxJQUFJLEVBQUUsc0JBQXNCLDZCQUE2QixFQUFFO3dCQUMzRCxJQUFJLEVBQUU7NEJBQ0osY0FBYyxFQUFFLFdBQVc7NEJBQzNCLGNBQWMsRUFBRSw0QkFBNEI7NEJBQzVDLE9BQU8sRUFBRSxpQ0FBaUM7NEJBQzFDLE9BQU8sRUFBRSw2QkFBNkI7eUJBQ3ZDO3FCQUNGO29CQUNELHVCQUF1QjtvQkFDdkI7d0JBQ0UsR0FBRyxFQUFFLGdDQUFnQzt3QkFDckMsR0FBRyxFQUFFOzRCQUNILGVBQWUsRUFBRSw2QkFBNkI7eUJBQy9DO3FCQUNGO29CQUNEO3dCQUNFLEVBQUUsRUFBRSxPQUFPO3dCQUNYLElBQUksRUFBRSx5Q0FBeUMsa0NBQWtDLEVBQUU7d0JBQ25GLElBQUksRUFBRTs0QkFDSixnQkFBZ0IsRUFBRSxLQUFLLENBQUMsV0FBVyxJQUFJLGtCQUFrQjs0QkFDekQsWUFBWSxFQUFFLEtBQUssQ0FBQyxVQUFVLElBQUksaUJBQWlCO3lCQUNwRDtxQkFDRjtvQkFDRDt3QkFDRSxJQUFJLEVBQUUsd0JBQXdCO3dCQUM5QixFQUFFLEVBQUUsYUFBYTt3QkFDakIsSUFBSSxFQUFFLDBDQUEwQzt3QkFDaEQsSUFBSSxFQUFFOzRCQUNKLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxzQkFBc0I7NEJBQzlDLGVBQWUsRUFBRSxJQUFJOzRCQUNyQiwyQkFBMkIsRUFBRSxJQUFJOzRCQUNqQyxZQUFZLEVBQUUsS0FBSyxDQUFDLHlCQUF5Qjs0QkFDN0MsbUJBQW1CLEVBQUUsOENBQThDOzRCQUNuRSx1QkFBdUIsRUFBRSxrREFBa0Q7NEJBQzNFLG1CQUFtQixFQUFFLDhDQUE4Qzt5QkFDcEU7cUJBQ0Y7b0JBQ0QsOEJBQThCO29CQUM5Qjt3QkFDRSxJQUFJLEVBQUUsd0JBQXdCLEtBQUssQ0FBQyxTQUFTLEVBQUU7d0JBQy9DLEdBQUcsRUFBRSxRQUFRLGNBQWMsV0FBVyxLQUFLLENBQUMsU0FBUyxtQ0FBbUMsS0FBSyxDQUFDLFNBQVMsMkJBQTJCO3FCQUNuSTtvQkFDRCxpQ0FBaUM7b0JBQ2pDO3dCQUNFLElBQUksRUFBRSwyQkFBMkIsS0FBSyxDQUFDLFNBQVMsRUFBRTt3QkFDbEQsR0FBRyxFQUFFLGVBQWUsZ0JBQWdCLEVBQUU7d0JBQ3RDLEdBQUcsRUFBRTs0QkFDSCxVQUFVLEVBQUUsS0FBSyxDQUFDLFNBQVM7NEJBQzNCLGVBQWUsRUFBRSxLQUFLLENBQUMsU0FBUzs0QkFDaEMsa0JBQWtCLEVBQUUsK0NBQStDOzRCQUNuRSxZQUFZLEVBQUUsNkJBQTZCO3lCQUM1QztxQkFDRjtvQkFDRCw2QkFBNkI7b0JBQzdCO3dCQUNFLElBQUksRUFBRSx3QkFBd0IsS0FBSyxDQUFDLFNBQVMsRUFBRTt3QkFDL0MsR0FBRyxFQUFFLDBEQUEwRCxLQUFLLENBQUMsU0FBUyxpQkFBaUIsS0FBSyxDQUFDLFNBQVMsYUFBYSxLQUFLLENBQUMseUJBQXlCLEVBQUU7cUJBQzdKO2lCQUNGO2FBQ0Y7U0FDRixDQUFDLENBQUM7SUFDTCxDQUFDOztBQWxKSCxvREFtSkM7OztBQWxKZ0Isa0NBQWEsR0FBRyxLQUFLLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBHaXRIdWIsIEdpdGh1YldvcmtmbG93IH0gZnJvbSAncHJvamVuL2xpYi9naXRodWInO1xuaW1wb3J0IHsgSm9iUGVybWlzc2lvbiB9IGZyb20gJ3Byb2plbi9saWIvZ2l0aHViL3dvcmtmbG93cy1tb2RlbCc7XG5pbXBvcnQgeyBDZGtDaGFuZ2VzZXRTY3JpcHQgfSBmcm9tICcuL2Jpbi9jZGstY2hhbmdlc2V0LXNjcmlwdCc7XG5cbmNvbnN0IGdpdGh1YkFjdGlvbnNBd3NDcmVkZW50aWFsc1ZlcnNpb24gPSAndjQnO1xuY29uc3QgZ2l0aHViQWN0aW9uc0NoZWNrb3V0VmVyc2lvbiA9ICd2NCc7XG5jb25zdCBnaXRodWJBY3Rpb25zU2V0dXBOb2RlVmVyc2lvbiA9ICd2NCc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2RrRGlmZlN0YWNrIHtcbiAgcmVhZG9ubHkgc3RhY2tOYW1lOiBzdHJpbmc7XG4gIHJlYWRvbmx5IGNka0RpZmZSb2xlVG9Bc3N1bWVBcm46IHN0cmluZztcbiAgcmVhZG9ubHkgY2RrRGlmZlJvbGVUb0Fzc3VtZVJlZ2lvbjogc3RyaW5nO1xuICByZWFkb25seSBvaWRjUm9sZUFybj86IHN0cmluZzsgLy8gT3B0aW9uYWwgb3ZlcnJpZGUgZm9yIE9JREMgcm9sZVxuICByZWFkb25seSBvaWRjUmVnaW9uPzogc3RyaW5nOyAvLyBPcHRpb25hbCBvdmVycmlkZSBmb3IgT0lEQyByZWdpb25cbn1cblxuZXhwb3J0IGludGVyZmFjZSBDZGtEaWZmU3RhY2tXb3JrZmxvd1Byb3BzIHtcbiAgcmVhZG9ubHkgcHJvamVjdDogYW55OyAvLyBhdm9pZCBleHBvcnRpbmcgcHJvamVuIHR5cGVzIGluIHB1YmxpYyBBUElcbiAgcmVhZG9ubHkgc3RhY2tzOiBDZGtEaWZmU3RhY2tbXTtcbiAgcmVhZG9ubHkgb2lkY1JvbGVBcm46IHN0cmluZzsgLy8gUmVxdWlyZWQgT0lEQyByb2xlIEFSTiBmb3IgYWxsIHN0YWNrcyAob3IgZWFjaCBzdGFjayBtdXN0IGhhdmUgaXRzIG93bilcbiAgcmVhZG9ubHkgb2lkY1JlZ2lvbjogc3RyaW5nOyAvLyBSZXF1aXJlZCBPSURDIHJlZ2lvbiBmb3IgYWxsIHN0YWNrcyAob3IgZWFjaCBzdGFjayBtdXN0IGhhdmUgaXRzIG93bilcbiAgcmVhZG9ubHkgbm9kZVZlcnNpb24/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IGNka1lhcm5Db21tYW5kPzogc3RyaW5nO1xuICByZWFkb25seSBzY3JpcHRPdXRwdXRQYXRoPzogc3RyaW5nO1xufVxuZXhwb3J0IGNsYXNzIENka0RpZmZTdGFja1dvcmtmbG93IHtcbiAgcHJpdmF0ZSBzdGF0aWMgc2NyaXB0Q3JlYXRlZCA9IGZhbHNlO1xuXG4gIGNvbnN0cnVjdG9yKHByb3BzOiBDZGtEaWZmU3RhY2tXb3JrZmxvd1Byb3BzKSB7XG4gICAgY29uc3QgY2RrWWFybkNvbW1hbmQgPSBwcm9wcy5jZGtZYXJuQ29tbWFuZCA/PyAnY2RrJztcbiAgICBjb25zdCBub2RlVmVyc2lvbiA9IHByb3BzLm5vZGVWZXJzaW9uID8/ICcyNC54JztcbiAgICBjb25zdCBzY3JpcHRPdXRwdXRQYXRoID0gcHJvcHMuc2NyaXB0T3V0cHV0UGF0aCA/PyAnLmdpdGh1Yi93b3JrZmxvd3Mvc2NyaXB0cy9kZXNjcmliZS1jZm4tY2hhbmdlc2V0LnRzJztcblxuICAgIC8vIFZhbGlkYXRlIE9JREMgY29uZmlndXJhdGlvblxuICAgIHRoaXMudmFsaWRhdGVPaWRjQ29uZmlndXJhdGlvbihwcm9wcyk7XG5cbiAgICAvLyBPbmx5IGNyZWF0ZSB0aGUgY2hhbmdlc2V0IHNjcmlwdCBvbmNlIHRvIGF2b2lkIGNvbGxpc2lvbnNcbiAgICBpZiAoIUNka0RpZmZTdGFja1dvcmtmbG93LnNjcmlwdENyZWF0ZWQpIHtcbiAgICAgIG5ldyBDZGtDaGFuZ2VzZXRTY3JpcHQoe1xuICAgICAgICBwcm9qZWN0OiBwcm9wcy5wcm9qZWN0LFxuICAgICAgICBvdXRwdXRQYXRoOiBzY3JpcHRPdXRwdXRQYXRoLFxuICAgICAgfSk7XG4gICAgICBDZGtEaWZmU3RhY2tXb3JrZmxvdy5zY3JpcHRDcmVhdGVkID0gdHJ1ZTtcbiAgICB9XG5cbiAgICAvLyBDcmVhdGUgYSBzZXBhcmF0ZSB3b3JrZmxvdyBmb3IgZWFjaCBzdGFja1xuICAgIGZvciAoY29uc3Qgc3RhY2sgb2YgcHJvcHMuc3RhY2tzKSB7XG4gICAgICBjb25zdCB3b3JrZmxvd05hbWUgPSBgZGlmZi0ke3N0YWNrLnN0YWNrTmFtZX1gO1xuICAgICAgY29uc3QgZ2ggPSAocHJvcHMgYXMgYW55KS5wcm9qZWN0LmdpdGh1YiA/PyBuZXcgR2l0SHViKChwcm9wcyBhcyBhbnkpLnByb2plY3QpO1xuICAgICAgY29uc3QgZGlmZkRlcGxveVdvcmtmbG93ID0gbmV3IEdpdGh1YldvcmtmbG93KGdoLCB3b3JrZmxvd05hbWUsIHsgZmlsZU5hbWU6IGAke3dvcmtmbG93TmFtZX0ueW1sYCB9KTtcblxuICAgICAgdGhpcy5jcmVhdGVXb3JrZmxvd0ZvclN0YWNrKGRpZmZEZXBsb3lXb3JrZmxvdywgc3RhY2ssIGNka1lhcm5Db21tYW5kLCBub2RlVmVyc2lvbiwgc2NyaXB0T3V0cHV0UGF0aCwgcHJvcHMub2lkY1JvbGVBcm4sIHByb3BzLm9pZGNSZWdpb24pO1xuICAgIH1cbiAgfVxuXG4gIHByaXZhdGUgdmFsaWRhdGVPaWRjQ29uZmlndXJhdGlvbihwcm9wczogQ2RrRGlmZlN0YWNrV29ya2Zsb3dQcm9wcyk6IHZvaWQge1xuICAgIGNvbnN0IGhhc0RlZmF1bHRPaWRjUm9sZSA9ICEhcHJvcHMub2lkY1JvbGVBcm47XG4gICAgY29uc3QgaGFzRGVmYXVsdE9pZGNSZWdpb24gPSAhIXByb3BzLm9pZGNSZWdpb247XG5cbiAgICAvLyBDaGVjayBpZiBhbGwgc3RhY2tzIGhhdmUgdGhlaXIgb3duIE9JREMgY29uZmlndXJhdGlvblxuICAgIGNvbnN0IGFsbFN0YWNrc0hhdmVPaWRjUm9sZSA9IHByb3BzLnN0YWNrcy5ldmVyeShzdGFjayA9PiAhIXN0YWNrLm9pZGNSb2xlQXJuKTtcbiAgICBjb25zdCBhbGxTdGFja3NIYXZlT2lkY1JlZ2lvbiA9IHByb3BzLnN0YWNrcy5ldmVyeShzdGFjayA9PiAhIXN0YWNrLm9pZGNSZWdpb24pO1xuXG4gICAgLy8gRWl0aGVyIGRlZmF1bHRzIG11c3QgYmUgcHJvdmlkZWQgT1IgYWxsIHN0YWNrcyBtdXN0IGhhdmUgdGhlaXIgb3duIE9JREMgY29uZmlnXG4gICAgaWYgKCFoYXNEZWZhdWx0T2lkY1JvbGUgJiYgIWFsbFN0YWNrc0hhdmVPaWRjUm9sZSkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKCdFaXRoZXIgcHJvdmlkZSBkZWZhdWx0IG9pZGNSb2xlQXJuIG9yIHNwZWNpZnkgb2lkY1JvbGVBcm4gZm9yIGVhY2ggc3RhY2snKTtcbiAgICB9XG5cbiAgICBpZiAoIWhhc0RlZmF1bHRPaWRjUmVnaW9uICYmICFhbGxTdGFja3NIYXZlT2lkY1JlZ2lvbikge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKCdFaXRoZXIgcHJvdmlkZSBkZWZhdWx0IG9pZGNSZWdpb24gb3Igc3BlY2lmeSBvaWRjUmVnaW9uIGZvciBlYWNoIHN0YWNrJyk7XG4gICAgfVxuICB9XG5cbiAgcHJpdmF0ZSBjcmVhdGVXb3JrZmxvd0ZvclN0YWNrKFxuICAgIHdvcmtmbG93OiBHaXRodWJXb3JrZmxvdyxcbiAgICBzdGFjazogQ2RrRGlmZlN0YWNrLFxuICAgIGNka1lhcm5Db21tYW5kOiBzdHJpbmcsXG4gICAgbm9kZVZlcnNpb246IHN0cmluZyxcbiAgICBzY3JpcHRPdXRwdXRQYXRoOiBzdHJpbmcsXG4gICAgZGVmYXVsdE9pZGNSb2xlQXJuOiBzdHJpbmcsXG4gICAgZGVmYXVsdE9pZGNSZWdpb246IHN0cmluZyxcbiAgKSB7XG4gICAgLy8gQ29uZmlndXJlIHdvcmtmbG93IHRyaWdnZXJzXG4gICAgd29ya2Zsb3cub24oe1xuICAgICAgcHVsbFJlcXVlc3Q6IHtcbiAgICAgICAgdHlwZXM6IFsnb3BlbmVkJywgJ3N5bmNocm9uaXplJywgJ3Jlb3BlbmVkJ10sXG4gICAgICB9LFxuICAgIH0pO1xuXG4gICAgLy8gQWRkIHRoZSBkaWZmIGpvYlxuICAgIHdvcmtmbG93LmFkZEpvYnMoe1xuICAgICAgZGlmZjoge1xuICAgICAgICBydW5zT246IFsndWJ1bnR1LWxhdGVzdCddLFxuICAgICAgICBwZXJtaXNzaW9uczoge1xuICAgICAgICAgIGlkVG9rZW46IEpvYlBlcm1pc3Npb24uV1JJVEUsXG4gICAgICAgICAgY29udGVudHM6IEpvYlBlcm1pc3Npb24uUkVBRCxcbiAgICAgICAgICBpc3N1ZXM6IEpvYlBlcm1pc3Npb24uV1JJVEUsXG4gICAgICAgICAgcHVsbFJlcXVlc3RzOiBKb2JQZXJtaXNzaW9uLldSSVRFLFxuICAgICAgICAgIHBhY2thZ2VzOiBKb2JQZXJtaXNzaW9uLlJFQUQsXG4gICAgICAgIH0sXG4gICAgICAgIGVudjoge1xuICAgICAgICAgIEdJVEhVQl9UT0tFTjogJyR7eyBzZWNyZXRzLkdJVEhVQl9UT0tFTiB9fScsXG4gICAgICAgIH0sXG4gICAgICAgIHN0ZXBzOiBbXG4gICAgICAgICAgLy8gQ2hlY2tvdXQgY29kZVxuICAgICAgICAgIHtcbiAgICAgICAgICAgIHVzZXM6IGBhY3Rpb25zL2NoZWNrb3V0QCR7Z2l0aHViQWN0aW9uc0NoZWNrb3V0VmVyc2lvbn1gLFxuICAgICAgICAgIH0sXG4gICAgICAgICAgLy8gU2V0dXAgTm9kZS5qc1xuICAgICAgICAgIHtcbiAgICAgICAgICAgIHVzZXM6IGBhY3Rpb25zL3NldHVwLW5vZGVAJHtnaXRodWJBY3Rpb25zU2V0dXBOb2RlVmVyc2lvbn1gLFxuICAgICAgICAgICAgd2l0aDoge1xuICAgICAgICAgICAgICAnbm9kZS12ZXJzaW9uJzogbm9kZVZlcnNpb24sXG4gICAgICAgICAgICAgICdyZWdpc3RyeS11cmwnOiAnaHR0cHM6Ly9ucG0ucGtnLmdpdGh1Yi5jb20nLFxuICAgICAgICAgICAgICAnc2NvcGUnOiAnQCR7eyBnaXRodWIucmVwb3NpdG9yeV9vd25lciB9fScsXG4gICAgICAgICAgICAgICd0b2tlbic6ICcke3sgc2VjcmV0cy5HSVRIVUJfVE9LRU4gfX0nLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIC8vIEluc3RhbGwgZGVwZW5kZW5jaWVzXG4gICAgICAgICAge1xuICAgICAgICAgICAgcnVuOiAneWFybiBpbnN0YWxsIC0tZnJvemVuLWxvY2tmaWxlJyxcbiAgICAgICAgICAgIGVudjoge1xuICAgICAgICAgICAgICBOT0RFX0FVVEhfVE9LRU46ICcke3sgc2VjcmV0cy5HSVRIVUJfVE9LRU4gfX0nLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIGlkOiAnY3JlZHMnLFxuICAgICAgICAgICAgdXNlczogYGF3cy1hY3Rpb25zL2NvbmZpZ3VyZS1hd3MtY3JlZGVudGlhbHNAJHtnaXRodWJBY3Rpb25zQXdzQ3JlZGVudGlhbHNWZXJzaW9ufWAsXG4gICAgICAgICAgICB3aXRoOiB7XG4gICAgICAgICAgICAgICdyb2xlLXRvLWFzc3VtZSc6IHN0YWNrLm9pZGNSb2xlQXJuID8/IGRlZmF1bHRPaWRjUm9sZUFybixcbiAgICAgICAgICAgICAgJ2F3cy1yZWdpb24nOiBzdGFjay5vaWRjUmVnaW9uID8/IGRlZmF1bHRPaWRjUmVnaW9uLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIG5hbWU6ICdBc3N1bWUgQ0RLIERlcGxveSBSb2xlJyxcbiAgICAgICAgICAgIGlkOiAnZGVwbG95LXJvbGUnLFxuICAgICAgICAgICAgdXNlczogJ2F3cy1hY3Rpb25zL2NvbmZpZ3VyZS1hd3MtY3JlZGVudGlhbHNAdjQnLFxuICAgICAgICAgICAgd2l0aDoge1xuICAgICAgICAgICAgICAncm9sZS10by1hc3N1bWUnOiBzdGFjay5jZGtEaWZmUm9sZVRvQXNzdW1lQXJuLFxuICAgICAgICAgICAgICAncm9sZS1jaGFpbmluZyc6IHRydWUsXG4gICAgICAgICAgICAgICdyb2xlLXNraXAtc2Vzc2lvbi10YWdnaW5nJzogdHJ1ZSxcbiAgICAgICAgICAgICAgJ2F3cy1yZWdpb24nOiBzdGFjay5jZGtEaWZmUm9sZVRvQXNzdW1lUmVnaW9uLFxuICAgICAgICAgICAgICAnYXdzLWFjY2Vzcy1rZXktaWQnOiAnJHt7IHN0ZXBzLmNyZWRzLm91dHB1dHMuYXdzLWFjY2Vzcy1rZXktaWQgfX0nLFxuICAgICAgICAgICAgICAnYXdzLXNlY3JldC1hY2Nlc3Mta2V5JzogJyR7eyBzdGVwcy5jcmVkcy5vdXRwdXRzLmF3cy1zZWNyZXQtYWNjZXNzLWtleSB9fScsXG4gICAgICAgICAgICAgICdhd3Mtc2Vzc2lvbi10b2tlbic6ICcke3sgc3RlcHMuY3JlZHMub3V0cHV0cy5hd3Mtc2Vzc2lvbi10b2tlbiB9fScsXG4gICAgICAgICAgICB9LFxuICAgICAgICAgIH0sXG4gICAgICAgICAgLy8gQWRkIGNoYW5nZXNldCBjcmVhdGlvbiBzdGVwXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogYENyZWF0ZSBDaGFuZ2VzZXQgZm9yICR7c3RhY2suc3RhY2tOYW1lfWAsXG4gICAgICAgICAgICBydW46IGB5YXJuICR7Y2RrWWFybkNvbW1hbmR9IGRlcGxveSAke3N0YWNrLnN0YWNrTmFtZX0gLS1uby1leGVjdXRlIC0tY2hhbmdlLXNldC1uYW1lICR7c3RhY2suc3RhY2tOYW1lfSAtLXJlcXVpcmUtYXBwcm92YWwgbmV2ZXJgLFxuICAgICAgICAgIH0sXG4gICAgICAgICAgLy8gQWRkIGNoYW5nZXNldCBkZXNjcmlwdGlvbiBzdGVwXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogYERlc2NyaWJlIGNoYW5nZSBzZXQgZm9yICR7c3RhY2suc3RhY2tOYW1lfWAsXG4gICAgICAgICAgICBydW46IGBucHggdHMtbm9kZSAke3NjcmlwdE91dHB1dFBhdGh9YCxcbiAgICAgICAgICAgIGVudjoge1xuICAgICAgICAgICAgICBTVEFDS19OQU1FOiBzdGFjay5zdGFja05hbWUsXG4gICAgICAgICAgICAgIENIQU5HRV9TRVRfTkFNRTogc3RhY2suc3RhY2tOYW1lLFxuICAgICAgICAgICAgICBHSVRIVUJfQ09NTUVOVF9VUkw6ICcke3sgZ2l0aHViLmV2ZW50LnB1bGxfcmVxdWVzdC5jb21tZW50c191cmwgfX0nLFxuICAgICAgICAgICAgICBHSVRIVUJfVE9LRU46ICcke3sgc2VjcmV0cy5HSVRIVUJfVE9LRU4gfX0nLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIC8vIEFkZCBjaGFuZ2VzZXQgY2xlYW51cCBzdGVwXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogYERlbGV0ZSBjaGFuZ2VzZXQgZm9yICR7c3RhY2suc3RhY2tOYW1lfWAsXG4gICAgICAgICAgICBydW46IGBhd3MgY2xvdWRmb3JtYXRpb24gZGVsZXRlLWNoYW5nZS1zZXQgLS1jaGFuZ2Utc2V0LW5hbWUgJHtzdGFjay5zdGFja05hbWV9IC0tc3RhY2stbmFtZSAke3N0YWNrLnN0YWNrTmFtZX0gLS1yZWdpb24gJHtzdGFjay5jZGtEaWZmUm9sZVRvQXNzdW1lUmVnaW9ufWAsXG4gICAgICAgICAgfSxcbiAgICAgICAgXSxcbiAgICAgIH0sXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2RrRGlmZlN0YWNrV29ya2Zsb3cuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvQ2RrRGlmZlN0YWNrV29ya2Zsb3cudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw4Q0FBMkQ7QUFDM0QsdUVBQWtFO0FBQ2xFLHFFQUFnRTtBQUVoRSxNQUFNLGtDQUFrQyxHQUFHLElBQUksQ0FBQztBQUNoRCxNQUFNLDRCQUE0QixHQUFHLElBQUksQ0FBQztBQUMxQyxNQUFNLDZCQUE2QixHQUFHLElBQUksQ0FBQztBQW1CM0MsTUFBYSxvQkFBb0I7SUFHL0IsWUFBWSxLQUFnQztRQUMxQyxNQUFNLGNBQWMsR0FBRyxLQUFLLENBQUMsY0FBYyxJQUFJLEtBQUssQ0FBQztRQUNyRCxNQUFNLFdBQVcsR0FBRyxLQUFLLENBQUMsV0FBVyxJQUFJLE1BQU0sQ0FBQztRQUNoRCxNQUFNLGdCQUFnQixHQUFHLEtBQUssQ0FBQyxnQkFBZ0IsSUFBSSxxREFBcUQsQ0FBQztRQUV6Ryw4QkFBOEI7UUFDOUIsSUFBSSxDQUFDLHlCQUF5QixDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXRDLDREQUE0RDtRQUM1RCxJQUFJLENBQUMsb0JBQW9CLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDeEMsSUFBSSx5Q0FBa0IsQ0FBQztnQkFDckIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2dCQUN0QixVQUFVLEVBQUUsZ0JBQWdCO2FBQzdCLENBQUMsQ0FBQztZQUNILG9CQUFvQixDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUM7UUFDNUMsQ0FBQztRQUVELDRDQUE0QztRQUM1QyxLQUFLLE1BQU0sS0FBSyxJQUFJLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNqQyxNQUFNLFlBQVksR0FBRyxRQUFRLEtBQUssQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUMvQyxNQUFNLEVBQUUsR0FBSSxLQUFhLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxJQUFJLGVBQU0sQ0FBRSxLQUFhLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDL0UsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLHVCQUFjLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxFQUFFLFFBQVEsRUFBRSxHQUFHLFlBQVksTUFBTSxFQUFFLENBQUMsQ0FBQztZQUVyRyxJQUFJLENBQUMsc0JBQXNCLENBQUMsa0JBQWtCLEVBQUUsS0FBSyxFQUFFLGNBQWMsRUFBRSxXQUFXLEVBQUUsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLFdBQVcsRUFBRSxLQUFLLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDN0ksQ0FBQztJQUNILENBQUM7SUFFTyx5QkFBeUIsQ0FBQyxLQUFnQztRQUNoRSxNQUFNLGtCQUFrQixHQUFHLENBQUMsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDO1FBQy9DLE1BQU0sb0JBQW9CLEdBQUcsQ0FBQyxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUM7UUFFaEQsd0RBQXdEO1FBQ3hELE1BQU0scUJBQXFCLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQy9FLE1BQU0sdUJBQXVCLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRWhGLGlGQUFpRjtRQUNqRixJQUFJLENBQUMsa0JBQWtCLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1lBQ2xELE1BQU0sSUFBSSxLQUFLLENBQUMsMEVBQTBFLENBQUMsQ0FBQztRQUM5RixDQUFDO1FBRUQsSUFBSSxDQUFDLG9CQUFvQixJQUFJLENBQUMsdUJBQXVCLEVBQUUsQ0FBQztZQUN0RCxNQUFNLElBQUksS0FBSyxDQUFDLHdFQUF3RSxDQUFDLENBQUM7UUFDNUYsQ0FBQztJQUNILENBQUM7SUFFTyxzQkFBc0IsQ0FDNUIsUUFBd0IsRUFDeEIsS0FBbUIsRUFDbkIsY0FBc0IsRUFDdEIsV0FBbUIsRUFDbkIsZ0JBQXdCLEVBQ3hCLGtCQUEwQixFQUMxQixpQkFBeUI7UUFFekIsUUFBUSxDQUFDLEVBQUUsQ0FBQztZQUNWLFdBQVcsRUFBRTtnQkFDWCxLQUFLLEVBQUUsQ0FBQyxRQUFRLEVBQUUsYUFBYSxFQUFFLFVBQVUsQ0FBQzthQUM3QztTQUNGLENBQUMsQ0FBQztRQUNILFFBQVEsQ0FBQyxPQUFPLENBQUM7WUFDZixJQUFJLEVBQUU7Z0JBQ0osTUFBTSxFQUFFLENBQUMsZUFBZSxDQUFDO2dCQUN6QixXQUFXLEVBQUU7b0JBQ1gsT0FBTyxFQUFFLCtCQUFhLENBQUMsS0FBSztvQkFDNUIsUUFBUSxFQUFFLCtCQUFhLENBQUMsSUFBSTtvQkFDNUIsTUFBTSxFQUFFLCtCQUFhLENBQUMsS0FBSztvQkFDM0IsWUFBWSxFQUFFLCtCQUFhLENBQUMsS0FBSztvQkFDakMsUUFBUSxFQUFFLCtCQUFhLENBQUMsSUFBSTtpQkFDN0I7Z0JBQ0QsR0FBRyxFQUFFO29CQUNILFlBQVksRUFBRSw2QkFBNkI7aUJBQzVDO2dCQUNELEtBQUssRUFBRTtvQkFDTDt3QkFDRSxJQUFJLEVBQUUsb0JBQW9CLDRCQUE0QixFQUFFO3FCQUN6RDtvQkFDRDt3QkFDRSxJQUFJLEVBQUUsc0JBQXNCLDZCQUE2QixFQUFFO3dCQUMzRCxJQUFJLEVBQUU7NEJBQ0osY0FBYyxFQUFFLFdBQVc7NEJBQzNCLGNBQWMsRUFBRSw0QkFBNEI7NEJBQzVDLE9BQU8sRUFBRSxpQ0FBaUM7NEJBQzFDLE9BQU8sRUFBRSw2QkFBNkI7eUJBQ3ZDO3FCQUNGO29CQUNEO3dCQUNFLEdBQUcsRUFBRSxnQ0FBZ0M7d0JBQ3JDLEdBQUcsRUFBRTs0QkFDSCxlQUFlLEVBQUUsNkJBQTZCO3lCQUMvQztxQkFDRjtvQkFDRDt3QkFDRSxJQUFJLEVBQUUseUNBQXlDLGtDQUFrQyxFQUFFO3dCQUNuRixJQUFJLEVBQUU7NEJBQ0osZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLFdBQVcsSUFBSSxrQkFBa0I7NEJBQ3pELFlBQVksRUFBRSxLQUFLLENBQUMsVUFBVSxJQUFJLGlCQUFpQjt5QkFDcEQ7cUJBQ0Y7b0JBQ0Q7d0JBQ0UsSUFBSSxFQUFFLHdCQUF3QixLQUFLLENBQUMsU0FBUyxFQUFFO3dCQUMvQyxHQUFHLEVBQUUsUUFBUSxjQUFjLFdBQVcsS0FBSyxDQUFDLFNBQVMsbUNBQW1DLEtBQUssQ0FBQyxTQUFTLDJCQUEyQjtxQkFDbkk7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLE9BQU87d0JBQ1gsSUFBSSxFQUFFLHlDQUF5QyxrQ0FBa0MsRUFBRTt3QkFDbkYsSUFBSSxFQUFFOzRCQUNKLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxXQUFXLElBQUksa0JBQWtCOzRCQUN6RCxZQUFZLEVBQUUsS0FBSyxDQUFDLFVBQVUsSUFBSSxpQkFBaUI7eUJBQ3BEO3FCQUNGO29CQUNEO3dCQUNFLElBQUksRUFBRSxzQ0FBc0M7d0JBQzVDLEVBQUUsRUFBRSxnQkFBZ0I7d0JBQ3BCLElBQUksRUFBRSx5Q0FBeUMsa0NBQWtDLEVBQUU7d0JBQ25GLElBQUksRUFBRTs0QkFDSixnQkFBZ0IsRUFBRSxLQUFLLENBQUMsd0JBQXdCOzRCQUNoRCxlQUFlLEVBQUUsSUFBSTs0QkFDckIsMkJBQTJCLEVBQUUsSUFBSTs0QkFDakMsWUFBWSxFQUFFLEtBQUssQ0FBQywyQkFBMkI7NEJBQy9DLG1CQUFtQixFQUFFLDhDQUE4Qzs0QkFDbkUsdUJBQXVCLEVBQUUsa0RBQWtEOzRCQUMzRSxtQkFBbUIsRUFBRSw4Q0FBOEM7eUJBQ3BFO3FCQUNGO29CQUNEO3dCQUNFLElBQUksRUFBRSwyQkFBMkIsS0FBSyxDQUFDLFNBQVMsRUFBRTt3QkFDbEQsR0FBRyxFQUFFLGVBQWUsZ0JBQWdCLEVBQUU7d0JBQ3RDLEdBQUcsRUFBRTs0QkFDSCxVQUFVLEVBQUUsS0FBSyxDQUFDLFNBQVM7NEJBQzNCLGVBQWUsRUFBRSxLQUFLLENBQUMsU0FBUzs0QkFDaEMsa0JBQWtCLEVBQUUsK0NBQStDOzRCQUNuRSxZQUFZLEVBQUUsNkJBQTZCO3lCQUM1QztxQkFDRjtvQkFDRDt3QkFDRSxJQUFJLEVBQUUsd0JBQXdCLEtBQUssQ0FBQyxTQUFTLEVBQUU7d0JBQy9DLEdBQUcsRUFBRSwwREFBMEQsS0FBSyxDQUFDLFNBQVMsaUJBQWlCLEtBQUssQ0FBQyxTQUFTLGFBQWEsS0FBSyxDQUFDLDJCQUEyQixFQUFFO3FCQUMvSjtpQkFDRjthQUNGO1NBQ0YsQ0FBQyxDQUFDO0lBQ0wsQ0FBQzs7QUFoSkgsb0RBaUpDOzs7QUFoSmdCLGtDQUFhLEdBQUcsS0FBSyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgR2l0SHViLCBHaXRodWJXb3JrZmxvdyB9IGZyb20gJ3Byb2plbi9saWIvZ2l0aHViJztcbmltcG9ydCB7IEpvYlBlcm1pc3Npb24gfSBmcm9tICdwcm9qZW4vbGliL2dpdGh1Yi93b3JrZmxvd3MtbW9kZWwnO1xuaW1wb3J0IHsgQ2RrQ2hhbmdlc2V0U2NyaXB0IH0gZnJvbSAnLi9iaW4vY2RrLWNoYW5nZXNldC1zY3JpcHQnO1xuXG5jb25zdCBnaXRodWJBY3Rpb25zQXdzQ3JlZGVudGlhbHNWZXJzaW9uID0gJ3Y0JztcbmNvbnN0IGdpdGh1YkFjdGlvbnNDaGVja291dFZlcnNpb24gPSAndjQnO1xuY29uc3QgZ2l0aHViQWN0aW9uc1NldHVwTm9kZVZlcnNpb24gPSAndjQnO1xuXG5leHBvcnQgaW50ZXJmYWNlIENka0RpZmZTdGFjayB7XG4gIHJlYWRvbmx5IHN0YWNrTmFtZTogc3RyaW5nO1xuICByZWFkb25seSBjaGFuZ2VzZXRSb2xlVG9Bc3N1bWVBcm46IHN0cmluZztcbiAgcmVhZG9ubHkgY2hhbmdlc2V0Um9sZVRvQXNzdW1lUmVnaW9uOiBzdHJpbmc7XG4gIHJlYWRvbmx5IG9pZGNSb2xlQXJuPzogc3RyaW5nOyAvLyBPcHRpb25hbCBvdmVycmlkZSBmb3IgT0lEQyByb2xlXG4gIHJlYWRvbmx5IG9pZGNSZWdpb24/OiBzdHJpbmc7IC8vIE9wdGlvbmFsIG92ZXJyaWRlIGZvciBPSURDIHJlZ2lvblxufVxuXG5leHBvcnQgaW50ZXJmYWNlIENka0RpZmZTdGFja1dvcmtmbG93UHJvcHMge1xuICByZWFkb25seSBwcm9qZWN0OiBhbnk7IC8vIGF2b2lkIGV4cG9ydGluZyBwcm9qZW4gdHlwZXMgaW4gcHVibGljIEFQSVxuICByZWFkb25seSBzdGFja3M6IENka0RpZmZTdGFja1tdO1xuICByZWFkb25seSBvaWRjUm9sZUFybjogc3RyaW5nOyAvLyBSZXF1aXJlZCBPSURDIHJvbGUgQVJOIGZvciBhbGwgc3RhY2tzIChvciBlYWNoIHN0YWNrIG11c3QgaGF2ZSBpdHMgb3duKVxuICByZWFkb25seSBvaWRjUmVnaW9uOiBzdHJpbmc7IC8vIFJlcXVpcmVkIE9JREMgcmVnaW9uIGZvciBhbGwgc3RhY2tzIChvciBlYWNoIHN0YWNrIG11c3QgaGF2ZSBpdHMgb3duKVxuICByZWFkb25seSBub2RlVmVyc2lvbj86IHN0cmluZztcbiAgcmVhZG9ubHkgY2RrWWFybkNvbW1hbmQ/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IHNjcmlwdE91dHB1dFBhdGg/OiBzdHJpbmc7XG59XG5leHBvcnQgY2xhc3MgQ2RrRGlmZlN0YWNrV29ya2Zsb3cge1xuICBwcml2YXRlIHN0YXRpYyBzY3JpcHRDcmVhdGVkID0gZmFsc2U7XG5cbiAgY29uc3RydWN0b3IocHJvcHM6IENka0RpZmZTdGFja1dvcmtmbG93UHJvcHMpIHtcbiAgICBjb25zdCBjZGtZYXJuQ29tbWFuZCA9IHByb3BzLmNka1lhcm5Db21tYW5kID8/ICdjZGsnO1xuICAgIGNvbnN0IG5vZGVWZXJzaW9uID0gcHJvcHMubm9kZVZlcnNpb24gPz8gJzI0LngnO1xuICAgIGNvbnN0IHNjcmlwdE91dHB1dFBhdGggPSBwcm9wcy5zY3JpcHRPdXRwdXRQYXRoID8/ICcuZ2l0aHViL3dvcmtmbG93cy9zY3JpcHRzL2Rlc2NyaWJlLWNmbi1jaGFuZ2VzZXQudHMnO1xuXG4gICAgLy8gVmFsaWRhdGUgT0lEQyBjb25maWd1cmF0aW9uXG4gICAgdGhpcy52YWxpZGF0ZU9pZGNDb25maWd1cmF0aW9uKHByb3BzKTtcblxuICAgIC8vIE9ubHkgY3JlYXRlIHRoZSBjaGFuZ2VzZXQgc2NyaXB0IG9uY2UgdG8gYXZvaWQgY29sbGlzaW9uc1xuICAgIGlmICghQ2RrRGlmZlN0YWNrV29ya2Zsb3cuc2NyaXB0Q3JlYXRlZCkge1xuICAgICAgbmV3IENka0NoYW5nZXNldFNjcmlwdCh7XG4gICAgICAgIHByb2plY3Q6IHByb3BzLnByb2plY3QsXG4gICAgICAgIG91dHB1dFBhdGg6IHNjcmlwdE91dHB1dFBhdGgsXG4gICAgICB9KTtcbiAgICAgIENka0RpZmZTdGFja1dvcmtmbG93LnNjcmlwdENyZWF0ZWQgPSB0cnVlO1xuICAgIH1cblxuICAgIC8vIENyZWF0ZSBhIHNlcGFyYXRlIHdvcmtmbG93IGZvciBlYWNoIHN0YWNrXG4gICAgZm9yIChjb25zdCBzdGFjayBvZiBwcm9wcy5zdGFja3MpIHtcbiAgICAgIGNvbnN0IHdvcmtmbG93TmFtZSA9IGBkaWZmLSR7c3RhY2suc3RhY2tOYW1lfWA7XG4gICAgICBjb25zdCBnaCA9IChwcm9wcyBhcyBhbnkpLnByb2plY3QuZ2l0aHViID8/IG5ldyBHaXRIdWIoKHByb3BzIGFzIGFueSkucHJvamVjdCk7XG4gICAgICBjb25zdCBkaWZmRGVwbG95V29ya2Zsb3cgPSBuZXcgR2l0aHViV29ya2Zsb3coZ2gsIHdvcmtmbG93TmFtZSwgeyBmaWxlTmFtZTogYCR7d29ya2Zsb3dOYW1lfS55bWxgIH0pO1xuXG4gICAgICB0aGlzLmNyZWF0ZVdvcmtmbG93Rm9yU3RhY2soZGlmZkRlcGxveVdvcmtmbG93LCBzdGFjaywgY2RrWWFybkNvbW1hbmQsIG5vZGVWZXJzaW9uLCBzY3JpcHRPdXRwdXRQYXRoLCBwcm9wcy5vaWRjUm9sZUFybiwgcHJvcHMub2lkY1JlZ2lvbik7XG4gICAgfVxuICB9XG5cbiAgcHJpdmF0ZSB2YWxpZGF0ZU9pZGNDb25maWd1cmF0aW9uKHByb3BzOiBDZGtEaWZmU3RhY2tXb3JrZmxvd1Byb3BzKTogdm9pZCB7XG4gICAgY29uc3QgaGFzRGVmYXVsdE9pZGNSb2xlID0gISFwcm9wcy5vaWRjUm9sZUFybjtcbiAgICBjb25zdCBoYXNEZWZhdWx0T2lkY1JlZ2lvbiA9ICEhcHJvcHMub2lkY1JlZ2lvbjtcblxuICAgIC8vIENoZWNrIGlmIGFsbCBzdGFja3MgaGF2ZSB0aGVpciBvd24gT0lEQyBjb25maWd1cmF0aW9uXG4gICAgY29uc3QgYWxsU3RhY2tzSGF2ZU9pZGNSb2xlID0gcHJvcHMuc3RhY2tzLmV2ZXJ5KHN0YWNrID0+ICEhc3RhY2sub2lkY1JvbGVBcm4pO1xuICAgIGNvbnN0IGFsbFN0YWNrc0hhdmVPaWRjUmVnaW9uID0gcHJvcHMuc3RhY2tzLmV2ZXJ5KHN0YWNrID0+ICEhc3RhY2sub2lkY1JlZ2lvbik7XG5cbiAgICAvLyBFaXRoZXIgZGVmYXVsdHMgbXVzdCBiZSBwcm92aWRlZCBPUiBhbGwgc3RhY2tzIG11c3QgaGF2ZSB0aGVpciBvd24gT0lEQyBjb25maWdcbiAgICBpZiAoIWhhc0RlZmF1bHRPaWRjUm9sZSAmJiAhYWxsU3RhY2tzSGF2ZU9pZGNSb2xlKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ0VpdGhlciBwcm92aWRlIGRlZmF1bHQgb2lkY1JvbGVBcm4gb3Igc3BlY2lmeSBvaWRjUm9sZUFybiBmb3IgZWFjaCBzdGFjaycpO1xuICAgIH1cblxuICAgIGlmICghaGFzRGVmYXVsdE9pZGNSZWdpb24gJiYgIWFsbFN0YWNrc0hhdmVPaWRjUmVnaW9uKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ0VpdGhlciBwcm92aWRlIGRlZmF1bHQgb2lkY1JlZ2lvbiBvciBzcGVjaWZ5IG9pZGNSZWdpb24gZm9yIGVhY2ggc3RhY2snKTtcbiAgICB9XG4gIH1cblxuICBwcml2YXRlIGNyZWF0ZVdvcmtmbG93Rm9yU3RhY2soXG4gICAgd29ya2Zsb3c6IEdpdGh1YldvcmtmbG93LFxuICAgIHN0YWNrOiBDZGtEaWZmU3RhY2ssXG4gICAgY2RrWWFybkNvbW1hbmQ6IHN0cmluZyxcbiAgICBub2RlVmVyc2lvbjogc3RyaW5nLFxuICAgIHNjcmlwdE91dHB1dFBhdGg6IHN0cmluZyxcbiAgICBkZWZhdWx0T2lkY1JvbGVBcm46IHN0cmluZyxcbiAgICBkZWZhdWx0T2lkY1JlZ2lvbjogc3RyaW5nLFxuICApIHtcbiAgICB3b3JrZmxvdy5vbih7XG4gICAgICBwdWxsUmVxdWVzdDoge1xuICAgICAgICB0eXBlczogWydvcGVuZWQnLCAnc3luY2hyb25pemUnLCAncmVvcGVuZWQnXSxcbiAgICAgIH0sXG4gICAgfSk7XG4gICAgd29ya2Zsb3cuYWRkSm9icyh7XG4gICAgICBkaWZmOiB7XG4gICAgICAgIHJ1bnNPbjogWyd1YnVudHUtbGF0ZXN0J10sXG4gICAgICAgIHBlcm1pc3Npb25zOiB7XG4gICAgICAgICAgaWRUb2tlbjogSm9iUGVybWlzc2lvbi5XUklURSxcbiAgICAgICAgICBjb250ZW50czogSm9iUGVybWlzc2lvbi5SRUFELFxuICAgICAgICAgIGlzc3VlczogSm9iUGVybWlzc2lvbi5XUklURSxcbiAgICAgICAgICBwdWxsUmVxdWVzdHM6IEpvYlBlcm1pc3Npb24uV1JJVEUsXG4gICAgICAgICAgcGFja2FnZXM6IEpvYlBlcm1pc3Npb24uUkVBRCxcbiAgICAgICAgfSxcbiAgICAgICAgZW52OiB7XG4gICAgICAgICAgR0lUSFVCX1RPS0VOOiAnJHt7IHNlY3JldHMuR0lUSFVCX1RPS0VOIH19JyxcbiAgICAgICAgfSxcbiAgICAgICAgc3RlcHM6IFtcbiAgICAgICAgICB7XG4gICAgICAgICAgICB1c2VzOiBgYWN0aW9ucy9jaGVja291dEAke2dpdGh1YkFjdGlvbnNDaGVja291dFZlcnNpb259YCxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIHVzZXM6IGBhY3Rpb25zL3NldHVwLW5vZGVAJHtnaXRodWJBY3Rpb25zU2V0dXBOb2RlVmVyc2lvbn1gLFxuICAgICAgICAgICAgd2l0aDoge1xuICAgICAgICAgICAgICAnbm9kZS12ZXJzaW9uJzogbm9kZVZlcnNpb24sXG4gICAgICAgICAgICAgICdyZWdpc3RyeS11cmwnOiAnaHR0cHM6Ly9ucG0ucGtnLmdpdGh1Yi5jb20nLFxuICAgICAgICAgICAgICAnc2NvcGUnOiAnQCR7eyBnaXRodWIucmVwb3NpdG9yeV9vd25lciB9fScsXG4gICAgICAgICAgICAgICd0b2tlbic6ICcke3sgc2VjcmV0cy5HSVRIVUJfVE9LRU4gfX0nLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIHJ1bjogJ3lhcm4gaW5zdGFsbCAtLWZyb3plbi1sb2NrZmlsZScsXG4gICAgICAgICAgICBlbnY6IHtcbiAgICAgICAgICAgICAgTk9ERV9BVVRIX1RPS0VOOiAnJHt7IHNlY3JldHMuR0lUSFVCX1RPS0VOIH19JyxcbiAgICAgICAgICAgIH0sXG4gICAgICAgICAgfSxcbiAgICAgICAgICB7XG4gICAgICAgICAgICB1c2VzOiBgYXdzLWFjdGlvbnMvY29uZmlndXJlLWF3cy1jcmVkZW50aWFsc0Ake2dpdGh1YkFjdGlvbnNBd3NDcmVkZW50aWFsc1ZlcnNpb259YCxcbiAgICAgICAgICAgIHdpdGg6IHtcbiAgICAgICAgICAgICAgJ3JvbGUtdG8tYXNzdW1lJzogc3RhY2sub2lkY1JvbGVBcm4gPz8gZGVmYXVsdE9pZGNSb2xlQXJuLFxuICAgICAgICAgICAgICAnYXdzLXJlZ2lvbic6IHN0YWNrLm9pZGNSZWdpb24gPz8gZGVmYXVsdE9pZGNSZWdpb24sXG4gICAgICAgICAgICB9LFxuICAgICAgICAgIH0sXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogYENyZWF0ZSBDaGFuZ2VzZXQgZm9yICR7c3RhY2suc3RhY2tOYW1lfWAsXG4gICAgICAgICAgICBydW46IGB5YXJuICR7Y2RrWWFybkNvbW1hbmR9IGRlcGxveSAke3N0YWNrLnN0YWNrTmFtZX0gLS1uby1leGVjdXRlIC0tY2hhbmdlLXNldC1uYW1lICR7c3RhY2suc3RhY2tOYW1lfSAtLXJlcXVpcmUtYXBwcm92YWwgbmV2ZXJgLFxuICAgICAgICAgIH0sXG4gICAgICAgICAge1xuICAgICAgICAgICAgaWQ6ICdjcmVkcycsXG4gICAgICAgICAgICB1c2VzOiBgYXdzLWFjdGlvbnMvY29uZmlndXJlLWF3cy1jcmVkZW50aWFsc0Ake2dpdGh1YkFjdGlvbnNBd3NDcmVkZW50aWFsc1ZlcnNpb259YCxcbiAgICAgICAgICAgIHdpdGg6IHtcbiAgICAgICAgICAgICAgJ3JvbGUtdG8tYXNzdW1lJzogc3RhY2sub2lkY1JvbGVBcm4gPz8gZGVmYXVsdE9pZGNSb2xlQXJuLFxuICAgICAgICAgICAgICAnYXdzLXJlZ2lvbic6IHN0YWNrLm9pZGNSZWdpb24gPz8gZGVmYXVsdE9pZGNSZWdpb24sXG4gICAgICAgICAgICB9LFxuICAgICAgICAgIH0sXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogJ0Fzc3VtZSBDbG91ZEZvcm1hdGlvbiBDaGFuZ2VzZXQgUm9sZScsXG4gICAgICAgICAgICBpZDogJ2NoYW5nZXNldC1yb2xlJyxcbiAgICAgICAgICAgIHVzZXM6IGBhd3MtYWN0aW9ucy9jb25maWd1cmUtYXdzLWNyZWRlbnRpYWxzQCR7Z2l0aHViQWN0aW9uc0F3c0NyZWRlbnRpYWxzVmVyc2lvbn1gLFxuICAgICAgICAgICAgd2l0aDoge1xuICAgICAgICAgICAgICAncm9sZS10by1hc3N1bWUnOiBzdGFjay5jaGFuZ2VzZXRSb2xlVG9Bc3N1bWVBcm4sXG4gICAgICAgICAgICAgICdyb2xlLWNoYWluaW5nJzogdHJ1ZSxcbiAgICAgICAgICAgICAgJ3JvbGUtc2tpcC1zZXNzaW9uLXRhZ2dpbmcnOiB0cnVlLFxuICAgICAgICAgICAgICAnYXdzLXJlZ2lvbic6IHN0YWNrLmNoYW5nZXNldFJvbGVUb0Fzc3VtZVJlZ2lvbixcbiAgICAgICAgICAgICAgJ2F3cy1hY2Nlc3Mta2V5LWlkJzogJyR7eyBzdGVwcy5jcmVkcy5vdXRwdXRzLmF3cy1hY2Nlc3Mta2V5LWlkIH19JyxcbiAgICAgICAgICAgICAgJ2F3cy1zZWNyZXQtYWNjZXNzLWtleSc6ICcke3sgc3RlcHMuY3JlZHMub3V0cHV0cy5hd3Mtc2VjcmV0LWFjY2Vzcy1rZXkgfX0nLFxuICAgICAgICAgICAgICAnYXdzLXNlc3Npb24tdG9rZW4nOiAnJHt7IHN0ZXBzLmNyZWRzLm91dHB1dHMuYXdzLXNlc3Npb24tdG9rZW4gfX0nLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIG5hbWU6IGBEZXNjcmliZSBjaGFuZ2Ugc2V0IGZvciAke3N0YWNrLnN0YWNrTmFtZX1gLFxuICAgICAgICAgICAgcnVuOiBgbnB4IHRzLW5vZGUgJHtzY3JpcHRPdXRwdXRQYXRofWAsXG4gICAgICAgICAgICBlbnY6IHtcbiAgICAgICAgICAgICAgU1RBQ0tfTkFNRTogc3RhY2suc3RhY2tOYW1lLFxuICAgICAgICAgICAgICBDSEFOR0VfU0VUX05BTUU6IHN0YWNrLnN0YWNrTmFtZSxcbiAgICAgICAgICAgICAgR0lUSFVCX0NPTU1FTlRfVVJMOiAnJHt7IGdpdGh1Yi5ldmVudC5wdWxsX3JlcXVlc3QuY29tbWVudHNfdXJsIH19JyxcbiAgICAgICAgICAgICAgR0lUSFVCX1RPS0VOOiAnJHt7IHNlY3JldHMuR0lUSFVCX1RPS0VOIH19JyxcbiAgICAgICAgICAgIH0sXG4gICAgICAgICAgfSxcbiAgICAgICAgICB7XG4gICAgICAgICAgICBuYW1lOiBgRGVsZXRlIGNoYW5nZXNldCBmb3IgJHtzdGFjay5zdGFja05hbWV9YCxcbiAgICAgICAgICAgIHJ1bjogYGF3cyBjbG91ZGZvcm1hdGlvbiBkZWxldGUtY2hhbmdlLXNldCAtLWNoYW5nZS1zZXQtbmFtZSAke3N0YWNrLnN0YWNrTmFtZX0gLS1zdGFjay1uYW1lICR7c3RhY2suc3RhY2tOYW1lfSAtLXJlZ2lvbiAke3N0YWNrLmNoYW5nZXNldFJvbGVUb0Fzc3VtZVJlZ2lvbn1gLFxuICAgICAgICAgIH0sXG4gICAgICAgIF0sXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG59XG4iXX0=