npm - @liflig/cdk - Versions diffs - 3.12.1 → 3.13.0 - Mend

@liflig/cdk 3.12.1 → 3.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/assets/open-telemetry/otel-collector-task-metrics-config.yaml +310 -0
package/lib/ecs/index.d.ts +2 -0
package/lib/ecs/index.js +2 -1
package/lib/ecs/open-telemetry.d.ts +98 -0
package/lib/ecs/open-telemetry.js +211 -0
package/package.json +4 -4

package/assets/open-telemetry/otel-collector-task-metrics-config.yaml ADDED Viewed

@@ -0,0 +1,310 @@
+## Validate using https://www.otelbin.io/#distro=adot%7E&distroVersion=v0.43.1%7E .
+##
+## Original copyright is Apache 2.0 to AWS (aws-observability on GitHub).
+## https://github.com/aws-observability/aws-otel-collector/blob/14833d4af543da709c77cf9dc6827351dbd529b1/config/ecs/container-insights/otel-task-metrics-config.yaml
+##
+## This is a modified version of `./etc/ecs/container-insights/otel-task-metrics-config.yaml`
+## where we add `resource_to_telemetry_conversion` so the otel resource `service.name`
+## can be added to the metric. This is useful because you can filter in metrics based on service,
+## instead of grouping e.g. all services' memory usage under the same metric.
+##
+## Search for `# THIS IS WHAT LIFLIG ADDED` to find our modifications.
+##
+##
+## @see https://aws-otel.github.io/docs/setup/ecs/config-through-ssm
+extensions:
+  health_check:
+## These ports are also set in `taskDefinition.defaultContainer` as
+## `OTEL_EXPORTER_OTLP_ENDPOINT` and so on.
+## Changes must happen in both places.
+receivers:
+  otlp:
+    protocols:
+      grpc:
+        endpoint: 0.0.0.0:4317
+      http:
+        endpoint: 0.0.0.0:4318
+  awsxray:
+    endpoint: 0.0.0.0:2000
+    transport: udp
+  awsecscontainermetrics:
+processors:
+  batch/traces:
+    timeout: 1s
+    send_batch_size: 50
+  batch/metrics:
+    timeout: 60s
+  filter:
+    metrics:
+      include:
+        match_type: strict
+        metric_names:
+          - ecs.task.memory.reserved
+          - ecs.task.memory.utilized
+          - ecs.task.cpu.reserved
+          - ecs.task.cpu.utilized
+          - ecs.task.network.rate.rx
+          - ecs.task.network.rate.tx
+          - ecs.task.storage.read_bytes
+          - ecs.task.storage.write_bytes
+          - container.duration
+  metricstransform:
+    transforms:
+      - include: ecs.task.memory.utilized
+        action: update
+        new_name: MemoryUtilized
+      - include: ecs.task.memory.reserved
+        action: update
+        new_name: MemoryReserved
+      - include: ecs.task.cpu.utilized
+        action: update
+        new_name: CpuUtilized
+      - include: ecs.task.cpu.reserved
+        action: update
+        new_name: CpuReserved
+      - include: ecs.task.network.rate.rx
+        action: update
+        new_name: NetworkRxBytes
+      - include: ecs.task.network.rate.tx
+        action: update
+        new_name: NetworkTxBytes
+      - include: ecs.task.storage.read_bytes
+        action: update
+        new_name: StorageReadBytes
+      - include: ecs.task.storage.write_bytes
+        action: update
+        new_name: StorageWriteBytes
+  ## THIS IS WHAT LIFLIG ADDED
+  filter/application:
+    error_mode: ignore
+    metrics:
+      metric:
+        - 'resource.attributes["http.target"] == "/health"'
+        - 'resource.attributes["net.peer.name"] == "169.254.170.2"' # EC2 Metadata Endpoint
+  filter/traces:
+    error_mode: ignore
+    traces:
+      span:
+        - 'attributes["http.route"] == "health"'
+        - 'attributes["http.url"] == "/health"'
+        - 'name == "GET health"'
+  attributes/application:
+    actions:
+      # Http adds lots of high cardinality, which xray creates 1 metric per. Expensive.
+      - key: http.url
+        action: delete
+      - key: http.target
+        action: delete
+      - key: http.client_ip
+        action: delete
+      - key: http.response_content_length
+        action: delete
+      - key: http.request_content_length
+        action: delete
+      - key: net.host.name
+        action: delete
+      - key: net.sock.peer.addr
+        action: delete
+      - key: net.sock.peer.port
+        action: delete
+      - key: net.sock.host.addr
+        action: delete
+      - key: net.sock.host.port
+        action: delete
+      - key: user_agent.original
+        action: delete
+  resource/application:
+    attributes:
+      - key: cloud.provider
+        action: delete
+      - key: host.arch
+        action: delete
+      - key: aws.ecs.container.image.id
+        action: delete
+      - key: aws.ecs.task.arn
+        action: delete
+      - key: aws.log.stream.names
+        action: delete
+      - key: aws.log.stream.arns
+        action: delete
+      - key: cloud.platform
+        action: delete
+      - key: container.name
+        action: delete
+      - key: process.executable.path
+        action: delete
+      - key: process.runtime.version
+        action: delete
+      - key: telemetry.auto.version
+        action: delete
+      - key: telemetry.sdk.name
+        action: delete
+      - key: container.id
+        action: delete
+      - key: container.image.tag
+        action: delete
+      - key: process.runtime.name
+        action: delete
+      - key: service.namespace
+        action: delete
+      - key: telemetry.sdk.version
+        action: delete
+      - key: aws.ecs.task.family
+        action: delete
+      - key: aws.ecs.task.revision
+        action: delete
+      - key: aws.log.group.arns
+        action: delete
+      - key: container.image.name
+        action: delete
+      - key: os.description
+        action: delete
+      - key: os.type
+        action: delete
+      - key: process.runtime.description
+        action: delete
+      - key: version
+        action: delete
+      - key: aws.ecs.launchtype
+        action: delete
+      - key: aws.log.group.names
+        action: delete
+      - key: host.name
+        action: delete
+      - key: process.pid
+        action: delete
+      - key: telemetry.sdk.language
+        action: delete
+      - key: aws.ecs.container.arn
+        action: delete
+      - key: service.version
+        action: delete
+      - key: process.command_args
+        action: delete
+      - key: service
+        action: delete
+  ## END OF LIFLIG CHANGES
+  resource:
+    attributes:
+      - key: ClusterName
+        from_attribute: aws.ecs.cluster.name
+        action: insert
+      - key: aws.ecs.cluster.name
+        action: delete
+      - key: ServiceName
+        from_attribute: aws.ecs.service.name
+        action: insert
+      - key: aws.ecs.service.name
+        action: delete
+      ## THIS IS WHAT LIFLIG ADDED (bunch of sporadic removals)
+      - key: aws.ecs.task.id
+        action: delete
+      - key: TaskDefinitionFamily
+        from_attribute: aws.ecs.task.family
+        action: insert
+      - key: aws.ecs.task.family
+        action: delete
+      - key: aws.ecs.task.arn
+        action: delete
+      - key: aws.ecs.docker.name
+        action: delete
+      - key: aws.ecs.task.version
+        action: delete
+      - key: aws.ecs.task.pull_started_at
+        action: delete
+      - key: aws.ecs.task.pull_stopped_at
+        action: delete
+      - key: AvailabilityZone
+        from_attribute: cloud.zone
+        action: insert
+      - key: cloud.zone
+        action: delete
+      - key: aws.ecs.task.launch_type
+        action: delete
+      - key: Region
+        from_attribute: cloud.region
+        action: insert
+      - key: cloud.region
+        action: delete
+      - key: AccountId
+        from_attribute: cloud.account.id
+        action: insert
+      - key: cloud.account.id
+        action: delete
+      - key: container.id
+        action: delete
+      - key: container.name
+        action: delete
+      - key: container.image.name
+        action: delete
+      - key: aws.ecs.container.image.id
+        action: delete
+      - key: aws.ecs.container.exit_code
+        action: delete
+      - key: aws.ecs.container.created_at
+        action: delete
+      - key: aws.ecs.container.started_at
+        action: delete
+      - key: aws.ecs.container.finished_at
+        action: delete
+      - key: container.image.tag
+        action: delete
+      ## END OF LIFLIG CHANGES
+exporters:
+  awsxray:
+    ## THIS IS WHAT LIFLIG ADDED
+    indexed_attributes: ["otel.resource.service.name"] # Max 50 attributes
+    ## END OF LIFLIG CHANGES
+  awsemf/application:
+    namespace: ECS/AWSOTel/Application
+    log_group_name: '/aws/ecs/application/metrics'
+    ## THIS IS WHAT LIFLIG ADDED
+    ## Config docs at https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/exporter/awsemfexporter/README.md
+    ## log retention is days to keep the emf metric logs.
+    log_retention: 365
+    resource_to_telemetry_conversion:
+      enabled: true
+    dimension_rollup_option: NoDimensionRollup
+    ## No rollup means we keep all the dimensions on the metric, instead of merging similar metrics to one in CloudWatch
+    ## END OF LIFLIG CHANGES
+  awsemf/performance:
+    namespace: ECS/ContainerInsights
+    log_group_name: '/aws/ecs/containerinsights/{ClusterName}/performance'
+    log_stream_name: '{TaskId}'
+    resource_to_telemetry_conversion:
+      enabled: true
+    dimension_rollup_option: NoDimensionRollup
+    metric_declarations:
+      - dimensions: [ [ ClusterName ], [ ClusterName, TaskDefinitionFamily ] ]
+        metric_name_selectors:
+          - MemoryUtilized
+          - MemoryReserved
+          - CpuUtilized
+          - CpuReserved
+          - NetworkRxBytes
+          - NetworkTxBytes
+          - StorageReadBytes
+          - StorageWriteBytes
+      - metric_name_selectors: [container.*]
+service:
+  pipelines:
+    traces:
+      receivers: [otlp,awsxray]
+      ## THIS IS WHAT LIFLIG ADDED
+      processors: [filter/traces, batch/traces]
+      exporters: [awsxray]
+    metrics/application:
+      receivers: [otlp]
+      processors: [filter/application, resource/application, attributes/application, batch/metrics]
+      exporters: [awsemf/application]
+      ## END OF LIFLIG CHANGES
+    metrics/performance:
+      receivers: [awsecscontainermetrics ]
+      processors: [filter, metricstransform, resource]
+      exporters: [ awsemf/performance ]
+  extensions: [health_check]

package/lib/ecs/index.d.ts CHANGED Viewed

@@ -1,6 +1,8 @@
 export { Cluster } from "./cluster";
 export { FargateService } from "./fargate-service";
 export { ListenerRule } from "./listener-rule";
+export { OpenTelemetryCollectors } from "./open-telemetry";
 export type { ClusterProps } from "./cluster";
 export type { FargateServiceProps } from "./fargate-service";
 export type { ListenerRuleProps } from "./listener-rule";
+export type { OpenTelemetryCollectorsProps } from "./open-telemetry";

package/lib/ecs/index.js CHANGED Viewed

@@ -1,4 +1,5 @@
 export { Cluster } from "./cluster";
 export { FargateService } from "./fargate-service";
 export { ListenerRule } from "./listener-rule";
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZWNzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxXQUFXLENBQUE7QUFDbkMsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLG1CQUFtQixDQUFBO0FBQ2xELE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQSIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCB7IENsdXN0ZXIgfSBmcm9tIFwiLi9jbHVzdGVyXCJcbmV4cG9ydCB7IEZhcmdhdGVTZXJ2aWNlIH0gZnJvbSBcIi4vZmFyZ2F0ZS1zZXJ2aWNlXCJcbmV4cG9ydCB7IExpc3RlbmVyUnVsZSB9IGZyb20gXCIuL2xpc3RlbmVyLXJ1bGVcIlxuZXhwb3J0IHR5cGUgeyBDbHVzdGVyUHJvcHMgfSBmcm9tIFwiLi9jbHVzdGVyXCJcbmV4cG9ydCB0eXBlIHsgRmFyZ2F0ZVNlcnZpY2VQcm9wcyB9IGZyb20gXCIuL2ZhcmdhdGUtc2VydmljZVwiXG5leHBvcnQgdHlwZSB7IExpc3RlbmVyUnVsZVByb3BzIH0gZnJvbSBcIi4vbGlzdGVuZXItcnVsZVwiXG4iXX0=
+export { OpenTelemetryCollectors } from "./open-telemetry";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZWNzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxXQUFXLENBQUE7QUFDbkMsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLG1CQUFtQixDQUFBO0FBQ2xELE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQTtBQUM5QyxPQUFPLEVBQUUsdUJBQXVCLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQSIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCB7IENsdXN0ZXIgfSBmcm9tIFwiLi9jbHVzdGVyXCJcbmV4cG9ydCB7IEZhcmdhdGVTZXJ2aWNlIH0gZnJvbSBcIi4vZmFyZ2F0ZS1zZXJ2aWNlXCJcbmV4cG9ydCB7IExpc3RlbmVyUnVsZSB9IGZyb20gXCIuL2xpc3RlbmVyLXJ1bGVcIlxuZXhwb3J0IHsgT3BlblRlbGVtZXRyeUNvbGxlY3RvcnMgfSBmcm9tIFwiLi9vcGVuLXRlbGVtZXRyeVwiXG5leHBvcnQgdHlwZSB7IENsdXN0ZXJQcm9wcyB9IGZyb20gXCIuL2NsdXN0ZXJcIlxuZXhwb3J0IHR5cGUgeyBGYXJnYXRlU2VydmljZVByb3BzIH0gZnJvbSBcIi4vZmFyZ2F0ZS1zZXJ2aWNlXCJcbmV4cG9ydCB0eXBlIHsgTGlzdGVuZXJSdWxlUHJvcHMgfSBmcm9tIFwiLi9saXN0ZW5lci1ydWxlXCJcbmV4cG9ydCB0eXBlIHsgT3BlblRlbGVtZXRyeUNvbGxlY3RvcnNQcm9wcyB9IGZyb20gXCIuL29wZW4tdGVsZW1ldHJ5XCJcbiJdfQ==

package/lib/ecs/open-telemetry.d.ts ADDED Viewed

@@ -0,0 +1,98 @@
+import * as constructs from "constructs";
+import * as ecs from "aws-cdk-lib/aws-ecs";
+import { RetentionDays } from "aws-cdk-lib/aws-logs";
+import { FargateService } from "./fargate-service";
+export interface OpenTelemetryCollectorsProps {
+    service: FargateService;
+    /** @default 6 months **/
+    logRetention?: RetentionDays;
+    /** @default "amazon/aws-otel-collector:v0.43.1" */
+    dockerImage?: string;
+    /** Should be kept as `undefined` unless you know what you are doing.
+     * This is the YAML config for the OpenTelemetry collector sidecar.
+     *
+     * An example of a config can be found at https://github.com/aws-observability/aws-otel-collector/blob/0ae198c7e7b8c43bcc8715f54e52c879c04407b6/config/ecs/container-insights/otel-task-metrics-config.yaml
+     *
+     * @default a file in `assets` tuned to work for aws and strips known high-cardinality metrics (like those containing IP addresses and ports)
+     */
+    awsOtelConfig?: string;
+    /** Overrides for the sidecar container.
+     * You do not need to specify this.
+     *
+     * Defaults:
+     * - cpu: 32 units
+     * - memory reservation: 24 MiB
+     * - memory limit: 256 MiB
+     */
+    containerProps?: SidecarContainerProps;
+}
+/**
+ * Methods to enable collection of Open Telemetry (otel) data of a {@link FargateService}
+ * using a docker container with an otel agent.
+ *
+ *
+ * An example of a Java auto-instrumentation agent in Docker can be found
+ * [in liflig-rest-baseline Dockerfile](https://github.com/capralifecycle/liflig-rest-service-baseline/blob/a29b5a472c982aa7ce04d09d0e7cfdc92a6cc977/docker/Dockerfile#L9-L29).
+ *
+ * The agent must be configured to output metrics to a collector.
+ * That collector is what this construct provides.
+ * Usually, the agent is specified in the Dockerfile or as a dependency/library,
+ * and configured in the Dockerfile or in the application source code.
+ *
+ * Use this construct on a {@link FargateService} by constructing a new instance of {@link OpenTelemetryCollectors}
+ * and calling the {@link addOpenTelemetryCollectorSidecar} method on it.
+ *
+ * ```ts
+ * const service = FargateService(...);
+ *
+ * new OpenTelemetryCollectors(this, "OtelSidecar").addOpenTelemetryCollectorSidecar(service)
+ * ```
+ *
+ * The sidecar exposes these ports to your service:
+ * - udp 2000 : AWS XRay
+ * - tcp 4317 : OpenTelemetry collection GRPC
+ * - tcp 4318 : OpenTelemetry collection HTTP
+ *
+ * ---
+ *
+ * You can also disable the OpenTelemetry instrumentation agent
+ * for Java-based services,
+ * by setting the appropriate environment variable with {@link disableOpenTelemetryJavaAgent}:
+ * ```ts
+ * const service = FargateService(...);
+ *
+ * OpenTelemetryCollectors.disableOpenTelemetryJavaAgent(service)
+ * ```
+ *
+ * @see OpenTelemetryCollectors.addOpenTelemetryCollectorSidecar
+ */
+export declare class OpenTelemetryCollectors extends constructs.Construct {
+    private readonly props;
+    constructor(scope: constructs.Construct, id: string, props: OpenTelemetryCollectorsProps);
+    /**
+     * The OpenTelemetry Java agent may run by default in the Docker image.
+     * This method will tell the agent to disable itself.
+     *
+     * You might want to do this to avoid overhead or error logs from failed
+     * connection attempts to the otel collector.
+     */
+    disableOpenTelemetryJavaAgent(): void;
+    /**
+     * The OpenTelemetry Java agent may run by default in the Docker image.
+     * This method will tell the agent to disable itself.
+     *
+     * You might want to do this to avoid overhead or error logs from failed
+     * connection attempts to the otel collector.
+     * @param service
+     */
+    static disableOpenTelemetryJavaAgent(service: FargateService): void;
+    /**
+     * Adds a sidecar with an AWS Distro OpenTelemetry Collector.
+     * https://aws-otel.github.io/docs/setup/ecs
+     *
+     * You also need to add either the Java SDK for OTel or a Java agent,
+     * to capture telemetry and send to this collector.
+     */
+    addOpenTelemetryCollectorSidecar(): void;
+}
+export type SidecarContainerProps = Pick<ecs.ContainerDefinitionProps, "cpu" | "memoryReservationMiB" | "memoryLimitMiB">;

package/lib/ecs/open-telemetry.js ADDED Viewed

@@ -0,0 +1,211 @@
+import * as constructs from "constructs";
+import * as ecs from "aws-cdk-lib/aws-ecs";
+import * as iam from "aws-cdk-lib/aws-iam";
+import * as logs from "aws-cdk-lib/aws-logs";
+import { RetentionDays } from "aws-cdk-lib/aws-logs";
+import { RemovalPolicy } from "aws-cdk-lib";
+import { readFileSync } from "fs";
+import { fileURLToPath } from "url";
+import * as path from "path";
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+/**
+ * Methods to enable collection of Open Telemetry (otel) data of a {@link FargateService}
+ * using a docker container with an otel agent.
+ *
+ *
+ * An example of a Java auto-instrumentation agent in Docker can be found
+ * [in liflig-rest-baseline Dockerfile](https://github.com/capralifecycle/liflig-rest-service-baseline/blob/a29b5a472c982aa7ce04d09d0e7cfdc92a6cc977/docker/Dockerfile#L9-L29).
+ *
+ * The agent must be configured to output metrics to a collector.
+ * That collector is what this construct provides.
+ * Usually, the agent is specified in the Dockerfile or as a dependency/library,
+ * and configured in the Dockerfile or in the application source code.
+ *
+ * Use this construct on a {@link FargateService} by constructing a new instance of {@link OpenTelemetryCollectors}
+ * and calling the {@link addOpenTelemetryCollectorSidecar} method on it.
+ *
+ * ```ts
+ * const service = FargateService(...);
+ *
+ * new OpenTelemetryCollectors(this, "OtelSidecar").addOpenTelemetryCollectorSidecar(service)
+ * ```
+ *
+ * The sidecar exposes these ports to your service:
+ * - udp 2000 : AWS XRay
+ * - tcp 4317 : OpenTelemetry collection GRPC
+ * - tcp 4318 : OpenTelemetry collection HTTP
+ *
+ * ---
+ *
+ * You can also disable the OpenTelemetry instrumentation agent
+ * for Java-based services,
+ * by setting the appropriate environment variable with {@link disableOpenTelemetryJavaAgent}:
+ * ```ts
+ * const service = FargateService(...);
+ *
+ * OpenTelemetryCollectors.disableOpenTelemetryJavaAgent(service)
+ * ```
+ *
+ * @see OpenTelemetryCollectors.addOpenTelemetryCollectorSidecar
+ */
+export class OpenTelemetryCollectors extends constructs.Construct {
+    props;
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.props = props;
+    }
+    /**
+     * The OpenTelemetry Java agent may run by default in the Docker image.
+     * This method will tell the agent to disable itself.
+     *
+     * You might want to do this to avoid overhead or error logs from failed
+     * connection attempts to the otel collector.
+     */
+    disableOpenTelemetryJavaAgent() {
+        OpenTelemetryCollectors.disableOpenTelemetryJavaAgent(this.props.service);
+    }
+    /**
+     * The OpenTelemetry Java agent may run by default in the Docker image.
+     * This method will tell the agent to disable itself.
+     *
+     * You might want to do this to avoid overhead or error logs from failed
+     * connection attempts to the otel collector.
+     * @param service
+     */
+    static disableOpenTelemetryJavaAgent(service) {
+        service.taskDefinition.defaultContainer?.addEnvironment("OTEL_JAVAAGENT_ENABLED", "false");
+    }
+    /**
+     * Adds a sidecar with an AWS Distro OpenTelemetry Collector.
+     * https://aws-otel.github.io/docs/setup/ecs
+     *
+     * You also need to add either the Java SDK for OTel or a Java agent,
+     * to capture telemetry and send to this collector.
+     */
+    addOpenTelemetryCollectorSidecar() {
+        new OpenTelemetryPolicies(this, "OpenTelemetryPolicies", {
+            taskDefinition: this.props.service.taskDefinition,
+        });
+        this.props.service.taskDefinition.addExtension(new OpenTelemetryCollectorSidecar(this, this.props.logRetention, this.props.dockerImage, this.props.awsOtelConfig, this.props.containerProps));
+    }
+}
+/**
+ * Adds a sidecar with an AWS Distro OpenTelemetry Collector.
+ * https://aws-otel.github.io/docs/setup/ecs
+ *
+ * You also need to add either the Java SDK for OTel or a Java agent,
+ * to capture telemetry and send to this collector.
+ */
+class OpenTelemetryCollectorSidecar {
+    construct;
+    logRetention;
+    dockerImage;
+    awsOtelConfig;
+    containerProps;
+    constructor(construct, logRetention, dockerImage, awsOtelConfig, containerProps) {
+        this.construct = construct;
+        this.logRetention = logRetention;
+        this.dockerImage = dockerImage;
+        this.awsOtelConfig = awsOtelConfig;
+        this.containerProps = containerProps;
+    }
+    extend(taskDefinition) {
+        if (taskDefinition.networkMode !== ecs.NetworkMode.AWS_VPC) {
+            throw new Error("Task NetworkMode must be AWS_VPC: " + taskDefinition.networkMode);
+        }
+        const commands = {
+            metricsAndTraces: "--config=/etc/ecs/ecs-default-config.yaml",
+            metricsAndTracesAndContainerResources: "--config=/etc/ecs/container-insights/otel-task-metrics-config.yaml",
+        };
+        const logGroup = new logs.LogGroup(this.construct, "CollectorLogGroup", {
+            retention: this.logRetention ?? RetentionDays.SIX_MONTHS,
+            removalPolicy: RemovalPolicy.DESTROY,
+        });
+        const sidecarImage = this.dockerImage ?? "amazon/aws-otel-collector:v0.43.1";
+        const sidecar = taskDefinition.addContainer("aws-opentelemetry-collector", {
+            cpu: this.containerProps?.cpu ?? 32,
+            memoryReservationMiB: this.containerProps?.memoryReservationMiB ?? 24,
+            memoryLimitMiB: this.containerProps?.memoryLimitMiB ?? 256,
+            image: ecs.ContainerImage.fromRegistry(sidecarImage),
+            command: [commands.metricsAndTracesAndContainerResources], // This is not used when the AOT_CONFIG_CONTENT is set!
+            environment: {
+                // You can alternatively create an SSM parameter with the config, and pass it to the `secrets` option
+                AOT_CONFIG_CONTENT: this.awsOtelConfig ?? awsOtelCustomConfigYaml,
+            },
+            logging: ecs.LogDrivers.awsLogs({
+                logGroup: logGroup,
+                streamPrefix: "ecs",
+            }),
+        });
+        // A dependency should be added to all containers that export metrics.
+        // We are currently assuming that this is only the default container
+        taskDefinition.defaultContainer?.addContainerDependencies({
+            container: sidecar,
+            condition: ecs.ContainerDependencyCondition.START,
+        });
+        /*
+         * aws-otel-collector exposes these ports, and more:
+         * - udp 2000 : AWS XRay
+         * - tcp 4317 : OpenTelemetry collection GRPC
+         * - tcp 4318 : OpenTelemetry collection HTTP
+         *
+         * These are defined in the yaml config for the collector.
+         */
+        taskDefinition.defaultContainer?.addEnvironment("AWS_XRAY_DAEMON_ADDRESS", "http://localhost:2000");
+        taskDefinition.defaultContainer?.addEnvironment("OTEL_EXPORTER_OTLP_ENDPOINT", "http://localhost:4317");
+        taskDefinition.defaultContainer?.addEnvironment("OTEL_JAVAAGENT_ENABLED", "true");
+        if (!taskDefinition.isFargateCompatible) {
+            // This extension is made for the FargateService, so this is a requirement.
+            throw new Error("This task definition can not be ran on fargate! " +
+                taskDefinition.node.id);
+        }
+    }
+}
+/**
+ * Grants the sidecar permissions to create logs, metrics and XRay traces by extending the task roles.
+ */
+class OpenTelemetryPolicies extends constructs.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        const awsDistroOpenTelemetryPolicyStatement = new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            resources: ["*"],
+            actions: [
+                "logs:PutLogEvents",
+                "logs:CreateLogGroup",
+                "logs:CreateLogStream",
+                "logs:DescribeLogStreams",
+                "logs:DescribeLogGroups",
+                "logs:PutRetentionPolicy",
+                "xray:PutTraceSegments",
+                "xray:PutTelemetryRecords",
+                "xray:GetSamplingRules",
+                "xray:GetSamplingTargets",
+                "xray:GetSamplingStatisticSummaries",
+                "cloudwatch:PutMetricData",
+                "ec2:DescribeVolumes",
+                "ec2:DescribeTags",
+                "ssm:GetParameters",
+            ],
+        });
+        props.taskDefinition.addToTaskRolePolicy(awsDistroOpenTelemetryPolicyStatement);
+        props.taskDefinition.addToExecutionRolePolicy(awsDistroOpenTelemetryPolicyStatement);
+        props.taskDefinition.executionRole?.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName("CloudWatchLogsFullAccess"));
+        props.taskDefinition.executionRole?.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName("AmazonSSMReadOnlyAccess"));
+    }
+}
+/**
+ * This is a modified version of `./etc/ecs/container-insights/otel-task-metrics-config.yaml`
+ * where we add `resource_to_telemetry_conversion` so the otel resource `service.name`
+ * can be added to the metric. This is useful because you can filter in metrics based on service,
+ * instead of grouping e.g. all services' memory usage under the same metric.
+ *
+ * @see https://aws-otel.github.io/docs/setup/ecs/config-through-ssm
+ * @see https://aws-otel.github.io/docs/getting-started/cloudwatch-metrics#cloudwatch-emf-exporter-awsemf
+ */
+const awsOtelCustomConfigYaml = readFileSync(path.resolve(__dirname, "..", "..", "assets", "open-telemetry", "otel-collector-task-metrics-config.yaml"), "utf-8")
+    .split("\n")
+    .filter((line) => !/^\s*##/.test(line)) // Skip comments starting with ##
+    .join("\n");
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3Blbi10ZWxlbWV0cnkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZWNzL29wZW4tdGVsZW1ldHJ5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxVQUFVLE1BQU0sWUFBWSxDQUFBO0FBQ3hDLE9BQU8sS0FBSyxHQUFHLE1BQU0scUJBQXFCLENBQUE7QUFDMUMsT0FBTyxLQUFLLEdBQUcsTUFBTSxxQkFBcUIsQ0FBQTtBQUMxQyxPQUFPLEtBQUssSUFBSSxNQUFNLHNCQUFzQixDQUFBO0FBQzVDLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQTtBQUNwRCxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sYUFBYSxDQUFBO0FBRTNDLE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxJQUFJLENBQUE7QUFDakMsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLEtBQUssQ0FBQTtBQUNuQyxPQUFPLEtBQUssSUFBSSxNQUFNLE1BQU0sQ0FBQTtBQUU1QixNQUFNLFVBQVUsR0FBRyxhQUFhLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQTtBQUNqRCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxDQUFBO0FBK0IxQzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBdUNHO0FBQ0gsTUFBTSxPQUFPLHVCQUF3QixTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBSTVDO0lBSG5CLFlBQ0UsS0FBMkIsRUFDM0IsRUFBVSxFQUNPLEtBQW1DO1FBRXBELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFGQyxVQUFLLEdBQUwsS0FBSyxDQUE4QjtJQUd0RCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksNkJBQTZCO1FBQ2xDLHVCQUF1QixDQUFDLDZCQUE2QixDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUE7SUFDM0UsQ0FBQztJQUVEOzs7Ozs7O09BT0c7SUFDSSxNQUFNLENBQUMsNkJBQTZCLENBQUMsT0FBdUI7UUFDakUsT0FBTyxDQUFDLGNBQWMsQ0FBQyxnQkFBZ0IsRUFBRSxjQUFjLENBQ3JELHdCQUF3QixFQUN4QixPQUFPLENBQ1IsQ0FBQTtJQUNILENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxnQ0FBZ0M7UUFDckMsSUFBSSxxQkFBcUIsQ0FBQyxJQUFJLEVBQUUsdUJBQXVCLEVBQUU7WUFDdkQsY0FBYyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLGNBQWM7U0FDbEQsQ0FBQyxDQUFBO1FBRUYsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLFlBQVksQ0FDNUMsSUFBSSw2QkFBNkIsQ0FDL0IsSUFBSSxFQUNKLElBQUksQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUN2QixJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFDdEIsSUFBSSxDQUFDLEtBQUssQ0FBQyxhQUFhLEVBQ3hCLElBQUksQ0FBQyxLQUFLLENBQUMsY0FBYyxDQUMxQixDQUNGLENBQUE7SUFDSCxDQUFDO0NBQ0Y7QUFPRDs7Ozs7O0dBTUc7QUFDSCxNQUFNLDZCQUE2QjtJQUVkO0lBQ0E7SUFDQTtJQUNBO0lBQ0E7SUFMbkIsWUFDbUIsU0FBK0IsRUFDL0IsWUFBNEIsRUFDNUIsV0FBb0IsRUFDcEIsYUFBc0IsRUFDdEIsY0FBc0M7UUFKdEMsY0FBUyxHQUFULFNBQVMsQ0FBc0I7UUFDL0IsaUJBQVksR0FBWixZQUFZLENBQWdCO1FBQzVCLGdCQUFXLEdBQVgsV0FBVyxDQUFTO1FBQ3BCLGtCQUFhLEdBQWIsYUFBYSxDQUFTO1FBQ3RCLG1CQUFjLEdBQWQsY0FBYyxDQUF3QjtJQUN0RCxDQUFDO0lBRUosTUFBTSxDQUFDLGNBQWtDO1FBQ3ZDLElBQUksY0FBYyxDQUFDLFdBQVcsS0FBSyxHQUFHLENBQUMsV0FBVyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQzNELE1BQU0sSUFBSSxLQUFLLENBQ2Isb0NBQW9DLEdBQUcsY0FBYyxDQUFDLFdBQVcsQ0FDbEUsQ0FBQTtRQUNILENBQUM7UUFFRCxNQUFNLFFBQVEsR0FBRztZQUNmLGdCQUFnQixFQUFFLDJDQUEyQztZQUM3RCxxQ0FBcUMsRUFDbkMsb0VBQW9FO1NBQ3ZFLENBQUE7UUFFRCxNQUFNLFFBQVEsR0FBRyxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxtQkFBbUIsRUFBRTtZQUN0RSxTQUFTLEVBQUUsSUFBSSxDQUFDLFlBQVksSUFBSSxhQUFhLENBQUMsVUFBVTtZQUN4RCxhQUFhLEVBQUUsYUFBYSxDQUFDLE9BQU87U0FDckMsQ0FBQyxDQUFBO1FBRUYsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLFdBQVcsSUFBSSxtQ0FBbUMsQ0FBQTtRQUM1RSxNQUFNLE9BQU8sR0FBRyxjQUFjLENBQUMsWUFBWSxDQUFDLDZCQUE2QixFQUFFO1lBQ3pFLEdBQUcsRUFBRSxJQUFJLENBQUMsY0FBYyxFQUFFLEdBQUcsSUFBSSxFQUFFO1lBQ25DLG9CQUFvQixFQUFFLElBQUksQ0FBQyxjQUFjLEVBQUUsb0JBQW9CLElBQUksRUFBRTtZQUNyRSxjQUFjLEVBQUUsSUFBSSxDQUFDLGNBQWMsRUFBRSxjQUFjLElBQUksR0FBRztZQUMxRCxLQUFLLEVBQUUsR0FBRyxDQUFDLGNBQWMsQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDO1lBQ3BELE9BQU8sRUFBRSxDQUFDLFFBQVEsQ0FBQyxxQ0FBcUMsQ0FBQyxFQUFFLHVEQUF1RDtZQUNsSCxXQUFXLEVBQUU7Z0JBQ1gscUdBQXFHO2dCQUNyRyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsYUFBYSxJQUFJLHVCQUF1QjthQUNsRTtZQUNELE9BQU8sRUFBRSxHQUFHLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQztnQkFDOUIsUUFBUSxFQUFFLFFBQVE7Z0JBQ2xCLFlBQVksRUFBRSxLQUFLO2FBQ3BCLENBQUM7U0FDSCxDQUFDLENBQUE7UUFFRixzRUFBc0U7UUFDdEUsb0VBQW9FO1FBQ3BFLGNBQWMsQ0FBQyxnQkFBZ0IsRUFBRSx3QkFBd0IsQ0FBQztZQUN4RCxTQUFTLEVBQUUsT0FBTztZQUNsQixTQUFTLEVBQUUsR0FBRyxDQUFDLDRCQUE0QixDQUFDLEtBQUs7U0FDbEQsQ0FBQyxDQUFBO1FBRUY7Ozs7Ozs7V0FPRztRQUNILGNBQWMsQ0FBQyxnQkFBZ0IsRUFBRSxjQUFjLENBQzdDLHlCQUF5QixFQUN6Qix1QkFBdUIsQ0FDeEIsQ0FBQTtRQUNELGNBQWMsQ0FBQyxnQkFBZ0IsRUFBRSxjQUFjLENBQzdDLDZCQUE2QixFQUM3Qix1QkFBdUIsQ0FDeEIsQ0FBQTtRQUNELGNBQWMsQ0FBQyxnQkFBZ0IsRUFBRSxjQUFjLENBQzdDLHdCQUF3QixFQUN4QixNQUFNLENBQ1AsQ0FBQTtRQUVELElBQUksQ0FBQyxjQUFjLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztZQUN4QywyRUFBMkU7WUFDM0UsTUFBTSxJQUFJLEtBQUssQ0FDYixrREFBa0Q7Z0JBQ2hELGNBQWMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUN6QixDQUFBO1FBQ0gsQ0FBQztJQUNILENBQUM7Q0FDRjtBQU1EOztHQUVHO0FBQ0gsTUFBTSxxQkFBc0IsU0FBUSxVQUFVLENBQUMsU0FBUztJQUN0RCxZQUNFLEtBQTJCLEVBQzNCLEVBQVUsRUFDVixLQUFpQztRQUVqQyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBRWhCLE1BQU0scUNBQXFDLEdBQUcsSUFBSSxHQUFHLENBQUMsZUFBZSxDQUFDO1lBQ3BFLE1BQU0sRUFBRSxHQUFHLENBQUMsTUFBTSxDQUFDLEtBQUs7WUFDeEIsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO1lBQ2hCLE9BQU8sRUFBRTtnQkFDUCxtQkFBbUI7Z0JBQ25CLHFCQUFxQjtnQkFDckIsc0JBQXNCO2dCQUN0Qix5QkFBeUI7Z0JBQ3pCLHdCQUF3QjtnQkFDeEIseUJBQXlCO2dCQUN6Qix1QkFBdUI7Z0JBQ3ZCLDBCQUEwQjtnQkFDMUIsdUJBQXVCO2dCQUN2Qix5QkFBeUI7Z0JBQ3pCLG9DQUFvQztnQkFDcEMsMEJBQTBCO2dCQUMxQixxQkFBcUI7Z0JBQ3JCLGtCQUFrQjtnQkFDbEIsbUJBQW1CO2FBQ3BCO1NBQ0YsQ0FBQyxDQUFBO1FBRUYsS0FBSyxDQUFDLGNBQWMsQ0FBQyxtQkFBbUIsQ0FDdEMscUNBQXFDLENBQ3RDLENBQUE7UUFFRCxLQUFLLENBQUMsY0FBYyxDQUFDLHdCQUF3QixDQUMzQyxxQ0FBcUMsQ0FDdEMsQ0FBQTtRQUNELEtBQUssQ0FBQyxjQUFjLENBQUMsYUFBYSxFQUFFLGdCQUFnQixDQUNsRCxHQUFHLENBQUMsYUFBYSxDQUFDLHdCQUF3QixDQUFDLDBCQUEwQixDQUFDLENBQ3ZFLENBQUE7UUFDRCxLQUFLLENBQUMsY0FBYyxDQUFDLGFBQWEsRUFBRSxnQkFBZ0IsQ0FDbEQsR0FBRyxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQyx5QkFBeUIsQ0FBQyxDQUN0RSxDQUFBO0lBQ0gsQ0FBQztDQUNGO0FBRUQ7Ozs7Ozs7O0dBUUc7QUFDSCxNQUFNLHVCQUF1QixHQUFHLFlBQVksQ0FDMUMsSUFBSSxDQUFDLE9BQU8sQ0FDVixTQUFTLEVBQ1QsSUFBSSxFQUNKLElBQUksRUFDSixRQUFRLEVBQ1IsZ0JBQWdCLEVBQ2hCLHlDQUF5QyxDQUMxQyxFQUNELE9BQU8sQ0FDUjtLQUNFLEtBQUssQ0FBQyxJQUFJLENBQUM7S0FDWCxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLGlDQUFpQztLQUN4RSxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUEiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gXCJjb25zdHJ1Y3RzXCJcbmltcG9ydCAqIGFzIGVjcyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjc1wiXG5pbXBvcnQgKiBhcyBpYW0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIlxuaW1wb3J0ICogYXMgbG9ncyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxvZ3NcIlxuaW1wb3J0IHsgUmV0ZW50aW9uRGF5cyB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtbG9nc1wiXG5pbXBvcnQgeyBSZW1vdmFsUG9saWN5IH0gZnJvbSBcImF3cy1jZGstbGliXCJcbmltcG9ydCB7IEZhcmdhdGVTZXJ2aWNlIH0gZnJvbSBcIi4vZmFyZ2F0ZS1zZXJ2aWNlXCJcbmltcG9ydCB7IHJlYWRGaWxlU3luYyB9IGZyb20gXCJmc1wiXG5pbXBvcnQgeyBmaWxlVVJMVG9QYXRoIH0gZnJvbSBcInVybFwiXG5pbXBvcnQgKiBhcyBwYXRoIGZyb20gXCJwYXRoXCJcblxuY29uc3QgX19maWxlbmFtZSA9IGZpbGVVUkxUb1BhdGgoaW1wb3J0Lm1ldGEudXJsKVxuY29uc3QgX19kaXJuYW1lID0gcGF0aC5kaXJuYW1lKF9fZmlsZW5hbWUpXG5cbmV4cG9ydCBpbnRlcmZhY2UgT3BlblRlbGVtZXRyeUNvbGxlY3RvcnNQcm9wcyB7XG4gIHNlcnZpY2U6IEZhcmdhdGVTZXJ2aWNlXG5cbiAgLyoqIEBkZWZhdWx0IDYgbW9udGhzICoqL1xuICBsb2dSZXRlbnRpb24/OiBSZXRlbnRpb25EYXlzXG5cbiAgLyoqIEBkZWZhdWx0IFwiYW1hem9uL2F3cy1vdGVsLWNvbGxlY3Rvcjp2MC40My4xXCIgKi9cbiAgZG9ja2VySW1hZ2U/OiBzdHJpbmdcblxuICAvKiogU2hvdWxkIGJlIGtlcHQgYXMgYHVuZGVmaW5lZGAgdW5sZXNzIHlvdSBrbm93IHdoYXQgeW91IGFyZSBkb2luZy5cbiAgICogVGhpcyBpcyB0aGUgWUFNTCBjb25maWcgZm9yIHRoZSBPcGVuVGVsZW1ldHJ5IGNvbGxlY3RvciBzaWRlY2FyLlxuICAgKlxuICAgKiBBbiBleGFtcGxlIG9mIGEgY29uZmlnIGNhbiBiZSBmb3VuZCBhdCBodHRwczovL2dpdGh1Yi5jb20vYXdzLW9ic2VydmFiaWxpdHkvYXdzLW90ZWwtY29sbGVjdG9yL2Jsb2IvMGFlMTk4YzdlN2I4YzQzYmNjODcxNWY1NGU1MmM4NzljMDQ0MDdiNi9jb25maWcvZWNzL2NvbnRhaW5lci1pbnNpZ2h0cy9vdGVsLXRhc2stbWV0cmljcy1jb25maWcueWFtbFxuICAgKlxuICAgKiBAZGVmYXVsdCBhIGZpbGUgaW4gYGFzc2V0c2AgdHVuZWQgdG8gd29yayBmb3IgYXdzIGFuZCBzdHJpcHMga25vd24gaGlnaC1jYXJkaW5hbGl0eSBtZXRyaWNzIChsaWtlIHRob3NlIGNvbnRhaW5pbmcgSVAgYWRkcmVzc2VzIGFuZCBwb3J0cylcbiAgICovXG4gIGF3c090ZWxDb25maWc/OiBzdHJpbmdcblxuICAvKiogT3ZlcnJpZGVzIGZvciB0aGUgc2lkZWNhciBjb250YWluZXIuXG4gICAqIFlvdSBkbyBub3QgbmVlZCB0byBzcGVjaWZ5IHRoaXMuXG4gICAqXG4gICAqIERlZmF1bHRzOlxuICAgKiAtIGNwdTogMzIgdW5pdHNcbiAgICogLSBtZW1vcnkgcmVzZXJ2YXRpb246IDI0IE1pQlxuICAgKiAtIG1lbW9yeSBsaW1pdDogMjU2IE1pQlxuICAgKi9cbiAgY29udGFpbmVyUHJvcHM/OiBTaWRlY2FyQ29udGFpbmVyUHJvcHNcbn1cblxuLyoqXG4gKiBNZXRob2RzIHRvIGVuYWJsZSBjb2xsZWN0aW9uIG9mIE9wZW4gVGVsZW1ldHJ5IChvdGVsKSBkYXRhIG9mIGEge0BsaW5rIEZhcmdhdGVTZXJ2aWNlfVxuICogdXNpbmcgYSBkb2NrZXIgY29udGFpbmVyIHdpdGggYW4gb3RlbCBhZ2VudC5cbiAqXG4gKlxuICogQW4gZXhhbXBsZSBvZiBhIEphdmEgYXV0by1pbnN0cnVtZW50YXRpb24gYWdlbnQgaW4gRG9ja2VyIGNhbiBiZSBmb3VuZFxuICogW2luIGxpZmxpZy1yZXN0LWJhc2VsaW5lIERvY2tlcmZpbGVdKGh0dHBzOi8vZ2l0aHViLmNvbS9jYXByYWxpZmVjeWNsZS9saWZsaWctcmVzdC1zZXJ2aWNlLWJhc2VsaW5lL2Jsb2IvYTI5YjVhNDcyYzk4MmFhN2NlMDRkMDlkMGU3Y2ZkYzkyYTZjYzk3Ny9kb2NrZXIvRG9ja2VyZmlsZSNMOS1MMjkpLlxuICpcbiAqIFRoZSBhZ2VudCBtdXN0IGJlIGNvbmZpZ3VyZWQgdG8gb3V0cHV0IG1ldHJpY3MgdG8gYSBjb2xsZWN0b3IuXG4gKiBUaGF0IGNvbGxlY3RvciBpcyB3aGF0IHRoaXMgY29uc3RydWN0IHByb3ZpZGVzLlxuICogVXN1YWxseSwgdGhlIGFnZW50IGlzIHNwZWNpZmllZCBpbiB0aGUgRG9ja2VyZmlsZSBvciBhcyBhIGRlcGVuZGVuY3kvbGlicmFyeSxcbiAqIGFuZCBjb25maWd1cmVkIGluIHRoZSBEb2NrZXJmaWxlIG9yIGluIHRoZSBhcHBsaWNhdGlvbiBzb3VyY2UgY29kZS5cbiAqXG4gKiBVc2UgdGhpcyBjb25zdHJ1Y3Qgb24gYSB7QGxpbmsgRmFyZ2F0ZVNlcnZpY2V9IGJ5IGNvbnN0cnVjdGluZyBhIG5ldyBpbnN0YW5jZSBvZiB7QGxpbmsgT3BlblRlbGVtZXRyeUNvbGxlY3RvcnN9XG4gKiBhbmQgY2FsbGluZyB0aGUge0BsaW5rIGFkZE9wZW5UZWxlbWV0cnlDb2xsZWN0b3JTaWRlY2FyfSBtZXRob2Qgb24gaXQuXG4gKlxuICogYGBgdHNcbiAqIGNvbnN0IHNlcnZpY2UgPSBGYXJnYXRlU2VydmljZSguLi4pO1xuICpcbiAqIG5ldyBPcGVuVGVsZW1ldHJ5Q29sbGVjdG9ycyh0aGlzLCBcIk90ZWxTaWRlY2FyXCIpLmFkZE9wZW5UZWxlbWV0cnlDb2xsZWN0b3JTaWRlY2FyKHNlcnZpY2UpXG4gKiBgYGBcbiAqXG4gKiBUaGUgc2lkZWNhciBleHBvc2VzIHRoZXNlIHBvcnRzIHRvIHlvdXIgc2VydmljZTpcbiAqIC0gdWRwIDIwMDAgOiBBV1MgWFJheVxuICogLSB0Y3AgNDMxNyA6IE9wZW5UZWxlbWV0cnkgY29sbGVjdGlvbiBHUlBDXG4gKiAtIHRjcCA0MzE4IDogT3BlblRlbGVtZXRyeSBjb2xsZWN0aW9uIEhUVFBcbiAqXG4gKiAtLS1cbiAqXG4gKiBZb3UgY2FuIGFsc28gZGlzYWJsZSB0aGUgT3BlblRlbGVtZXRyeSBpbnN0cnVtZW50YXRpb24gYWdlbnRcbiAqIGZvciBKYXZhLWJhc2VkIHNlcnZpY2VzLFxuICogYnkgc2V0dGluZyB0aGUgYXBwcm9wcmlhdGUgZW52aXJvbm1lbnQgdmFyaWFibGUgd2l0aCB7QGxpbmsgZGlzYWJsZU9wZW5UZWxlbWV0cnlKYXZhQWdlbnR9OlxuICogYGBgdHNcbiAqIGNvbnN0IHNlcnZpY2UgPSBGYXJnYXRlU2VydmljZSguLi4pO1xuICpcbiAqIE9wZW5UZWxlbWV0cnlDb2xsZWN0b3JzLmRpc2FibGVPcGVuVGVsZW1ldHJ5SmF2YUFnZW50KHNlcnZpY2UpXG4gKiBgYGBcbiAqXG4gKiBAc2VlIE9wZW5UZWxlbWV0cnlDb2xsZWN0b3JzLmFkZE9wZW5UZWxlbWV0cnlDb2xsZWN0b3JTaWRlY2FyXG4gKi9cbmV4cG9ydCBjbGFzcyBPcGVuVGVsZW1ldHJ5Q29sbGVjdG9ycyBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IGNvbnN0cnVjdHMuQ29uc3RydWN0LFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJpdmF0ZSByZWFkb25seSBwcm9wczogT3BlblRlbGVtZXRyeUNvbGxlY3RvcnNQcm9wcyxcbiAgKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKVxuICB9XG5cbiAgLyoqXG4gICAqIFRoZSBPcGVuVGVsZW1ldHJ5IEphdmEgYWdlbnQgbWF5IHJ1biBieSBkZWZhdWx0IGluIHRoZSBEb2NrZXIgaW1hZ2UuXG4gICAqIFRoaXMgbWV0aG9kIHdpbGwgdGVsbCB0aGUgYWdlbnQgdG8gZGlzYWJsZSBpdHNlbGYuXG4gICAqXG4gICAqIFlvdSBtaWdodCB3YW50IHRvIGRvIHRoaXMgdG8gYXZvaWQgb3ZlcmhlYWQgb3IgZXJyb3IgbG9ncyBmcm9tIGZhaWxlZFxuICAgKiBjb25uZWN0aW9uIGF0dGVtcHRzIHRvIHRoZSBvdGVsIGNvbGxlY3Rvci5cbiAgICovXG4gIHB1YmxpYyBkaXNhYmxlT3BlblRlbGVtZXRyeUphdmFBZ2VudCgpIHtcbiAgICBPcGVuVGVsZW1ldHJ5Q29sbGVjdG9ycy5kaXNhYmxlT3BlblRlbGVtZXRyeUphdmFBZ2VudCh0aGlzLnByb3BzLnNlcnZpY2UpXG4gIH1cblxuICAvKipcbiAgICogVGhlIE9wZW5UZWxlbWV0cnkgSmF2YSBhZ2VudCBtYXkgcnVuIGJ5IGRlZmF1bHQgaW4gdGhlIERvY2tlciBpbWFnZS5cbiAgICogVGhpcyBtZXRob2Qgd2lsbCB0ZWxsIHRoZSBhZ2VudCB0byBkaXNhYmxlIGl0c2VsZi5cbiAgICpcbiAgICogWW91IG1pZ2h0IHdhbnQgdG8gZG8gdGhpcyB0byBhdm9pZCBvdmVyaGVhZCBvciBlcnJvciBsb2dzIGZyb20gZmFpbGVkXG4gICAqIGNvbm5lY3Rpb24gYXR0ZW1wdHMgdG8gdGhlIG90ZWwgY29sbGVjdG9yLlxuICAgKiBAcGFyYW0gc2VydmljZVxuICAgKi9cbiAgcHVibGljIHN0YXRpYyBkaXNhYmxlT3BlblRlbGVtZXRyeUphdmFBZ2VudChzZXJ2aWNlOiBGYXJnYXRlU2VydmljZSkge1xuICAgIHNlcnZpY2UudGFza0RlZmluaXRpb24uZGVmYXVsdENvbnRhaW5lcj8uYWRkRW52aXJvbm1lbnQoXG4gICAgICBcIk9URUxfSkFWQUFHRU5UX0VOQUJMRURcIixcbiAgICAgIFwiZmFsc2VcIixcbiAgICApXG4gIH1cblxuICAvKipcbiAgICogQWRkcyBhIHNpZGVjYXIgd2l0aCBhbiBBV1MgRGlzdHJvIE9wZW5UZWxlbWV0cnkgQ29sbGVjdG9yLlxuICAgKiBodHRwczovL2F3cy1vdGVsLmdpdGh1Yi5pby9kb2NzL3NldHVwL2Vjc1xuICAgKlxuICAgKiBZb3UgYWxzbyBuZWVkIHRvIGFkZCBlaXRoZXIgdGhlIEphdmEgU0RLIGZvciBPVGVsIG9yIGEgSmF2YSBhZ2VudCxcbiAgICogdG8gY2FwdHVyZSB0ZWxlbWV0cnkgYW5kIHNlbmQgdG8gdGhpcyBjb2xsZWN0b3IuXG4gICAqL1xuICBwdWJsaWMgYWRkT3BlblRlbGVtZXRyeUNvbGxlY3RvclNpZGVjYXIoKSB7XG4gICAgbmV3IE9wZW5UZWxlbWV0cnlQb2xpY2llcyh0aGlzLCBcIk9wZW5UZWxlbWV0cnlQb2xpY2llc1wiLCB7XG4gICAgICB0YXNrRGVmaW5pdGlvbjogdGhpcy5wcm9wcy5zZXJ2aWNlLnRhc2tEZWZpbml0aW9uLFxuICAgIH0pXG5cbiAgICB0aGlzLnByb3BzLnNlcnZpY2UudGFza0RlZmluaXRpb24uYWRkRXh0ZW5zaW9uKFxuICAgICAgbmV3IE9wZW5UZWxlbWV0cnlDb2xsZWN0b3JTaWRlY2FyKFxuICAgICAgICB0aGlzLFxuICAgICAgICB0aGlzLnByb3BzLmxvZ1JldGVudGlvbixcbiAgICAgICAgdGhpcy5wcm9wcy5kb2NrZXJJbWFnZSxcbiAgICAgICAgdGhpcy5wcm9wcy5hd3NPdGVsQ29uZmlnLFxuICAgICAgICB0aGlzLnByb3BzLmNvbnRhaW5lclByb3BzLFxuICAgICAgKSxcbiAgICApXG4gIH1cbn1cblxuZXhwb3J0IHR5cGUgU2lkZWNhckNvbnRhaW5lclByb3BzID0gUGljazxcbiAgZWNzLkNvbnRhaW5lckRlZmluaXRpb25Qcm9wcyxcbiAgXCJjcHVcIiB8IFwibWVtb3J5UmVzZXJ2YXRpb25NaUJcIiB8IFwibWVtb3J5TGltaXRNaUJcIlxuPlxuXG4vKipcbiAqIEFkZHMgYSBzaWRlY2FyIHdpdGggYW4gQVdTIERpc3RybyBPcGVuVGVsZW1ldHJ5IENvbGxlY3Rvci5cbiAqIGh0dHBzOi8vYXdzLW90ZWwuZ2l0aHViLmlvL2RvY3Mvc2V0dXAvZWNzXG4gKlxuICogWW91IGFsc28gbmVlZCB0byBhZGQgZWl0aGVyIHRoZSBKYXZhIFNESyBmb3IgT1RlbCBvciBhIEphdmEgYWdlbnQsXG4gKiB0byBjYXB0dXJlIHRlbGVtZXRyeSBhbmQgc2VuZCB0byB0aGlzIGNvbGxlY3Rvci5cbiAqL1xuY2xhc3MgT3BlblRlbGVtZXRyeUNvbGxlY3RvclNpZGVjYXIgaW1wbGVtZW50cyBlY3MuSVRhc2tEZWZpbml0aW9uRXh0ZW5zaW9uIHtcbiAgY29uc3RydWN0b3IoXG4gICAgcHJpdmF0ZSByZWFkb25seSBjb25zdHJ1Y3Q6IGNvbnN0cnVjdHMuQ29uc3RydWN0LFxuICAgIHByaXZhdGUgcmVhZG9ubHkgbG9nUmV0ZW50aW9uPzogUmV0ZW50aW9uRGF5cyxcbiAgICBwcml2YXRlIHJlYWRvbmx5IGRvY2tlckltYWdlPzogc3RyaW5nLFxuICAgIHByaXZhdGUgcmVhZG9ubHkgYXdzT3RlbENvbmZpZz86IHN0cmluZyxcbiAgICBwcml2YXRlIHJlYWRvbmx5IGNvbnRhaW5lclByb3BzPzogU2lkZWNhckNvbnRhaW5lclByb3BzLFxuICApIHt9XG5cbiAgZXh0ZW5kKHRhc2tEZWZpbml0aW9uOiBlY3MuVGFza0RlZmluaXRpb24pOiB2b2lkIHtcbiAgICBpZiAodGFza0RlZmluaXRpb24ubmV0d29ya01vZGUgIT09IGVjcy5OZXR3b3JrTW9kZS5BV1NfVlBDKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgICAgIFwiVGFzayBOZXR3b3JrTW9kZSBtdXN0IGJlIEFXU19WUEM6IFwiICsgdGFza0RlZmluaXRpb24ubmV0d29ya01vZGUsXG4gICAgICApXG4gICAgfVxuXG4gICAgY29uc3QgY29tbWFuZHMgPSB7XG4gICAgICBtZXRyaWNzQW5kVHJhY2VzOiBcIi0tY29uZmlnPS9ldGMvZWNzL2Vjcy1kZWZhdWx0LWNvbmZpZy55YW1sXCIsXG4gICAgICBtZXRyaWNzQW5kVHJhY2VzQW5kQ29udGFpbmVyUmVzb3VyY2VzOlxuICAgICAgICBcIi0tY29uZmlnPS9ldGMvZWNzL2NvbnRhaW5lci1pbnNpZ2h0cy9vdGVsLXRhc2stbWV0cmljcy1jb25maWcueWFtbFwiLFxuICAgIH1cblxuICAgIGNvbnN0IGxvZ0dyb3VwID0gbmV3IGxvZ3MuTG9nR3JvdXAodGhpcy5jb25zdHJ1Y3QsIFwiQ29sbGVjdG9yTG9nR3JvdXBcIiwge1xuICAgICAgcmV0ZW50aW9uOiB0aGlzLmxvZ1JldGVudGlvbiA/PyBSZXRlbnRpb25EYXlzLlNJWF9NT05USFMsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1ksXG4gICAgfSlcblxuICAgIGNvbnN0IHNpZGVjYXJJbWFnZSA9IHRoaXMuZG9ja2VySW1hZ2UgPz8gXCJhbWF6b24vYXdzLW90ZWwtY29sbGVjdG9yOnYwLjQzLjFcIlxuICAgIGNvbnN0IHNpZGVjYXIgPSB0YXNrRGVmaW5pdGlvbi5hZGRDb250YWluZXIoXCJhd3Mtb3BlbnRlbGVtZXRyeS1jb2xsZWN0b3JcIiwge1xuICAgICAgY3B1OiB0aGlzLmNvbnRhaW5lclByb3BzPy5jcHUgPz8gMzIsXG4gICAgICBtZW1vcnlSZXNlcnZhdGlvbk1pQjogdGhpcy5jb250YWluZXJQcm9wcz8ubWVtb3J5UmVzZXJ2YXRpb25NaUIgPz8gMjQsXG4gICAgICBtZW1vcnlMaW1pdE1pQjogdGhpcy5jb250YWluZXJQcm9wcz8ubWVtb3J5TGltaXRNaUIgPz8gMjU2LFxuICAgICAgaW1hZ2U6IGVjcy5Db250YWluZXJJbWFnZS5mcm9tUmVnaXN0cnkoc2lkZWNhckltYWdlKSxcbiAgICAgIGNvbW1hbmQ6IFtjb21tYW5kcy5tZXRyaWNzQW5kVHJhY2VzQW5kQ29udGFpbmVyUmVzb3VyY2VzXSwgLy8gVGhpcyBpcyBub3QgdXNlZCB3aGVuIHRoZSBBT1RfQ09ORklHX0NPTlRFTlQgaXMgc2V0IVxuICAgICAgZW52aXJvbm1lbnQ6IHtcbiAgICAgICAgLy8gWW91IGNhbiBhbHRlcm5hdGl2ZWx5IGNyZWF0ZSBhbiBTU00gcGFyYW1ldGVyIHdpdGggdGhlIGNvbmZpZywgYW5kIHBhc3MgaXQgdG8gdGhlIGBzZWNyZXRzYCBvcHRpb25cbiAgICAgICAgQU9UX0NPTkZJR19DT05URU5UOiB0aGlzLmF3c090ZWxDb25maWcgPz8gYXdzT3RlbEN1c3RvbUNvbmZpZ1lhbWwsXG4gICAgICB9LFxuICAgICAgbG9nZ2luZzogZWNzLkxvZ0RyaXZlcnMuYXdzTG9ncyh7XG4gICAgICAgIGxvZ0dyb3VwOiBsb2dHcm91cCxcbiAgICAgICAgc3RyZWFtUHJlZml4OiBcImVjc1wiLFxuICAgICAgfSksXG4gICAgfSlcblxuICAgIC8vIEEgZGVwZW5kZW5jeSBzaG91bGQgYmUgYWRkZWQgdG8gYWxsIGNvbnRhaW5lcnMgdGhhdCBleHBvcnQgbWV0cmljcy5cbiAgICAvLyBXZSBhcmUgY3VycmVudGx5IGFzc3VtaW5nIHRoYXQgdGhpcyBpcyBvbmx5IHRoZSBkZWZhdWx0IGNvbnRhaW5lclxuICAgIHRhc2tEZWZpbml0aW9uLmRlZmF1bHRDb250YWluZXI/LmFkZENvbnRhaW5lckRlcGVuZGVuY2llcyh7XG4gICAgICBjb250YWluZXI6IHNpZGVjYXIsXG4gICAgICBjb25kaXRpb246IGVjcy5Db250YWluZXJEZXBlbmRlbmN5Q29uZGl0aW9uLlNUQVJULFxuICAgIH0pXG5cbiAgICAvKlxuICAgICAqIGF3cy1vdGVsLWNvbGxlY3RvciBleHBvc2VzIHRoZXNlIHBvcnRzLCBhbmQgbW9yZTpcbiAgICAgKiAtIHVkcCAyMDAwIDogQVdTIFhSYXlcbiAgICAgKiAtIHRjcCA0MzE3IDogT3BlblRlbGVtZXRyeSBjb2xsZWN0aW9uIEdSUENcbiAgICAgKiAtIHRjcCA0MzE4IDogT3BlblRlbGVtZXRyeSBjb2xsZWN0aW9uIEhUVFBcbiAgICAgKlxuICAgICAqIFRoZXNlIGFyZSBkZWZpbmVkIGluIHRoZSB5YW1sIGNvbmZpZyBmb3IgdGhlIGNvbGxlY3Rvci5cbiAgICAgKi9cbiAgICB0YXNrRGVmaW5pdGlvbi5kZWZhdWx0Q29udGFpbmVyPy5hZGRFbnZpcm9ubWVudChcbiAgICAgIFwiQVdTX1hSQVlfREFFTU9OX0FERFJFU1NcIixcbiAgICAgIFwiaHR0cDovL2xvY2FsaG9zdDoyMDAwXCIsXG4gICAgKVxuICAgIHRhc2tEZWZpbml0aW9uLmRlZmF1bHRDb250YWluZXI/LmFkZEVudmlyb25tZW50KFxuICAgICAgXCJPVEVMX0VYUE9SVEVSX09UTFBfRU5EUE9JTlRcIixcbiAgICAgIFwiaHR0cDovL2xvY2FsaG9zdDo0MzE3XCIsXG4gICAgKVxuICAgIHRhc2tEZWZpbml0aW9uLmRlZmF1bHRDb250YWluZXI/LmFkZEVudmlyb25tZW50KFxuICAgICAgXCJPVEVMX0pBVkFBR0VOVF9FTkFCTEVEXCIsXG4gICAgICBcInRydWVcIixcbiAgICApXG5cbiAgICBpZiAoIXRhc2tEZWZpbml0aW9uLmlzRmFyZ2F0ZUNvbXBhdGlibGUpIHtcbiAgICAgIC8vIFRoaXMgZXh0ZW5zaW9uIGlzIG1hZGUgZm9yIHRoZSBGYXJnYXRlU2VydmljZSwgc28gdGhpcyBpcyBhIHJlcXVpcmVtZW50LlxuICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICBcIlRoaXMgdGFzayBkZWZpbml0aW9uIGNhbiBub3QgYmUgcmFuIG9uIGZhcmdhdGUhIFwiICtcbiAgICAgICAgICB0YXNrRGVmaW5pdGlvbi5ub2RlLmlkLFxuICAgICAgKVxuICAgIH1cbiAgfVxufVxuXG5pbnRlcmZhY2UgT3BlblRlbGVtZXRyeVBvbGljaWVzUHJvcHMge1xuICB0YXNrRGVmaW5pdGlvbjogZWNzLlRhc2tEZWZpbml0aW9uXG59XG5cbi8qKlxuICogR3JhbnRzIHRoZSBzaWRlY2FyIHBlcm1pc3Npb25zIHRvIGNyZWF0ZSBsb2dzLCBtZXRyaWNzIGFuZCBYUmF5IHRyYWNlcyBieSBleHRlbmRpbmcgdGhlIHRhc2sgcm9sZXMuXG4gKi9cbmNsYXNzIE9wZW5UZWxlbWV0cnlQb2xpY2llcyBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IGNvbnN0cnVjdHMuQ29uc3RydWN0LFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJvcHM6IE9wZW5UZWxlbWV0cnlQb2xpY2llc1Byb3BzLFxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpXG5cbiAgICBjb25zdCBhd3NEaXN0cm9PcGVuVGVsZW1ldHJ5UG9saWN5U3RhdGVtZW50ID0gbmV3IGlhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgZWZmZWN0OiBpYW0uRWZmZWN0LkFMTE9XLFxuICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdLFxuICAgICAgYWN0aW9uczogW1xuICAgICAgICBcImxvZ3M6UHV0TG9nRXZlbnRzXCIsXG4gICAgICAgIFwibG9nczpDcmVhdGVMb2dHcm91cFwiLFxuICAgICAgICBcImxvZ3M6Q3JlYXRlTG9nU3RyZWFtXCIsXG4gICAgICAgIFwibG9nczpEZXNjcmliZUxvZ1N0cmVhbXNcIixcbiAgICAgICAgXCJsb2dzOkRlc2NyaWJlTG9nR3JvdXBzXCIsXG4gICAgICAgIFwibG9nczpQdXRSZXRlbnRpb25Qb2xpY3lcIixcbiAgICAgICAgXCJ4cmF5OlB1dFRyYWNlU2VnbWVudHNcIixcbiAgICAgICAgXCJ4cmF5OlB1dFRlbGVtZXRyeVJlY29yZHNcIixcbiAgICAgICAgXCJ4cmF5OkdldFNhbXBsaW5nUnVsZXNcIixcbiAgICAgICAgXCJ4cmF5OkdldFNhbXBsaW5nVGFyZ2V0c1wiLFxuICAgICAgICBcInhyYXk6R2V0U2FtcGxpbmdTdGF0aXN0aWNTdW1tYXJpZXNcIixcbiAgICAgICAgXCJjbG91ZHdhdGNoOlB1dE1ldHJpY0RhdGFcIixcbiAgICAgICAgXCJlYzI6RGVzY3JpYmVWb2x1bWVzXCIsXG4gICAgICAgIFwiZWMyOkRlc2NyaWJlVGFnc1wiLFxuICAgICAgICBcInNzbTpHZXRQYXJhbWV0ZXJzXCIsXG4gICAgICBdLFxuICAgIH0pXG5cbiAgICBwcm9wcy50YXNrRGVmaW5pdGlvbi5hZGRUb1Rhc2tSb2xlUG9saWN5KFxuICAgICAgYXdzRGlzdHJvT3BlblRlbGVtZXRyeVBvbGljeVN0YXRlbWVudCxcbiAgICApXG5cbiAgICBwcm9wcy50YXNrRGVmaW5pdGlvbi5hZGRUb0V4ZWN1dGlvblJvbGVQb2xpY3koXG4gICAgICBhd3NEaXN0cm9PcGVuVGVsZW1ldHJ5UG9saWN5U3RhdGVtZW50LFxuICAgIClcbiAgICBwcm9wcy50YXNrRGVmaW5pdGlvbi5leGVjdXRpb25Sb2xlPy5hZGRNYW5hZ2VkUG9saWN5KFxuICAgICAgaWFtLk1hbmFnZWRQb2xpY3kuZnJvbUF3c01hbmFnZWRQb2xpY3lOYW1lKFwiQ2xvdWRXYXRjaExvZ3NGdWxsQWNjZXNzXCIpLFxuICAgIClcbiAgICBwcm9wcy50YXNrRGVmaW5pdGlvbi5leGVjdXRpb25Sb2xlPy5hZGRNYW5hZ2VkUG9saWN5KFxuICAgICAgaWFtLk1hbmFnZWRQb2xpY3kuZnJvbUF3c01hbmFnZWRQb2xpY3lOYW1lKFwiQW1hem9uU1NNUmVhZE9ubHlBY2Nlc3NcIiksXG4gICAgKVxuICB9XG59XG5cbi8qKlxuICogVGhpcyBpcyBhIG1vZGlmaWVkIHZlcnNpb24gb2YgYC4vZXRjL2Vjcy9jb250YWluZXItaW5zaWdodHMvb3RlbC10YXNrLW1ldHJpY3MtY29uZmlnLnlhbWxgXG4gKiB3aGVyZSB3ZSBhZGQgYHJlc291cmNlX3RvX3RlbGVtZXRyeV9jb252ZXJzaW9uYCBzbyB0aGUgb3RlbCByZXNvdXJjZSBgc2VydmljZS5uYW1lYFxuICogY2FuIGJlIGFkZGVkIHRvIHRoZSBtZXRyaWMuIFRoaXMgaXMgdXNlZnVsIGJlY2F1c2UgeW91IGNhbiBmaWx0ZXIgaW4gbWV0cmljcyBiYXNlZCBvbiBzZXJ2aWNlLFxuICogaW5zdGVhZCBvZiBncm91cGluZyBlLmcuIGFsbCBzZXJ2aWNlcycgbWVtb3J5IHVzYWdlIHVuZGVyIHRoZSBzYW1lIG1ldHJpYy5cbiAqXG4gKiBAc2VlIGh0dHBzOi8vYXdzLW90ZWwuZ2l0aHViLmlvL2RvY3Mvc2V0dXAvZWNzL2NvbmZpZy10aHJvdWdoLXNzbVxuICogQHNlZSBodHRwczovL2F3cy1vdGVsLmdpdGh1Yi5pby9kb2NzL2dldHRpbmctc3RhcnRlZC9jbG91ZHdhdGNoLW1ldHJpY3MjY2xvdWR3YXRjaC1lbWYtZXhwb3J0ZXItYXdzZW1mXG4gKi9cbmNvbnN0IGF3c090ZWxDdXN0b21Db25maWdZYW1sID0gcmVhZEZpbGVTeW5jKFxuICBwYXRoLnJlc29sdmUoXG4gICAgX19kaXJuYW1lLFxuICAgIFwiLi5cIixcbiAgICBcIi4uXCIsXG4gICAgXCJhc3NldHNcIixcbiAgICBcIm9wZW4tdGVsZW1ldHJ5XCIsXG4gICAgXCJvdGVsLWNvbGxlY3Rvci10YXNrLW1ldHJpY3MtY29uZmlnLnlhbWxcIixcbiAgKSxcbiAgXCJ1dGYtOFwiLFxuKVxuICAuc3BsaXQoXCJcXG5cIilcbiAgLmZpbHRlcigobGluZSkgPT4gIS9eXFxzKiMjLy50ZXN0KGxpbmUpKSAvLyBTa2lwIGNvbW1lbnRzIHN0YXJ0aW5nIHdpdGggIyNcbiAgLmpvaW4oXCJcXG5cIilcbiJdfQ==

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@liflig/cdk",
-  "version": "3.12.1",
+  "version": "3.13.0",
   "description": "CDK library for Liflig",
   "type": "module",
   "repository": {
@@ -55,7 +55,7 @@
     "@commitlint/cli": "19.8.1",
     "@commitlint/config-conventional": "19.8.1",
     "@eslint/eslintrc": "3.3.1",
-    "@eslint/js": "9.31.0",
+    "@eslint/js": "9.32.0",
     "@types/aws-lambda": "8.10.152",
     "@types/jest": "30.0.0",
     "@types/node": "24.1.0",
@@ -65,7 +65,7 @@
     "aws-cdk-lib": "2.207.0",
     "constructs": "10.4.2",
     "esbuild": "0.25.8",
-    "eslint": "9.31.0",
+    "eslint": "9.32.0",
     "eslint-config-prettier": "10.1.8",
     "eslint-plugin-prettier": "5.5.3",
     "husky": "9.1.7",
@@ -75,7 +75,7 @@
     "semantic-release": "24.2.7",
     "ts-jest": "29.4.0",
     "tsx": "4.20.3",
-    "typedoc": "0.28.7",
+    "typedoc": "0.28.8",
     "typescript": "5.8.3"
   },
   "dependencies": {