npm - @microsoft/terraform-cdk-constructs - Versions diffs - 1.8.0 → 1.10.0 - Mend

@microsoft/terraform-cdk-constructs 1.8.0 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (201) hide show

package/lib/azure-keyvault/lib/key-vault.d.ts ADDED Viewed

@@ -0,0 +1,344 @@
+/**
+ * Unified Azure Key Vault implementation using AzapiResource framework
+ *
+ * This class provides a version-aware implementation for Azure Key Vault
+ * (Microsoft.KeyVault/vaults) that automatically handles version management,
+ * schema validation, and property transformation across all supported API versions.
+ *
+ * Supported API Versions:
+ * - 2023-02-01 (Active)
+ * - 2023-07-01 (Active)
+ * - 2024-11-01 (Active, Latest)
+ *
+ * Features:
+ * - Automatic latest version resolution when no version is specified
+ * - Explicit version pinning for stability requirements
+ * - Schema-driven validation and transformation
+ * - Full JSII compliance for multi-language support
+ * - Configurable SKU, tenant, RBAC and access policies
+ * - Network ACLs and public network access control
+ * - Soft-delete and purge protection support
+ */
+import * as cdktf from "cdktf";
+import { Construct } from "constructs";
+import { AzapiResource, AzapiResourceProps } from "../../core-azure/lib/azapi/azapi-resource";
+import { ApiSchema } from "../../core-azure/lib/version-manager/interfaces/version-interfaces";
+/**
+ * SKU configuration for Key Vault
+ */
+export interface KeyVaultSku {
+    /**
+     * The SKU name (standard or premium)
+     *
+     * @default "standard"
+     */
+    readonly name: "standard" | "premium";
+    /**
+     * The SKU family. Always "A" for Key Vault.
+     *
+     * @default "A"
+     */
+    readonly family?: string;
+}
+/**
+ * Permissions configuration for an access policy
+ */
+export interface KeyVaultAccessPolicyPermissions {
+    /**
+     * Permissions for keys (e.g. "get", "list", "create", "delete")
+     */
+    readonly keys?: string[];
+    /**
+     * Permissions for secrets (e.g. "get", "list", "set", "delete")
+     */
+    readonly secrets?: string[];
+    /**
+     * Permissions for certificates (e.g. "get", "list", "create", "delete")
+     */
+    readonly certificates?: string[];
+    /**
+     * Permissions for storage (e.g. "get", "list", "set", "delete")
+     */
+    readonly storage?: string[];
+}
+/**
+ * Access policy configuration for the Key Vault
+ */
+export interface KeyVaultAccessPolicy {
+    /**
+     * The Azure Active Directory tenant ID
+     */
+    readonly tenantId: string;
+    /**
+     * The object ID of a user, service principal, or security group in AAD
+     */
+    readonly objectId: string;
+    /**
+     * The application ID of the client making the request on behalf of the user
+     */
+    readonly applicationId?: string;
+    /**
+     * The permissions granted to the identity
+     */
+    readonly permissions: KeyVaultAccessPolicyPermissions;
+}
+/**
+ * IP rule for Key Vault network ACLs
+ */
+export interface KeyVaultIpRule {
+    /**
+     * IP address or CIDR range
+     */
+    readonly value: string;
+}
+/**
+ * Virtual network rule for Key Vault network ACLs
+ */
+export interface KeyVaultVirtualNetworkRule {
+    /**
+     * Virtual network subnet resource ID
+     */
+    readonly id: string;
+    /**
+     * Whether to ignore missing VNET service endpoint
+     */
+    readonly ignoreMissingVnetServiceEndpoint?: boolean;
+}
+/**
+ * Network ACL configuration for the Key Vault
+ */
+export interface KeyVaultNetworkAcls {
+    /**
+     * Default action when no rule matches (Allow or Deny)
+     *
+     * @default "Allow"
+     */
+    readonly defaultAction?: "Allow" | "Deny";
+    /**
+     * Tells what traffic can bypass network rules. Can be 'AzureServices' or 'None'.
+     *
+     * @default "AzureServices"
+     */
+    readonly bypass?: "AzureServices" | "None";
+    /**
+     * IP rules for the Key Vault
+     */
+    readonly ipRules?: KeyVaultIpRule[];
+    /**
+     * Virtual network subnet rules for the Key Vault
+     */
+    readonly virtualNetworkRules?: KeyVaultVirtualNetworkRule[];
+}
+/**
+ * Properties for the unified Azure Key Vault
+ *
+ * Extends AzapiResourceProps with Key Vault specific properties.
+ */
+export interface KeyVaultProps extends AzapiResourceProps {
+    /**
+     * Resource group ID where the Key Vault will be created
+     */
+    readonly resourceGroupId?: string;
+    /**
+     * The SKU (pricing tier) for the Key Vault
+     *
+     * @default { name: "standard", family: "A" }
+     */
+    readonly sku?: KeyVaultSku;
+    /**
+     * The Azure Active Directory tenant ID that should be used for authenticating
+     * requests to the Key Vault. If not provided, the current tenant ID from the
+     * AZAPI client configuration is used.
+     */
+    readonly tenantId?: string;
+    /**
+     * Access policies for the Key Vault.
+     *
+     * Only applicable when `enableRbacAuthorization` is false.
+     */
+    readonly accessPolicies?: KeyVaultAccessPolicy[];
+    /**
+     * Network ACL configuration for the Key Vault
+     */
+    readonly networkAcls?: KeyVaultNetworkAcls;
+    /**
+     * Whether Azure Virtual Machines are permitted to retrieve certificates
+     * stored as secrets from the Key Vault.
+     *
+     * @default false
+     */
+    readonly enabledForDeployment?: boolean;
+    /**
+     * Whether Azure Disk Encryption is permitted to retrieve secrets from the
+     * Key Vault and unwrap keys.
+     *
+     * @default false
+     */
+    readonly enabledForDiskEncryption?: boolean;
+    /**
+     * Whether Azure Resource Manager is permitted to retrieve secrets from the
+     * Key Vault.
+     *
+     * @default false
+     */
+    readonly enabledForTemplateDeployment?: boolean;
+    /**
+     * Whether Azure RBAC is used to authorize data actions instead of access
+     * policies.
+     *
+     * @default true
+     */
+    readonly enableRbacAuthorization?: boolean;
+    /**
+     * Whether soft-delete is enabled on the Key Vault.
+     *
+     * @default true
+     */
+    readonly enableSoftDelete?: boolean;
+    /**
+     * Number of days that items should be retained after soft-delete (7-90).
+     *
+     * @default 90
+     */
+    readonly softDeleteRetentionInDays?: number;
+    /**
+     * Whether purge protection is enabled. Once enabled, this property cannot
+     * be disabled.
+     */
+    readonly enablePurgeProtection?: boolean;
+    /**
+     * Whether the Key Vault accepts traffic from public networks.
+     *
+     * @default "Enabled"
+     */
+    readonly publicNetworkAccess?: "Enabled" | "Disabled";
+    /**
+     * Properties to ignore during updates
+     *
+     * @example ["tags"]
+     */
+    readonly ignoreChanges?: string[];
+}
+/**
+ * Key Vault properties for the request body
+ */
+export interface KeyVaultBodyProperties {
+    readonly tenantId: string;
+    readonly sku: KeyVaultSku;
+    readonly accessPolicies?: KeyVaultAccessPolicy[];
+    readonly networkAcls?: KeyVaultNetworkAcls;
+    readonly enabledForDeployment?: boolean;
+    readonly enabledForDiskEncryption?: boolean;
+    readonly enabledForTemplateDeployment?: boolean;
+    readonly enableRbacAuthorization?: boolean;
+    readonly enableSoftDelete?: boolean;
+    readonly softDeleteRetentionInDays?: number;
+    readonly enablePurgeProtection?: boolean;
+    readonly publicNetworkAccess?: string;
+}
+/**
+ * The resource body interface for Azure Key Vault API calls
+ */
+export interface KeyVaultBody {
+    readonly location: string;
+    readonly tags?: {
+        [key: string]: string;
+    };
+    readonly properties: KeyVaultBodyProperties;
+}
+/**
+ * Unified Azure Key Vault implementation
+ *
+ * This class provides a single, version-aware implementation that automatically
+ * handles version resolution, schema validation, and property transformation
+ * while maintaining full JSII compliance.
+ *
+ * Azure Key Vault is a cloud service for securely storing and accessing secrets,
+ * keys, and certificates with centralized management and access control.
+ *
+ * @example
+ * // Basic usage with automatic version resolution and current tenant:
+ * const keyVault = new KeyVault(this, "kv", {
+ *   name: "my-keyvault-1234",
+ *   location: "eastus",
+ *   resourceGroupId: resourceGroup.id,
+ * });
+ *
+ * @example
+ * // Usage with explicit version pinning and configuration:
+ * const keyVault = new KeyVault(this, "kv", {
+ *   name: "my-keyvault-1234",
+ *   location: "eastus",
+ *   resourceGroupId: resourceGroup.id,
+ *   sku: { name: "premium" },
+ *   apiVersion: "2023-07-01",
+ *   enablePurgeProtection: true,
+ *   publicNetworkAccess: "Disabled",
+ *   networkAcls: {
+ *     defaultAction: "Deny",
+ *     bypass: "AzureServices",
+ *   },
+ * });
+ *
+ * @stability stable
+ */
+export declare class KeyVault extends AzapiResource {
+    /**
+     * The input properties for this Key Vault instance
+     */
+    readonly props: KeyVaultProps;
+    readonly idOutput: cdktf.TerraformOutput;
+    readonly locationOutput: cdktf.TerraformOutput;
+    readonly nameOutput: cdktf.TerraformOutput;
+    readonly tagsOutput: cdktf.TerraformOutput;
+    readonly vaultUriOutput: cdktf.TerraformOutput;
+    /**
+     * Creates a new Azure Key Vault using the AzapiResource framework
+     *
+     * @param scope - The scope in which to define this construct
+     * @param id - The unique identifier for this instance
+     * @param props - Configuration properties for the Key Vault
+     */
+    constructor(scope: Construct, id: string, props: KeyVaultProps);
+    /**
+     * Gets the default API version to use when no explicit version is specified
+     */
+    protected defaultVersion(): string;
+    /**
+     * Gets the Azure resource type for Key Vault
+     */
+    protected resourceType(): string;
+    /**
+     * Gets the API schema for the resolved version
+     */
+    protected apiSchema(): ApiSchema;
+    /**
+     * Indicates that location is required for Key Vaults
+     */
+    protected requiresLocation(): boolean;
+    /**
+     * Creates the resource body for the Azure API call
+     */
+    protected createResourceBody(props: any): any;
+    /**
+     * Get the data plane URI of the Key Vault
+     *
+     * Returns the deterministic Azure public cloud Key Vault URI in the form
+     * `https://{name}.vault.azure.net/`. This avoids depending on the AZAPI
+     * resource `output` attribute which is only populated for properties listed
+     * in `response_export_values`.
+     */
+    get vaultUri(): string;
+    /**
+     * Add a tag to the Key Vault
+     */
+    addTag(key: string, value: string): void;
+    /**
+     * Remove a tag from the Key Vault
+     */
+    removeTag(key: string): void;
+    /**
+     * Applies ignore changes lifecycle rules if specified in props
+     */
+    private _applyIgnoreChanges;
+}

package/lib/azure-keyvault/lib/key-vault.js ADDED Viewed

@@ -0,0 +1,243 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KeyVault = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+/**
+ * Unified Azure Key Vault implementation using AzapiResource framework
+ *
+ * This class provides a version-aware implementation for Azure Key Vault
+ * (Microsoft.KeyVault/vaults) that automatically handles version management,
+ * schema validation, and property transformation across all supported API versions.
+ *
+ * Supported API Versions:
+ * - 2023-02-01 (Active)
+ * - 2023-07-01 (Active)
+ * - 2024-11-01 (Active, Latest)
+ *
+ * Features:
+ * - Automatic latest version resolution when no version is specified
+ * - Explicit version pinning for stability requirements
+ * - Schema-driven validation and transformation
+ * - Full JSII compliance for multi-language support
+ * - Configurable SKU, tenant, RBAC and access policies
+ * - Network ACLs and public network access control
+ * - Soft-delete and purge protection support
+ */
+const cdktf = require("cdktf");
+const key_vault_schemas_1 = require("./key-vault-schemas");
+const azapi_resource_1 = require("../../core-azure/lib/azapi/azapi-resource");
+const data_azapi_client_config_1 = require("../../core-azure/lib/azapi/providers-azapi/data-azapi-client-config");
+/**
+ * Unified Azure Key Vault implementation
+ *
+ * This class provides a single, version-aware implementation that automatically
+ * handles version resolution, schema validation, and property transformation
+ * while maintaining full JSII compliance.
+ *
+ * Azure Key Vault is a cloud service for securely storing and accessing secrets,
+ * keys, and certificates with centralized management and access control.
+ *
+ * @example
+ * // Basic usage with automatic version resolution and current tenant:
+ * const keyVault = new KeyVault(this, "kv", {
+ *   name: "my-keyvault-1234",
+ *   location: "eastus",
+ *   resourceGroupId: resourceGroup.id,
+ * });
+ *
+ * @example
+ * // Usage with explicit version pinning and configuration:
+ * const keyVault = new KeyVault(this, "kv", {
+ *   name: "my-keyvault-1234",
+ *   location: "eastus",
+ *   resourceGroupId: resourceGroup.id,
+ *   sku: { name: "premium" },
+ *   apiVersion: "2023-07-01",
+ *   enablePurgeProtection: true,
+ *   publicNetworkAccess: "Disabled",
+ *   networkAcls: {
+ *     defaultAction: "Deny",
+ *     bypass: "AzureServices",
+ *   },
+ * });
+ *
+ * @stability stable
+ */
+class KeyVault extends azapi_resource_1.AzapiResource {
+    /**
+     * Creates a new Azure Key Vault using the AzapiResource framework
+     *
+     * @param scope - The scope in which to define this construct
+     * @param id - The unique identifier for this instance
+     * @param props - Configuration properties for the Key Vault
+     */
+    constructor(scope, id, props) {
+        // Validate softDeleteRetentionInDays bounds before delegating to base class
+        if (props.softDeleteRetentionInDays !== undefined) {
+            if (props.softDeleteRetentionInDays < 7 ||
+                props.softDeleteRetentionInDays > 90) {
+                throw new Error("softDeleteRetentionInDays must be between 7 and 90 days");
+            }
+        }
+        // If tenantId is not provided, fall back to the current AZAPI client tenant.
+        // The DataAzapiClientConfig data source must be created on the parent scope
+        // so it is available before super() is called.
+        const resolvedTenantId = props.tenantId ??
+            (() => {
+                const clientConfig = new data_azapi_client_config_1.DataAzapiClientConfig(scope, `${id}_client_config`, {});
+                return `\${${clientConfig.fqn}.tenant_id}`;
+            })();
+        super(scope, id, { ...props, tenantId: resolvedTenantId });
+        this.props = props;
+        // Create Terraform outputs
+        this.idOutput = new cdktf.TerraformOutput(this, "id", {
+            value: this.id,
+            description: "The ID of the Key Vault",
+        });
+        this.locationOutput = new cdktf.TerraformOutput(this, "location", {
+            value: `\${${this.terraformResource.fqn}.location}`,
+            description: "The location of the Key Vault",
+        });
+        this.nameOutput = new cdktf.TerraformOutput(this, "name", {
+            value: `\${${this.terraformResource.fqn}.name}`,
+            description: "The name of the Key Vault",
+        });
+        this.tagsOutput = new cdktf.TerraformOutput(this, "tags", {
+            value: `\${${this.terraformResource.fqn}.tags}`,
+            description: "The tags assigned to the Key Vault",
+        });
+        this.vaultUriOutput = new cdktf.TerraformOutput(this, "vault_uri", {
+            value: this.vaultUri,
+            description: "The URI of the Key Vault for performing data plane operations",
+        });
+        // Override logical IDs
+        this.idOutput.overrideLogicalId("id");
+        this.locationOutput.overrideLogicalId("location");
+        this.nameOutput.overrideLogicalId("name");
+        this.tagsOutput.overrideLogicalId("tags");
+        this.vaultUriOutput.overrideLogicalId("vault_uri");
+        // Apply ignore changes if specified
+        this._applyIgnoreChanges();
+    }
+    // =============================================================================
+    // REQUIRED ABSTRACT METHODS FROM AzapiResource
+    // =============================================================================
+    /**
+     * Gets the default API version to use when no explicit version is specified
+     */
+    defaultVersion() {
+        return "2024-11-01";
+    }
+    /**
+     * Gets the Azure resource type for Key Vault
+     */
+    resourceType() {
+        return key_vault_schemas_1.KEY_VAULT_TYPE;
+    }
+    /**
+     * Gets the API schema for the resolved version
+     */
+    apiSchema() {
+        return this.resolveSchema();
+    }
+    /**
+     * Indicates that location is required for Key Vaults
+     */
+    requiresLocation() {
+        return true;
+    }
+    /**
+     * Creates the resource body for the Azure API call
+     */
+    createResourceBody(props) {
+        const typedProps = props;
+        const properties = {
+            tenantId: typedProps.tenantId,
+            sku: {
+                name: typedProps.sku?.name ?? "standard",
+                family: typedProps.sku?.family ?? "A",
+            },
+            enabledForDeployment: typedProps.enabledForDeployment ?? false,
+            enabledForDiskEncryption: typedProps.enabledForDiskEncryption ?? false,
+            enabledForTemplateDeployment: typedProps.enabledForTemplateDeployment ?? false,
+            enableRbacAuthorization: typedProps.enableRbacAuthorization ?? true,
+            enableSoftDelete: typedProps.enableSoftDelete ?? true,
+            softDeleteRetentionInDays: typedProps.softDeleteRetentionInDays ?? 90,
+            publicNetworkAccess: typedProps.publicNetworkAccess ?? "Enabled",
+        };
+        if (typedProps.enablePurgeProtection !== undefined) {
+            properties.enablePurgeProtection = typedProps.enablePurgeProtection;
+        }
+        // accessPolicies is only meaningful when RBAC authorization is disabled.
+        // Always include the array (Azure requires it) - default to empty.
+        properties.accessPolicies = typedProps.accessPolicies ?? [];
+        if (typedProps.networkAcls) {
+            properties.networkAcls = {
+                defaultAction: typedProps.networkAcls.defaultAction ?? "Allow",
+                bypass: typedProps.networkAcls.bypass ?? "AzureServices",
+                ipRules: typedProps.networkAcls.ipRules ?? [],
+                virtualNetworkRules: typedProps.networkAcls.virtualNetworkRules ?? [],
+            };
+        }
+        return {
+            location: this.location,
+            tags: this.allTags(),
+            properties,
+        };
+    }
+    // =============================================================================
+    // PUBLIC METHODS FOR KEY VAULT OPERATIONS
+    // =============================================================================
+    /**
+     * Get the data plane URI of the Key Vault
+     *
+     * Returns the deterministic Azure public cloud Key Vault URI in the form
+     * `https://{name}.vault.azure.net/`. This avoids depending on the AZAPI
+     * resource `output` attribute which is only populated for properties listed
+     * in `response_export_values`.
+     */
+    get vaultUri() {
+        return `https://\${${this.terraformResource.fqn}.name}.vault.azure.net/`;
+    }
+    /**
+     * Add a tag to the Key Vault
+     */
+    addTag(key, value) {
+        if (!this.props.tags) {
+            this.props.tags = {};
+        }
+        this.props.tags[key] = value;
+    }
+    /**
+     * Remove a tag from the Key Vault
+     */
+    removeTag(key) {
+        if (this.props.tags && this.props.tags[key]) {
+            delete this.props.tags[key];
+        }
+    }
+    // =============================================================================
+    // PRIVATE HELPER METHODS
+    // =============================================================================
+    /**
+     * Applies ignore changes lifecycle rules if specified in props
+     */
+    _applyIgnoreChanges() {
+        if (this.props.ignoreChanges && this.props.ignoreChanges.length > 0) {
+            this.terraformResource.addOverride("lifecycle", [
+                {
+                    ignore_changes: this.props.ignoreChanges,
+                },
+            ]);
+        }
+    }
+}
+exports.KeyVault = KeyVault;
+_a = JSII_RTTI_SYMBOL_1;
+KeyVault[_a] = { fqn: "@microsoft/terraform-cdk-constructs.KeyVault", version: "1.10.0" };
+// Static initializer runs once when the class is first loaded
+(() => {
+    azapi_resource_1.AzapiResource.registerSchemas(key_vault_schemas_1.KEY_VAULT_TYPE, key_vault_schemas_1.ALL_KEY_VAULT_VERSIONS);
+})();
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LXZhdWx0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2F6dXJlLWtleXZhdWx0L2xpYi9rZXktdmF1bHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQTs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FvQkc7QUFFSCwrQkFBK0I7QUFFL0IsMkRBQTZFO0FBQzdFLDhFQUdtRDtBQUNuRCxrSEFBNEc7QUFpUTVHOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQW1DRztBQUNILE1BQWEsUUFBUyxTQUFRLDhCQUFhO0lBa0J6Qzs7Ozs7O09BTUc7SUFDSCxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQW9CO1FBQzVELDRFQUE0RTtRQUM1RSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsS0FBSyxTQUFTLEVBQUUsQ0FBQztZQUNsRCxJQUNFLEtBQUssQ0FBQyx5QkFBeUIsR0FBRyxDQUFDO2dCQUNuQyxLQUFLLENBQUMseUJBQXlCLEdBQUcsRUFBRSxFQUNwQyxDQUFDO2dCQUNELE1BQU0sSUFBSSxLQUFLLENBQ2IseURBQXlELENBQzFELENBQUM7WUFDSixDQUFDO1FBQ0gsQ0FBQztRQUVELDZFQUE2RTtRQUM3RSw0RUFBNEU7UUFDNUUsK0NBQStDO1FBQy9DLE1BQU0sZ0JBQWdCLEdBQ3BCLEtBQUssQ0FBQyxRQUFRO1lBQ2QsQ0FBQyxHQUFHLEVBQUU7Z0JBQ0osTUFBTSxZQUFZLEdBQUcsSUFBSSxnREFBcUIsQ0FDNUMsS0FBSyxFQUNMLEdBQUcsRUFBRSxnQkFBZ0IsRUFDckIsRUFBRSxDQUNILENBQUM7Z0JBQ0YsT0FBTyxNQUFNLFlBQVksQ0FBQyxHQUFHLGFBQWEsQ0FBQztZQUM3QyxDQUFDLENBQUMsRUFBRSxDQUFDO1FBRVAsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsRUFBRSxHQUFHLEtBQUssRUFBRSxRQUFRLEVBQUUsZ0JBQWdCLEVBQW1CLENBQUMsQ0FBQztRQUU1RSxJQUFJLENBQUMsS0FBSyxHQUFHLEtBQUssQ0FBQztRQUVuQiwyQkFBMkI7UUFDM0IsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLEtBQUssQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLElBQUksRUFBRTtZQUNwRCxLQUFLLEVBQUUsSUFBSSxDQUFDLEVBQUU7WUFDZCxXQUFXLEVBQUUseUJBQXlCO1NBQ3ZDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxjQUFjLEdBQUcsSUFBSSxLQUFLLENBQUMsZUFBZSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDaEUsS0FBSyxFQUFFLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLEdBQUcsWUFBWTtZQUNuRCxXQUFXLEVBQUUsK0JBQStCO1NBQzdDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxLQUFLLENBQUMsZUFBZSxDQUFDLElBQUksRUFBRSxNQUFNLEVBQUU7WUFDeEQsS0FBSyxFQUFFLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLEdBQUcsUUFBUTtZQUMvQyxXQUFXLEVBQUUsMkJBQTJCO1NBQ3pDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxLQUFLLENBQUMsZUFBZSxDQUFDLElBQUksRUFBRSxNQUFNLEVBQUU7WUFDeEQsS0FBSyxFQUFFLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLEdBQUcsUUFBUTtZQUMvQyxXQUFXLEVBQUUsb0NBQW9DO1NBQ2xELENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxjQUFjLEdBQUcsSUFBSSxLQUFLLENBQUMsZUFBZSxDQUFDLElBQUksRUFBRSxXQUFXLEVBQUU7WUFDakUsS0FBSyxFQUFFLElBQUksQ0FBQyxRQUFRO1lBQ3BCLFdBQVcsRUFDVCwrREFBK0Q7U0FDbEUsQ0FBQyxDQUFDO1FBRUgsdUJBQXVCO1FBQ3ZCLElBQUksQ0FBQyxRQUFRLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDdEMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxpQkFBaUIsQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUNsRCxJQUFJLENBQUMsVUFBVSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzFDLElBQUksQ0FBQyxVQUFVLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDMUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxpQkFBaUIsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUVuRCxvQ0FBb0M7UUFDcEMsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7SUFDN0IsQ0FBQztJQUVELGdGQUFnRjtJQUNoRiwrQ0FBK0M7SUFDL0MsZ0ZBQWdGO0lBRWhGOztPQUVHO0lBQ08sY0FBYztRQUN0QixPQUFPLFlBQVksQ0FBQztJQUN0QixDQUFDO0lBRUQ7O09BRUc7SUFDTyxZQUFZO1FBQ3BCLE9BQU8sa0NBQWMsQ0FBQztJQUN4QixDQUFDO0lBRUQ7O09BRUc7SUFDTyxTQUFTO1FBQ2pCLE9BQU8sSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO0lBQzlCLENBQUM7SUFFRDs7T0FFRztJQUNPLGdCQUFnQjtRQUN4QixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFRDs7T0FFRztJQUNPLGtCQUFrQixDQUFDLEtBQVU7UUFDckMsTUFBTSxVQUFVLEdBQUcsS0FBc0IsQ0FBQztRQUUxQyxNQUFNLFVBQVUsR0FBUTtZQUN0QixRQUFRLEVBQUUsVUFBVSxDQUFDLFFBQVE7WUFDN0IsR0FBRyxFQUFFO2dCQUNILElBQUksRUFBRSxVQUFVLENBQUMsR0FBRyxFQUFFLElBQUksSUFBSSxVQUFVO2dCQUN4QyxNQUFNLEVBQUUsVUFBVSxDQUFDLEdBQUcsRUFBRSxNQUFNLElBQUksR0FBRzthQUN0QztZQUNELG9CQUFvQixFQUFFLFVBQVUsQ0FBQyxvQkFBb0IsSUFBSSxLQUFLO1lBQzlELHdCQUF3QixFQUFFLFVBQVUsQ0FBQyx3QkFBd0IsSUFBSSxLQUFLO1lBQ3RFLDRCQUE0QixFQUMxQixVQUFVLENBQUMsNEJBQTRCLElBQUksS0FBSztZQUNsRCx1QkFBdUIsRUFBRSxVQUFVLENBQUMsdUJBQXVCLElBQUksSUFBSTtZQUNuRSxnQkFBZ0IsRUFBRSxVQUFVLENBQUMsZ0JBQWdCLElBQUksSUFBSTtZQUNyRCx5QkFBeUIsRUFBRSxVQUFVLENBQUMseUJBQXlCLElBQUksRUFBRTtZQUNyRSxtQkFBbUIsRUFBRSxVQUFVLENBQUMsbUJBQW1CLElBQUksU0FBUztTQUNqRSxDQUFDO1FBRUYsSUFBSSxVQUFVLENBQUMscUJBQXFCLEtBQUssU0FBUyxFQUFFLENBQUM7WUFDbkQsVUFBVSxDQUFDLHFCQUFxQixHQUFHLFVBQVUsQ0FBQyxxQkFBcUIsQ0FBQztRQUN0RSxDQUFDO1FBRUQseUVBQXlFO1FBQ3pFLG1FQUFtRTtRQUNuRSxVQUFVLENBQUMsY0FBYyxHQUFHLFVBQVUsQ0FBQyxjQUFjLElBQUksRUFBRSxDQUFDO1FBRTVELElBQUksVUFBVSxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQzNCLFVBQVUsQ0FBQyxXQUFXLEdBQUc7Z0JBQ3ZCLGFBQWEsRUFBRSxVQUFVLENBQUMsV0FBVyxDQUFDLGFBQWEsSUFBSSxPQUFPO2dCQUM5RCxNQUFNLEVBQUUsVUFBVSxDQUFDLFdBQVcsQ0FBQyxNQUFNLElBQUksZUFBZTtnQkFDeEQsT0FBTyxFQUFFLFVBQVUsQ0FBQyxXQUFXLENBQUMsT0FBTyxJQUFJLEVBQUU7Z0JBQzdDLG1CQUFtQixFQUFFLFVBQVUsQ0FBQyxXQUFXLENBQUMsbUJBQW1CLElBQUksRUFBRTthQUN0RSxDQUFDO1FBQ0osQ0FBQztRQUVELE9BQU87WUFDTCxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDdkIsSUFBSSxFQUFFLElBQUksQ0FBQyxPQUFPLEVBQUU7WUFDcEIsVUFBVTtTQUNYLENBQUM7SUFDSixDQUFDO0lBRUQsZ0ZBQWdGO0lBQ2hGLDBDQUEwQztJQUMxQyxnRkFBZ0Y7SUFFaEY7Ozs7Ozs7T0FPRztJQUNILElBQVcsUUFBUTtRQUNqQixPQUFPLGNBQWMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLEdBQUcseUJBQXlCLENBQUM7SUFDM0UsQ0FBQztJQUVEOztPQUVHO0lBQ0ksTUFBTSxDQUFDLEdBQVcsRUFBRSxLQUFhO1FBQ3RDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ3BCLElBQUksQ0FBQyxLQUFhLENBQUMsSUFBSSxHQUFHLEVBQUUsQ0FBQztRQUNoQyxDQUFDO1FBQ0QsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFLLENBQUMsR0FBRyxDQUFDLEdBQUcsS0FBSyxDQUFDO0lBQ2hDLENBQUM7SUFFRDs7T0FFRztJQUNJLFNBQVMsQ0FBQyxHQUFXO1FBQzFCLElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUM1QyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzlCLENBQUM7SUFDSCxDQUFDO0lBRUQsZ0ZBQWdGO0lBQ2hGLHlCQUF5QjtJQUN6QixnRkFBZ0Y7SUFFaEY7O09BRUc7SUFDSyxtQkFBbUI7UUFDekIsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLGFBQWEsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLGFBQWEsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDcEUsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFdBQVcsQ0FBQyxXQUFXLEVBQUU7Z0JBQzlDO29CQUNFLGNBQWMsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLGFBQWE7aUJBQ3pDO2FBQ0YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7O0FBOU5ILDRCQStOQzs7O0FBOU5DLDhEQUE4RDtBQUM5RDtJQUNFLDhCQUFhLENBQUMsZUFBZSxDQUFDLGtDQUFjLEVBQUUsMENBQXNCLENBQUMsQ0FBQztBQUN4RSxDQUFDLEdBQUEsQ0FBQSIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogVW5pZmllZCBBenVyZSBLZXkgVmF1bHQgaW1wbGVtZW50YXRpb24gdXNpbmcgQXphcGlSZXNvdXJjZSBmcmFtZXdvcmtcbiAqXG4gKiBUaGlzIGNsYXNzIHByb3ZpZGVzIGEgdmVyc2lvbi1hd2FyZSBpbXBsZW1lbnRhdGlvbiBmb3IgQXp1cmUgS2V5IFZhdWx0XG4gKiAoTWljcm9zb2Z0LktleVZhdWx0L3ZhdWx0cykgdGhhdCBhdXRvbWF0aWNhbGx5IGhhbmRsZXMgdmVyc2lvbiBtYW5hZ2VtZW50LFxuICogc2NoZW1hIHZhbGlkYXRpb24sIGFuZCBwcm9wZXJ0eSB0cmFuc2Zvcm1hdGlvbiBhY3Jvc3MgYWxsIHN1cHBvcnRlZCBBUEkgdmVyc2lvbnMuXG4gKlxuICogU3VwcG9ydGVkIEFQSSBWZXJzaW9uczpcbiAqIC0gMjAyMy0wMi0wMSAoQWN0aXZlKVxuICogLSAyMDIzLTA3LTAxIChBY3RpdmUpXG4gKiAtIDIwMjQtMTEtMDEgKEFjdGl2ZSwgTGF0ZXN0KVxuICpcbiAqIEZlYXR1cmVzOlxuICogLSBBdXRvbWF0aWMgbGF0ZXN0IHZlcnNpb24gcmVzb2x1dGlvbiB3aGVuIG5vIHZlcnNpb24gaXMgc3BlY2lmaWVkXG4gKiAtIEV4cGxpY2l0IHZlcnNpb24gcGlubmluZyBmb3Igc3RhYmlsaXR5IHJlcXVpcmVtZW50c1xuICogLSBTY2hlbWEtZHJpdmVuIHZhbGlkYXRpb24gYW5kIHRyYW5zZm9ybWF0aW9uXG4gKiAtIEZ1bGwgSlNJSSBjb21wbGlhbmNlIGZvciBtdWx0aS1sYW5ndWFnZSBzdXBwb3J0XG4gKiAtIENvbmZpZ3VyYWJsZSBTS1UsIHRlbmFudCwgUkJBQyBhbmQgYWNjZXNzIHBvbGljaWVzXG4gKiAtIE5ldHdvcmsgQUNMcyBhbmQgcHVibGljIG5ldHdvcmsgYWNjZXNzIGNvbnRyb2xcbiAqIC0gU29mdC1kZWxldGUgYW5kIHB1cmdlIHByb3RlY3Rpb24gc3VwcG9ydFxuICovXG5cbmltcG9ydCAqIGFzIGNka3RmIGZyb20gXCJjZGt0ZlwiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IEFMTF9LRVlfVkFVTFRfVkVSU0lPTlMsIEtFWV9WQVVMVF9UWVBFIH0gZnJvbSBcIi4va2V5LXZhdWx0LXNjaGVtYXNcIjtcbmltcG9ydCB7XG4gIEF6YXBpUmVzb3VyY2UsXG4gIEF6YXBpUmVzb3VyY2VQcm9wcyxcbn0gZnJvbSBcIi4uLy4uL2NvcmUtYXp1cmUvbGliL2F6YXBpL2F6YXBpLXJlc291cmNlXCI7XG5pbXBvcnQgeyBEYXRhQXphcGlDbGllbnRDb25maWcgfSBmcm9tIFwiLi4vLi4vY29yZS1henVyZS9saWIvYXphcGkvcHJvdmlkZXJzLWF6YXBpL2RhdGEtYXphcGktY2xpZW50LWNvbmZpZ1wiO1xuaW1wb3J0IHsgQXBpU2NoZW1hIH0gZnJvbSBcIi4uLy4uL2NvcmUtYXp1cmUvbGliL3ZlcnNpb24tbWFuYWdlci9pbnRlcmZhY2VzL3ZlcnNpb24taW50ZXJmYWNlc1wiO1xuXG4vKipcbiAqIFNLVSBjb25maWd1cmF0aW9uIGZvciBLZXkgVmF1bHRcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBLZXlWYXVsdFNrdSB7XG4gIC8qKlxuICAgKiBUaGUgU0tVIG5hbWUgKHN0YW5kYXJkIG9yIHByZW1pdW0pXG4gICAqXG4gICAqIEBkZWZhdWx0IFwic3RhbmRhcmRcIlxuICAgKi9cbiAgcmVhZG9ubHkgbmFtZTogXCJzdGFuZGFyZFwiIHwgXCJwcmVtaXVtXCI7XG5cbiAgLyoqXG4gICAqIFRoZSBTS1UgZmFtaWx5LiBBbHdheXMgXCJBXCIgZm9yIEtleSBWYXVsdC5cbiAgICpcbiAgICogQGRlZmF1bHQgXCJBXCJcbiAgICovXG4gIHJlYWRvbmx5IGZhbWlseT86IHN0cmluZztcbn1cblxuLyoqXG4gKiBQZXJtaXNzaW9ucyBjb25maWd1cmF0aW9uIGZvciBhbiBhY2Nlc3MgcG9saWN5XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgS2V5VmF1bHRBY2Nlc3NQb2xpY3lQZXJtaXNzaW9ucyB7XG4gIC8qKlxuICAgKiBQZXJtaXNzaW9ucyBmb3Iga2V5cyAoZS5nLiBcImdldFwiLCBcImxpc3RcIiwgXCJjcmVhdGVcIiwgXCJkZWxldGVcIilcbiAgICovXG4gIHJlYWRvbmx5IGtleXM/OiBzdHJpbmdbXTtcblxuICAvKipcbiAgICogUGVybWlzc2lvbnMgZm9yIHNlY3JldHMgKGUuZy4gXCJnZXRcIiwgXCJsaXN0XCIsIFwic2V0XCIsIFwiZGVsZXRlXCIpXG4gICAqL1xuICByZWFkb25seSBzZWNyZXRzPzogc3RyaW5nW107XG5cbiAgLyoqXG4gICAqIFBlcm1pc3Npb25zIGZvciBjZXJ0aWZpY2F0ZXMgKGUuZy4gXCJnZXRcIiwgXCJsaXN0XCIsIFwiY3JlYXRlXCIsIFwiZGVsZXRlXCIpXG4gICAqL1xuICByZWFkb25seSBjZXJ0aWZpY2F0ZXM/OiBzdHJpbmdbXTtcblxuICAvKipcbiAgICogUGVybWlzc2lvbnMgZm9yIHN0b3JhZ2UgKGUuZy4gXCJnZXRcIiwgXCJsaXN0XCIsIFwic2V0XCIsIFwiZGVsZXRlXCIpXG4gICAqL1xuICByZWFkb25seSBzdG9yYWdlPzogc3RyaW5nW107XG59XG5cbi8qKlxuICogQWNjZXNzIHBvbGljeSBjb25maWd1cmF0aW9uIGZvciB0aGUgS2V5IFZhdWx0XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgS2V5VmF1bHRBY2Nlc3NQb2xpY3kge1xuICAvKipcbiAgICogVGhlIEF6dXJlIEFjdGl2ZSBEaXJlY3RvcnkgdGVuYW50IElEXG4gICAqL1xuICByZWFkb25seSB0ZW5hbnRJZDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBUaGUgb2JqZWN0IElEIG9mIGEgdXNlciwgc2VydmljZSBwcmluY2lwYWwsIG9yIHNlY3VyaXR5IGdyb3VwIGluIEFBRFxuICAgKi9cbiAgcmVhZG9ubHkgb2JqZWN0SWQ6IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIGFwcGxpY2F0aW9uIElEIG9mIHRoZSBjbGllbnQgbWFraW5nIHRoZSByZXF1ZXN0IG9uIGJlaGFsZiBvZiB0aGUgdXNlclxuICAgKi9cbiAgcmVhZG9ubHkgYXBwbGljYXRpb25JZD86IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIHBlcm1pc3Npb25zIGdyYW50ZWQgdG8gdGhlIGlkZW50aXR5XG4gICAqL1xuICByZWFkb25seSBwZXJtaXNzaW9uczogS2V5VmF1bHRBY2Nlc3NQb2xpY3lQZXJtaXNzaW9ucztcbn1cblxuLyoqXG4gKiBJUCBydWxlIGZvciBLZXkgVmF1bHQgbmV0d29yayBBQ0xzXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgS2V5VmF1bHRJcFJ1bGUge1xuICAvKipcbiAgICogSVAgYWRkcmVzcyBvciBDSURSIHJhbmdlXG4gICAqL1xuICByZWFkb25seSB2YWx1ZTogc3RyaW5nO1xufVxuXG4vKipcbiAqIFZpcnR1YWwgbmV0d29yayBydWxlIGZvciBLZXkgVmF1bHQgbmV0d29yayBBQ0xzXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgS2V5VmF1bHRWaXJ0dWFsTmV0d29ya1J1bGUge1xuICAvKipcbiAgICogVmlydHVhbCBuZXR3b3JrIHN1Ym5ldCByZXNvdXJjZSBJRFxuICAgKi9cbiAgcmVhZG9ubHkgaWQ6IHN0cmluZztcblxuICAvKipcbiAgICogV2hldGhlciB0byBpZ25vcmUgbWlzc2luZyBWTkVUIHNlcnZpY2UgZW5kcG9pbnRcbiAgICovXG4gIHJlYWRvbmx5IGlnbm9yZU1pc3NpbmdWbmV0U2VydmljZUVuZHBvaW50PzogYm9vbGVhbjtcbn1cblxuLyoqXG4gKiBOZXR3b3JrIEFDTCBjb25maWd1cmF0aW9uIGZvciB0aGUgS2V5IFZhdWx0XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgS2V5VmF1bHROZXR3b3JrQWNscyB7XG4gIC8qKlxuICAgKiBEZWZhdWx0IGFjdGlvbiB3aGVuIG5vIHJ1bGUgbWF0Y2hlcyAoQWxsb3cgb3IgRGVueSlcbiAgICpcbiAgICogQGRlZmF1bHQgXCJBbGxvd1wiXG4gICAqL1xuICByZWFkb25seSBkZWZhdWx0QWN0aW9uPzogXCJBbGxvd1wiIHwgXCJEZW55XCI7XG5cbiAgLyoqXG4gICAqIFRlbGxzIHdoYXQgdHJhZmZpYyBjYW4gYnlwYXNzIG5ldHdvcmsgcnVsZXMuIENhbiBiZSAnQXp1cmVTZXJ2aWNlcycgb3IgJ05vbmUnLlxuICAgKlxuICAgKiBAZGVmYXVsdCBcIkF6dXJlU2VydmljZXNcIlxuICAgKi9cbiAgcmVhZG9ubHkgYnlwYXNzPzogXCJBenVyZVNlcnZpY2VzXCIgfCBcIk5vbmVcIjtcblxuICAvKipcbiAgICogSVAgcnVsZXMgZm9yIHRoZSBLZXkgVmF1bHRcbiAgICovXG4gIHJlYWRvbmx5IGlwUnVsZXM/OiBLZXlWYXVsdElwUnVsZVtdO1xuXG4gIC8qKlxuICAgKiBWaXJ0dWFsIG5ldHdvcmsgc3VibmV0IHJ1bGVzIGZvciB0aGUgS2V5IFZhdWx0XG4gICAqL1xuICByZWFkb25seSB2aXJ0dWFsTmV0d29ya1J1bGVzPzogS2V5VmF1bHRWaXJ0dWFsTmV0d29ya1J1bGVbXTtcbn1cblxuLyoqXG4gKiBQcm9wZXJ0aWVzIGZvciB0aGUgdW5pZmllZCBBenVyZSBLZXkgVmF1bHRcbiAqXG4gKiBFeHRlbmRzIEF6YXBpUmVzb3VyY2VQcm9wcyB3aXRoIEtleSBWYXVsdCBzcGVjaWZpYyBwcm9wZXJ0aWVzLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIEtleVZhdWx0UHJvcHMgZXh0ZW5kcyBBemFwaVJlc291cmNlUHJvcHMge1xuICAvKipcbiAgICogUmVzb3VyY2UgZ3JvdXAgSUQgd2hlcmUgdGhlIEtleSBWYXVsdCB3aWxsIGJlIGNyZWF0ZWRcbiAgICovXG4gIHJlYWRvbmx5IHJlc291cmNlR3JvdXBJZD86IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIFNLVSAocHJpY2luZyB0aWVyKSBmb3IgdGhlIEtleSBWYXVsdFxuICAgKlxuICAgKiBAZGVmYXVsdCB7IG5hbWU6IFwic3RhbmRhcmRcIiwgZmFtaWx5OiBcIkFcIiB9XG4gICAqL1xuICByZWFkb25seSBza3U/OiBLZXlWYXVsdFNrdTtcblxuICAvKipcbiAgICogVGhlIEF6dXJlIEFjdGl2ZSBEaXJlY3RvcnkgdGVuYW50IElEIHRoYXQgc2hvdWxkIGJlIHVzZWQgZm9yIGF1dGhlbnRpY2F0aW5nXG4gICAqIHJlcXVlc3RzIHRvIHRoZSBLZXkgVmF1bHQuIElmIG5vdCBwcm92aWRlZCwgdGhlIGN1cnJlbnQgdGVuYW50IElEIGZyb20gdGhlXG4gICAqIEFaQVBJIGNsaWVudCBjb25maWd1cmF0aW9uIGlzIHVzZWQuXG4gICAqL1xuICByZWFkb25seSB0ZW5hbnRJZD86IHN0cmluZztcblxuICAvKipcbiAgICogQWNjZXNzIHBvbGljaWVzIGZvciB0aGUgS2V5IFZhdWx0LlxuICAgKlxuICAgKiBPbmx5IGFwcGxpY2FibGUgd2hlbiBgZW5hYmxlUmJhY0F1dGhvcml6YXRpb25gIGlzIGZhbHNlLlxuICAgKi9cbiAgcmVhZG9ubHkgYWNjZXNzUG9saWNpZXM/OiBLZXlWYXVsdEFjY2Vzc1BvbGljeVtdO1xuXG4gIC8qKlxuICAgKiBOZXR3b3JrIEFDTCBjb25maWd1cmF0aW9uIGZvciB0aGUgS2V5IFZhdWx0XG4gICAqL1xuICByZWFkb25seSBuZXR3b3JrQWNscz86IEtleVZhdWx0TmV0d29ya0FjbHM7XG5cbiAgLyoqXG4gICAqIFdoZXRoZXIgQXp1cmUgVmlydHVhbCBNYWNoaW5lcyBhcmUgcGVybWl0dGVkIHRvIHJldHJpZXZlIGNlcnRpZmljYXRlc1xuICAgKiBzdG9yZWQgYXMgc2VjcmV0cyBmcm9tIHRoZSBLZXkgVmF1bHQuXG4gICAqXG4gICAqIEBkZWZhdWx0IGZhbHNlXG4gICAqL1xuICByZWFkb25seSBlbmFibGVkRm9yRGVwbG95bWVudD86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFdoZXRoZXIgQXp1cmUgRGlzayBFbmNyeXB0aW9uIGlzIHBlcm1pdHRlZCB0byByZXRyaWV2ZSBzZWNyZXRzIGZyb20gdGhlXG4gICAqIEtleSBWYXVsdCBhbmQgdW53cmFwIGtleXMuXG4gICAqXG4gICAqIEBkZWZhdWx0IGZhbHNlXG4gICAqL1xuICByZWFkb25seSBlbmFibGVkRm9yRGlza0VuY3J5cHRpb24/OiBib29sZWFuO1xuXG4gIC8qKlxuICAgKiBXaGV0aGVyIEF6dXJlIFJlc291cmNlIE1hbmFnZXIgaXMgcGVybWl0dGVkIHRvIHJldHJpZXZlIHNlY3JldHMgZnJvbSB0aGVcbiAgICogS2V5IFZhdWx0LlxuICAgKlxuICAgKiBAZGVmYXVsdCBmYWxzZVxuICAgKi9cbiAgcmVhZG9ubHkgZW5hYmxlZEZvclRlbXBsYXRlRGVwbG95bWVudD86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFdoZXRoZXIgQXp1cmUgUkJBQyBpcyB1c2VkIHRvIGF1dGhvcml6ZSBkYXRhIGFjdGlvbnMgaW5zdGVhZCBvZiBhY2Nlc3NcbiAgICogcG9saWNpZXMuXG4gICAqXG4gICAqIEBkZWZhdWx0IHRydWVcbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZVJiYWNBdXRob3JpemF0aW9uPzogYm9vbGVhbjtcblxuICAvKipcbiAgICogV2hldGhlciBzb2Z0LWRlbGV0ZSBpcyBlbmFibGVkIG9uIHRoZSBLZXkgVmF1bHQuXG4gICAqXG4gICAqIEBkZWZhdWx0IHRydWVcbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZVNvZnREZWxldGU/OiBib29sZWFuO1xuXG4gIC8qKlxuICAgKiBOdW1iZXIgb2YgZGF5cyB0aGF0IGl0ZW1zIHNob3VsZCBiZSByZXRhaW5lZCBhZnRlciBzb2Z0LWRlbGV0ZSAoNy05MCkuXG4gICAqXG4gICAqIEBkZWZhdWx0IDkwXG4gICAqL1xuICByZWFkb25seSBzb2Z0RGVsZXRlUmV0ZW50aW9uSW5EYXlzPzogbnVtYmVyO1xuXG4gIC8qKlxuICAgKiBXaGV0aGVyIHB1cmdlIHByb3RlY3Rpb24gaXMgZW5hYmxlZC4gT25jZSBlbmFibGVkLCB0aGlzIHByb3BlcnR5IGNhbm5vdFxuICAgKiBiZSBkaXNhYmxlZC5cbiAgICovXG4gIHJlYWRvbmx5IGVuYWJsZVB1cmdlUHJvdGVjdGlvbj86IGJvb2xlYW47XG5cbiAgLyoqXG4gICAqIFdoZXRoZXIgdGhlIEtleSBWYXVsdCBhY2NlcHRzIHRyYWZmaWMgZnJvbSBwdWJsaWMgbmV0d29ya3MuXG4gICAqXG4gICAqIEBkZWZhdWx0IFwiRW5hYmxlZFwiXG4gICAqL1xuICByZWFkb25seSBwdWJsaWNOZXR3b3JrQWNjZXNzPzogXCJFbmFibGVkXCIgfCBcIkRpc2FibGVkXCI7XG5cbiAgLyoqXG4gICAqIFByb3BlcnRpZXMgdG8gaWdub3JlIGR1cmluZyB1cGRhdGVzXG4gICAqXG4gICAqIEBleGFtcGxlIFtcInRhZ3NcIl1cbiAgICovXG4gIHJlYWRvbmx5IGlnbm9yZUNoYW5nZXM/OiBzdHJpbmdbXTtcbn1cblxuLyoqXG4gKiBLZXkgVmF1bHQgcHJvcGVydGllcyBmb3IgdGhlIHJlcXVlc3QgYm9keVxuICovXG5leHBvcnQgaW50ZXJmYWNlIEtleVZhdWx0Qm9keVByb3BlcnRpZXMge1xuICByZWFkb25seSB0ZW5hbnRJZDogc3RyaW5nO1xuICByZWFkb25seSBza3U6IEtleVZhdWx0U2t1O1xuICByZWFkb25seSBhY2Nlc3NQb2xpY2llcz86IEtleVZhdWx0QWNjZXNzUG9saWN5W107XG4gIHJlYWRvbmx5IG5ldHdvcmtBY2xzPzogS2V5VmF1bHROZXR3b3JrQWNscztcbiAgcmVhZG9ubHkgZW5hYmxlZEZvckRlcGxveW1lbnQ/OiBib29sZWFuO1xuICByZWFkb25seSBlbmFibGVkRm9yRGlza0VuY3J5cHRpb24/OiBib29sZWFuO1xuICByZWFkb25seSBlbmFibGVkRm9yVGVtcGxhdGVEZXBsb3ltZW50PzogYm9vbGVhbjtcbiAgcmVhZG9ubHkgZW5hYmxlUmJhY0F1dGhvcml6YXRpb24/OiBib29sZWFuO1xuICByZWFkb25seSBlbmFibGVTb2Z0RGVsZXRlPzogYm9vbGVhbjtcbiAgcmVhZG9ubHkgc29mdERlbGV0ZVJldGVudGlvbkluRGF5cz86IG51bWJlcjtcbiAgcmVhZG9ubHkgZW5hYmxlUHVyZ2VQcm90ZWN0aW9uPzogYm9vbGVhbjtcbiAgcmVhZG9ubHkgcHVibGljTmV0d29ya0FjY2Vzcz86IHN0cmluZztcbn1cblxuLyoqXG4gKiBUaGUgcmVzb3VyY2UgYm9keSBpbnRlcmZhY2UgZm9yIEF6dXJlIEtleSBWYXVsdCBBUEkgY2FsbHNcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBLZXlWYXVsdEJvZHkge1xuICByZWFkb25seSBsb2NhdGlvbjogc3RyaW5nO1xuICByZWFkb25seSB0YWdzPzogeyBba2V5OiBzdHJpbmddOiBzdHJpbmcgfTtcbiAgcmVhZG9ubHkgcHJvcGVydGllczogS2V5VmF1bHRCb2R5UHJvcGVydGllcztcbn1cblxuLyoqXG4gKiBVbmlmaWVkIEF6dXJlIEtleSBWYXVsdCBpbXBsZW1lbnRhdGlvblxuICpcbiAqIFRoaXMgY2xhc3MgcHJvdmlkZXMgYSBzaW5nbGUsIHZlcnNpb24tYXdhcmUgaW1wbGVtZW50YXRpb24gdGhhdCBhdXRvbWF0aWNhbGx5XG4gKiBoYW5kbGVzIHZlcnNpb24gcmVzb2x1dGlvbiwgc2NoZW1hIHZhbGlkYXRpb24sIGFuZCBwcm9wZXJ0eSB0cmFuc2Zvcm1hdGlvblxuICogd2hpbGUgbWFpbnRhaW5pbmcgZnVsbCBKU0lJIGNvbXBsaWFuY2UuXG4gKlxuICogQXp1cmUgS2V5IFZhdWx0IGlzIGEgY2xvdWQgc2VydmljZSBmb3Igc2VjdXJlbHkgc3RvcmluZyBhbmQgYWNjZXNzaW5nIHNlY3JldHMsXG4gKiBrZXlzLCBhbmQgY2VydGlmaWNhdGVzIHdpdGggY2VudHJhbGl6ZWQgbWFuYWdlbWVudCBhbmQgYWNjZXNzIGNvbnRyb2wuXG4gKlxuICogQGV4YW1wbGVcbiAqIC8vIEJhc2ljIHVzYWdlIHdpdGggYXV0b21hdGljIHZlcnNpb24gcmVzb2x1dGlvbiBhbmQgY3VycmVudCB0ZW5hbnQ6XG4gKiBjb25zdCBrZXlWYXVsdCA9IG5ldyBLZXlWYXVsdCh0aGlzLCBcImt2XCIsIHtcbiAqICAgbmFtZTogXCJteS1rZXl2YXVsdC0xMjM0XCIsXG4gKiAgIGxvY2F0aW9uOiBcImVhc3R1c1wiLFxuICogICByZXNvdXJjZUdyb3VwSWQ6IHJlc291cmNlR3JvdXAuaWQsXG4gKiB9KTtcbiAqXG4gKiBAZXhhbXBsZVxuICogLy8gVXNhZ2Ugd2l0aCBleHBsaWNpdCB2ZXJzaW9uIHBpbm5pbmcgYW5kIGNvbmZpZ3VyYXRpb246XG4gKiBjb25zdCBrZXlWYXVsdCA9IG5ldyBLZXlWYXVsdCh0aGlzLCBcImt2XCIsIHtcbiAqICAgbmFtZTogXCJteS1rZXl2YXVsdC0xMjM0XCIsXG4gKiAgIGxvY2F0aW9uOiBcImVhc3R1c1wiLFxuICogICByZXNvdXJjZUdyb3VwSWQ6IHJlc291cmNlR3JvdXAuaWQsXG4gKiAgIHNrdTogeyBuYW1lOiBcInByZW1pdW1cIiB9LFxuICogICBhcGlWZXJzaW9uOiBcIjIwMjMtMDctMDFcIixcbiAqICAgZW5hYmxlUHVyZ2VQcm90ZWN0aW9uOiB0cnVlLFxuICogICBwdWJsaWNOZXR3b3JrQWNjZXNzOiBcIkRpc2FibGVkXCIsXG4gKiAgIG5ldHdvcmtBY2xzOiB7XG4gKiAgICAgZGVmYXVsdEFjdGlvbjogXCJEZW55XCIsXG4gKiAgICAgYnlwYXNzOiBcIkF6dXJlU2VydmljZXNcIixcbiAqICAgfSxcbiAqIH0pO1xuICpcbiAqIEBzdGFiaWxpdHkgc3RhYmxlXG4gKi9cbmV4cG9ydCBjbGFzcyBLZXlWYXVsdCBleHRlbmRzIEF6YXBpUmVzb3VyY2Uge1xuICAvLyBTdGF0aWMgaW5pdGlhbGl6ZXIgcnVucyBvbmNlIHdoZW4gdGhlIGNsYXNzIGlzIGZpcnN0IGxvYWRlZFxuICBzdGF0aWMge1xuICAgIEF6YXBpUmVzb3VyY2UucmVnaXN0ZXJTY2hlbWFzKEtFWV9WQVVMVF9UWVBFLCBBTExfS0VZX1ZBVUxUX1ZFUlNJT05TKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBUaGUgaW5wdXQgcHJvcGVydGllcyBmb3IgdGhpcyBLZXkgVmF1bHQgaW5zdGFuY2VcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBwcm9wczogS2V5VmF1bHRQcm9wcztcblxuICAvLyBPdXRwdXQgcHJvcGVydGllcyBmb3IgZWFzeSBhY2Nlc3MgYW5kIHJlZmVyZW5jaW5nXG4gIHB1YmxpYyByZWFkb25seSBpZE91dHB1dDogY2RrdGYuVGVycmFmb3JtT3V0cHV0O1xuICBwdWJsaWMgcmVhZG9ubHkgbG9jYXRpb25PdXRwdXQ6IGNka3RmLlRlcnJhZm9ybU91dHB1dDtcbiAgcHVibGljIHJlYWRvbmx5IG5hbWVPdXRwdXQ6IGNka3RmLlRlcnJhZm9ybU91dHB1dDtcbiAgcHVibGljIHJlYWRvbmx5IHRhZ3NPdXRwdXQ6IGNka3RmLlRlcnJhZm9ybU91dHB1dDtcbiAgcHVibGljIHJlYWRvbmx5IHZhdWx0VXJpT3V0cHV0OiBjZGt0Zi5UZXJyYWZvcm1PdXRwdXQ7XG5cbiAgLyoqXG4gICAqIENyZWF0ZXMgYSBuZXcgQXp1cmUgS2V5IFZhdWx0IHVzaW5nIHRoZSBBemFwaVJlc291cmNlIGZyYW1ld29ya1xuICAgKlxuICAgKiBAcGFyYW0gc2NvcGUgLSBUaGUgc2NvcGUgaW4gd2hpY2ggdG8gZGVmaW5lIHRoaXMgY29uc3RydWN0XG4gICAqIEBwYXJhbSBpZCAtIFRoZSB1bmlxdWUgaWRlbnRpZmllciBmb3IgdGhpcyBpbnN0YW5jZVxuICAgKiBAcGFyYW0gcHJvcHMgLSBDb25maWd1cmF0aW9uIHByb3BlcnRpZXMgZm9yIHRoZSBLZXkgVmF1bHRcbiAgICovXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBLZXlWYXVsdFByb3BzKSB7XG4gICAgLy8gVmFsaWRhdGUgc29mdERlbGV0ZVJldGVudGlvbkluRGF5cyBib3VuZHMgYmVmb3JlIGRlbGVnYXRpbmcgdG8gYmFzZSBjbGFzc1xuICAgIGlmIChwcm9wcy5zb2Z0RGVsZXRlUmV0ZW50aW9uSW5EYXlzICE9PSB1bmRlZmluZWQpIHtcbiAgICAgIGlmIChcbiAgICAgICAgcHJvcHMuc29mdERlbGV0ZVJldGVudGlvbkluRGF5cyA8IDcgfHxcbiAgICAgICAgcHJvcHMuc29mdERlbGV0ZVJldGVudGlvbkluRGF5cyA+IDkwXG4gICAgICApIHtcbiAgICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICAgIFwic29mdERlbGV0ZVJldGVudGlvbkluRGF5cyBtdXN0IGJlIGJldHdlZW4gNyBhbmQgOTAgZGF5c1wiLFxuICAgICAgICApO1xuICAgICAgfVxuICAgIH1cblxuICAgIC8vIElmIHRlbmFudElkIGlzIG5vdCBwcm92aWRlZCwgZmFsbCBiYWNrIHRvIHRoZSBjdXJyZW50IEFaQVBJIGNsaWVudCB0ZW5hbnQuXG4gICAgLy8gVGhlIERhdGFBemFwaUNsaWVudENvbmZpZyBkYXRhIHNvdXJjZSBtdXN0IGJlIGNyZWF0ZWQgb24gdGhlIHBhcmVudCBzY29wZVxuICAgIC8vIHNvIGl0IGlzIGF2YWlsYWJsZSBiZWZvcmUgc3VwZXIoKSBpcyBjYWxsZWQuXG4gICAgY29uc3QgcmVzb2x2ZWRUZW5hbnRJZCA9XG4gICAgICBwcm9wcy50ZW5hbnRJZCA/P1xuICAgICAgKCgpID0+IHtcbiAgICAgICAgY29uc3QgY2xpZW50Q29uZmlnID0gbmV3IERhdGFBemFwaUNsaWVudENvbmZpZyhcbiAgICAgICAgICBzY29wZSxcbiAgICAgICAgICBgJHtpZH1fY2xpZW50X2NvbmZpZ2AsXG4gICAgICAgICAge30sXG4gICAgICAgICk7XG4gICAgICAgIHJldHVybiBgXFwkeyR7Y2xpZW50Q29uZmlnLmZxbn0udGVuYW50X2lkfWA7XG4gICAgICB9KSgpO1xuXG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7IC4uLnByb3BzLCB0ZW5hbnRJZDogcmVzb2x2ZWRUZW5hbnRJZCB9IGFzIEtleVZhdWx0UHJvcHMpO1xuXG4gICAgdGhpcy5wcm9wcyA9IHByb3BzO1xuXG4gICAgLy8gQ3JlYXRlIFRlcnJhZm9ybSBvdXRwdXRzXG4gICAgdGhpcy5pZE91dHB1dCA9IG5ldyBjZGt0Zi5UZXJyYWZvcm1PdXRwdXQodGhpcywgXCJpZFwiLCB7XG4gICAgICB2YWx1ZTogdGhpcy5pZCxcbiAgICAgIGRlc2NyaXB0aW9uOiBcIlRoZSBJRCBvZiB0aGUgS2V5IFZhdWx0XCIsXG4gICAgfSk7XG5cbiAgICB0aGlzLmxvY2F0aW9uT3V0cHV0ID0gbmV3IGNka3RmLlRlcnJhZm9ybU91dHB1dCh0aGlzLCBcImxvY2F0aW9uXCIsIHtcbiAgICAgIHZhbHVlOiBgXFwkeyR7dGhpcy50ZXJyYWZvcm1SZXNvdXJjZS5mcW59LmxvY2F0aW9ufWAsXG4gICAgICBkZXNjcmlwdGlvbjogXCJUaGUgbG9jYXRpb24gb2YgdGhlIEtleSBWYXVsdFwiLFxuICAgIH0pO1xuXG4gICAgdGhpcy5uYW1lT3V0cHV0ID0gbmV3IGNka3RmLlRlcnJhZm9ybU91dHB1dCh0aGlzLCBcIm5hbWVcIiwge1xuICAgICAgdmFsdWU6IGBcXCR7JHt0aGlzLnRlcnJhZm9ybVJlc291cmNlLmZxbn0ubmFtZX1gLFxuICAgICAgZGVzY3JpcHRpb246IFwiVGhlIG5hbWUgb2YgdGhlIEtleSBWYXVsdFwiLFxuICAgIH0pO1xuXG4gICAgdGhpcy50YWdzT3V0cHV0ID0gbmV3IGNka3RmLlRlcnJhZm9ybU91dHB1dCh0aGlzLCBcInRhZ3NcIiwge1xuICAgICAgdmFsdWU6IGBcXCR7JHt0aGlzLnRlcnJhZm9ybVJlc291cmNlLmZxbn0udGFnc31gLFxuICAgICAgZGVzY3JpcHRpb246IFwiVGhlIHRhZ3MgYXNzaWduZWQgdG8gdGhlIEtleSBWYXVsdFwiLFxuICAgIH0pO1xuXG4gICAgdGhpcy52YXVsdFVyaU91dHB1dCA9IG5ldyBjZGt0Zi5UZXJyYWZvcm1PdXRwdXQodGhpcywgXCJ2YXVsdF91cmlcIiwge1xuICAgICAgdmFsdWU6IHRoaXMudmF1bHRVcmksXG4gICAgICBkZXNjcmlwdGlvbjpcbiAgICAgICAgXCJUaGUgVVJJIG9mIHRoZSBLZXkgVmF1bHQgZm9yIHBlcmZvcm1pbmcgZGF0YSBwbGFuZSBvcGVyYXRpb25zXCIsXG4gICAgfSk7XG5cbiAgICAvLyBPdmVycmlkZSBsb2dpY2FsIElEc1xuICAgIHRoaXMuaWRPdXRwdXQub3ZlcnJpZGVMb2dpY2FsSWQoXCJpZFwiKTtcbiAgICB0aGlzLmxvY2F0aW9uT3V0cHV0Lm92ZXJyaWRlTG9naWNhbElkKFwibG9jYXRpb25cIik7XG4gICAgdGhpcy5uYW1lT3V0cHV0Lm92ZXJyaWRlTG9naWNhbElkKFwibmFtZVwiKTtcbiAgICB0aGlzLnRhZ3NPdXRwdXQub3ZlcnJpZGVMb2dpY2FsSWQoXCJ0YWdzXCIpO1xuICAgIHRoaXMudmF1bHRVcmlPdXRwdXQub3ZlcnJpZGVMb2dpY2FsSWQoXCJ2YXVsdF91cmlcIik7XG5cbiAgICAvLyBBcHBseSBpZ25vcmUgY2hhbmdlcyBpZiBzcGVjaWZpZWRcbiAgICB0aGlzLl9hcHBseUlnbm9yZUNoYW5nZXMoKTtcbiAgfVxuXG4gIC8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG4gIC8vIFJFUVVJUkVEIEFCU1RSQUNUIE1FVEhPRFMgRlJPTSBBemFwaVJlc291cmNlXG4gIC8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG5cbiAgLyoqXG4gICAqIEdldHMgdGhlIGRlZmF1bHQgQVBJIHZlcnNpb24gdG8gdXNlIHdoZW4gbm8gZXhwbGljaXQgdmVyc2lvbiBpcyBzcGVjaWZpZWRcbiAgICovXG4gIHByb3RlY3RlZCBkZWZhdWx0VmVyc2lvbigpOiBzdHJpbmcge1xuICAgIHJldHVybiBcIjIwMjQtMTEtMDFcIjtcbiAgfVxuXG4gIC8qKlxuICAgKiBHZXRzIHRoZSBBenVyZSByZXNvdXJjZSB0eXBlIGZvciBLZXkgVmF1bHRcbiAgICovXG4gIHByb3RlY3RlZCByZXNvdXJjZVR5cGUoKTogc3RyaW5nIHtcbiAgICByZXR1cm4gS0VZX1ZBVUxUX1RZUEU7XG4gIH1cblxuICAvKipcbiAgICogR2V0cyB0aGUgQVBJIHNjaGVtYSBmb3IgdGhlIHJlc29sdmVkIHZlcnNpb25cbiAgICovXG4gIHByb3RlY3RlZCBhcGlTY2hlbWEoKTogQXBpU2NoZW1hIHtcbiAgICByZXR1cm4gdGhpcy5yZXNvbHZlU2NoZW1hKCk7XG4gIH1cblxuICAvKipcbiAgICogSW5kaWNhdGVzIHRoYXQgbG9jYXRpb24gaXMgcmVxdWlyZWQgZm9yIEtleSBWYXVsdHNcbiAgICovXG4gIHByb3RlY3RlZCByZXF1aXJlc0xvY2F0aW9uKCk6IGJvb2xlYW4ge1xuICAgIHJldHVybiB0cnVlO1xuICB9XG5cbiAgLyoqXG4gICAqIENyZWF0ZXMgdGhlIHJlc291cmNlIGJvZHkgZm9yIHRoZSBBenVyZSBBUEkgY2FsbFxuICAgKi9cbiAgcHJvdGVjdGVkIGNyZWF0ZVJlc291cmNlQm9keShwcm9wczogYW55KTogYW55IHtcbiAgICBjb25zdCB0eXBlZFByb3BzID0gcHJvcHMgYXMgS2V5VmF1bHRQcm9wcztcblxuICAgIGNvbnN0IHByb3BlcnRpZXM6IGFueSA9IHtcbiAgICAgIHRlbmFudElkOiB0eXBlZFByb3BzLnRlbmFudElkLFxuICAgICAgc2t1OiB7XG4gICAgICAgIG5hbWU6IHR5cGVkUHJvcHMuc2t1Py5uYW1lID8/IFwic3RhbmRhcmRcIixcbiAgICAgICAgZmFtaWx5OiB0eXBlZFByb3BzLnNrdT8uZmFtaWx5ID8/IFwiQVwiLFxuICAgICAgfSxcbiAgICAgIGVuYWJsZWRGb3JEZXBsb3ltZW50OiB0eXBlZFByb3BzLmVuYWJsZWRGb3JEZXBsb3ltZW50ID8/IGZhbHNlLFxuICAgICAgZW5hYmxlZEZvckRpc2tFbmNyeXB0aW9uOiB0eXBlZFByb3BzLmVuYWJsZWRGb3JEaXNrRW5jcnlwdGlvbiA/PyBmYWxzZSxcbiAgICAgIGVuYWJsZWRGb3JUZW1wbGF0ZURlcGxveW1lbnQ6XG4gICAgICAgIHR5cGVkUHJvcHMuZW5hYmxlZEZvclRlbXBsYXRlRGVwbG95bWVudCA/PyBmYWxzZSxcbiAgICAgIGVuYWJsZVJiYWNBdXRob3JpemF0aW9uOiB0eXBlZFByb3BzLmVuYWJsZVJiYWNBdXRob3JpemF0aW9uID8/IHRydWUsXG4gICAgICBlbmFibGVTb2Z0RGVsZXRlOiB0eXBlZFByb3BzLmVuYWJsZVNvZnREZWxldGUgPz8gdHJ1ZSxcbiAgICAgIHNvZnREZWxldGVSZXRlbnRpb25JbkRheXM6IHR5cGVkUHJvcHMuc29mdERlbGV0ZVJldGVudGlvbkluRGF5cyA/PyA5MCxcbiAgICAgIHB1YmxpY05ldHdvcmtBY2Nlc3M6IHR5cGVkUHJvcHMucHVibGljTmV0d29ya0FjY2VzcyA/PyBcIkVuYWJsZWRcIixcbiAgICB9O1xuXG4gICAgaWYgKHR5cGVkUHJvcHMuZW5hYmxlUHVyZ2VQcm90ZWN0aW9uICE9PSB1bmRlZmluZWQpIHtcbiAgICAgIHByb3BlcnRpZXMuZW5hYmxlUHVyZ2VQcm90ZWN0aW9uID0gdHlwZWRQcm9wcy5lbmFibGVQdXJnZVByb3RlY3Rpb247XG4gICAgfVxuXG4gICAgLy8gYWNjZXNzUG9saWNpZXMgaXMgb25seSBtZWFuaW5nZnVsIHdoZW4gUkJBQyBhdXRob3JpemF0aW9uIGlzIGRpc2FibGVkLlxuICAgIC8vIEFsd2F5cyBpbmNsdWRlIHRoZSBhcnJheSAoQXp1cmUgcmVxdWlyZXMgaXQpIC0gZGVmYXVsdCB0byBlbXB0eS5cbiAgICBwcm9wZXJ0aWVzLmFjY2Vzc1BvbGljaWVzID0gdHlwZWRQcm9wcy5hY2Nlc3NQb2xpY2llcyA/PyBbXTtcblxuICAgIGlmICh0eXBlZFByb3BzLm5ldHdvcmtBY2xzKSB7XG4gICAgICBwcm9wZXJ0aWVzLm5ldHdvcmtBY2xzID0ge1xuICAgICAgICBkZWZhdWx0QWN0aW9uOiB0eXBlZFByb3BzLm5ldHdvcmtBY2xzLmRlZmF1bHRBY3Rpb24gPz8gXCJBbGxvd1wiLFxuICAgICAgICBieXBhc3M6IHR5cGVkUHJvcHMubmV0d29ya0FjbHMuYnlwYXNzID8/IFwiQXp1cmVTZXJ2aWNlc1wiLFxuICAgICAgICBpcFJ1bGVzOiB0eXBlZFByb3BzLm5ldHdvcmtBY2xzLmlwUnVsZXMgPz8gW10sXG4gICAgICAgIHZpcnR1YWxOZXR3b3JrUnVsZXM6IHR5cGVkUHJvcHMubmV0d29ya0FjbHMudmlydHVhbE5ldHdvcmtSdWxlcyA/PyBbXSxcbiAgICAgIH07XG4gICAgfVxuXG4gICAgcmV0dXJuIHtcbiAgICAgIGxvY2F0aW9uOiB0aGlzLmxvY2F0aW9uLFxuICAgICAgdGFnczogdGhpcy5hbGxUYWdzKCksXG4gICAgICBwcm9wZXJ0aWVzLFxuICAgIH07XG4gIH1cblxuICAvLyA9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuICAvLyBQVUJMSUMgTUVUSE9EUyBGT1IgS0VZIFZBVUxUIE9QRVJBVElPTlNcbiAgLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cblxuICAvKipcbiAgICogR2V0IHRoZSBkYXRhIHBsYW5lIFVSSSBvZiB0aGUgS2V5IFZhdWx0XG4gICAqXG4gICAqIFJldHVybnMgdGhlIGRldGVybWluaXN0aWMgQXp1cmUgcHVibGljIGNsb3VkIEtleSBWYXVsdCBVUkkgaW4gdGhlIGZvcm1cbiAgICogYGh0dHBzOi8ve25hbWV9LnZhdWx0LmF6dXJlLm5ldC9gLiBUaGlzIGF2b2lkcyBkZXBlbmRpbmcgb24gdGhlIEFaQVBJXG4gICAqIHJlc291cmNlIGBvdXRwdXRgIGF0dHJpYnV0ZSB3aGljaCBpcyBvbmx5IHBvcHVsYXRlZCBmb3IgcHJvcGVydGllcyBsaXN0ZWRcbiAgICogaW4gYHJlc3BvbnNlX2V4cG9ydF92YWx1ZXNgLlxuICAgKi9cbiAgcHVibGljIGdldCB2YXVsdFVyaSgpOiBzdHJpbmcge1xuICAgIHJldHVybiBgaHR0cHM6Ly9cXCR7JHt0aGlzLnRlcnJhZm9ybVJlc291cmNlLmZxbn0ubmFtZX0udmF1bHQuYXp1cmUubmV0L2A7XG4gIH1cblxuICAvKipcbiAgICogQWRkIGEgdGFnIHRvIHRoZSBLZXkgVmF1bHRcbiAgICovXG4gIHB1YmxpYyBhZGRUYWcoa2V5OiBzdHJpbmcsIHZhbHVlOiBzdHJpbmcpOiB2b2lkIHtcbiAgICBpZiAoIXRoaXMucHJvcHMudGFncykge1xuICAgICAgKHRoaXMucHJvcHMgYXMgYW55KS50YWdzID0ge307XG4gICAgfVxuICAgIHRoaXMucHJvcHMudGFncyFba2V5XSA9IHZhbHVlO1xuICB9XG5cbiAgLyoqXG4gICAqIFJlbW92ZSBhIHRhZyBmcm9tIHRoZSBLZXkgVmF1bHRcbiAgICovXG4gIHB1YmxpYyByZW1vdmVUYWcoa2V5OiBzdHJpbmcpOiB2b2lkIHtcbiAgICBpZiAodGhpcy5wcm9wcy50YWdzICYmIHRoaXMucHJvcHMudGFnc1trZXldKSB7XG4gICAgICBkZWxldGUgdGhpcy5wcm9wcy50YWdzW2tleV07XG4gICAgfVxuICB9XG5cbiAgLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cbiAgLy8gUFJJVkFURSBIRUxQRVIgTUVUSE9EU1xuICAvLyA9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuXG4gIC8qKlxuICAgKiBBcHBsaWVzIGlnbm9yZSBjaGFuZ2VzIGxpZmVjeWNsZSBydWxlcyBpZiBzcGVjaWZpZWQgaW4gcHJvcHNcbiAgICovXG4gIHByaXZhdGUgX2FwcGx5SWdub3JlQ2hhbmdlcygpOiB2b2lkIHtcbiAgICBpZiAodGhpcy5wcm9wcy5pZ25vcmVDaGFuZ2VzICYmIHRoaXMucHJvcHMuaWdub3JlQ2hhbmdlcy5sZW5ndGggPiAwKSB7XG4gICAgICB0aGlzLnRlcnJhZm9ybVJlc291cmNlLmFkZE92ZXJyaWRlKFwibGlmZWN5Y2xlXCIsIFtcbiAgICAgICAge1xuICAgICAgICAgIGlnbm9yZV9jaGFuZ2VzOiB0aGlzLnByb3BzLmlnbm9yZUNoYW5nZXMsXG4gICAgICAgIH0sXG4gICAgICBdKTtcbiAgICB9XG4gIH1cbn1cbiJdfQ==

package/lib/azure-keyvault/test/key-vault.integ.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Integration test for Azure Key Vault
+ *
+ * This test demonstrates basic usage of the KeyVault construct
+ * and validates deployment, idempotency, and cleanup.
+ *
+ * Run with: npm run integration:nostream
+ */
+import "cdktf/lib/testing/adapters/jest";