@orcabus/platform-cdk-constructs 0.0.4

package/README.md

@@ -0,0 +1 @@
+# CDK Constructs Package for OrcaBus

package/api-gateway/README.md

@@ -0,0 +1,26 @@
+# ApiGatewayConstruct
+
+Usage example:
+
+```ts
+const apiGateway = new ApiGatewayConstruct(this, 'ApiGateway', props.apiGatewayCognitoProps);
+const httpApi = apiGateway.httpApi;
+
+const apiIntegration = new HttpLambdaIntegration('ApiIntegration', apiFn);
+
+new HttpRoute(this, 'GetHttpRoute', {
+  httpApi: httpApi,
+  integration: apiIntegration,
+  routeKey: HttpRouteKey.with('/{proxy+}', HttpMethod.GET),
+});
+
+// To protect the path/method with an admin role within the User Pool Cognito
+// More details on ./.../stateful/authorization-stack
+
+new HttpRoute(this, 'PostHttpRoute', {
+  httpApi: httpApi,
+  integration: apiIntegration,
+  authorizer: apiGateway.authStackHttpLambdaAuthorizer,
+  routeKey: HttpRouteKey.with('/{proxy+}', HttpMethod.POST),
+});
+```

package/api-gateway/api-gateway.d.ts

@@ -0,0 +1,78 @@
+import { Construct } from "constructs";
+import { RemovalPolicy } from "aws-cdk-lib";
+import { HttpLambdaAuthorizer } from "aws-cdk-lib/aws-apigatewayv2-authorizers";
+import { HttpApi } from "aws-cdk-lib/aws-apigatewayv2";
+import { RetentionDays } from "aws-cdk-lib/aws-logs";
+export interface ApiGwLogsConfig {
+    /**
+     * The number of days log events are kept in CloudWatch Logs.
+     */
+    readonly retention: RetentionDays;
+    /**
+     * The removal policy to apply to the log group.
+     */
+    readonly removalPolicy: RemovalPolicy;
+}
+export interface OrcaBusApiGatewayProps {
+    /**
+     * The name of the API.
+     */
+    readonly apiName: string;
+    /**
+     * The prefix for the custom domain name
+     */
+    readonly customDomainNamePrefix: string;
+    /**
+     *The cognito user pool id parameter name.
+  
+     @default DEFAULT_COGNITO_USER_POOL_ID_PARAMETER_NAME
+     */
+    readonly cognitoUserPoolIdParameterName?: string;
+    /**
+     * The parameter name for the cognito client id in array.
+     * In order API Gateway to validate the JWT token, it needs to know the client id which usually
+     * stored in SSM Parameter. This will accept multiple parameter name in an array.
+     *
+     * @default DEFAULT_COGNITO_CLIENT_ID_PARAMETER_NAME_ARRAY
+     */
+    readonly cognitoClientIdParameterNameArray?: string[];
+    /**
+     * The configuration for aws cloudwatch logs
+     */
+    readonly apiGwLogsConfig: ApiGwLogsConfig;
+    /**
+     * Allowed CORS origins.
+     */
+    readonly corsAllowOrigins: string[];
+}
+export declare class OrcaBusApiGateway extends Construct {
+    /**
+     * The AWS region where the API Gateway is deployed.
+     */
+    readonly region: string;
+    /**
+     * The HTTP API
+     */
+    readonly httpApi: HttpApi;
+    /**
+     * Domain name defined in this gateway
+     */
+    readonly domainName: string;
+    /**
+     * The Lambda HTTP Authorizer used to enforce authorization policies
+     * defined in the authorization stack.
+     *
+     * To use this, set it as the `authorizer` property in an `HttpRoute` construct.
+     * Example: `authorizer: apiGateway.authStackHttpLambdaAuthorizer`
+     */
+    readonly authStackHttpLambdaAuthorizer: HttpLambdaAuthorizer;
+    constructor(scope: Construct, id: string, props: OrcaBusApiGatewayProps);
+    private setupAccessLogs;
+    private getJWTAuthorizer;
+    /**
+     * Get the HTTP Lambda Authorizer defined in the authorization stack manager
+     * @param authStackHttpLambdaAuthorizerParameterName The SSM Parameter Name that stores the ARN of the lambda authorizer
+     * @returns
+     */
+    private getAuthStackHTTPLambdaAuthorizer;
+}

package/api-gateway/api-gateway.js

@@ -0,0 +1,144 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OrcaBusApiGateway = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+const constructs_1 = require("constructs");
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_apigatewayv2_authorizers_1 = require("aws-cdk-lib/aws-apigatewayv2-authorizers");
+const aws_apigatewayv2_1 = require("aws-cdk-lib/aws-apigatewayv2");
+const aws_certificatemanager_1 = require("aws-cdk-lib/aws-certificatemanager");
+const aws_ssm_1 = require("aws-cdk-lib/aws-ssm");
+const aws_logs_1 = require("aws-cdk-lib/aws-logs");
+const aws_route53_1 = require("aws-cdk-lib/aws-route53");
+const aws_iam_1 = require("aws-cdk-lib/aws-iam");
+const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
+const aws_route53_targets_1 = require("aws-cdk-lib/aws-route53-targets");
+const config_1 = require("./config");
+class OrcaBusApiGateway extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.region = aws_cdk_lib_1.Stack.of(this).region;
+        // umccr acm arn
+        const umccrAcmArn = aws_ssm_1.StringParameter.valueForStringParameter(this, "/umccr/certificate_arn");
+        const hostedDomainName = aws_ssm_1.StringParameter.valueForStringParameter(this, "/hosted_zone/umccr/name");
+        const hostedZoneId = aws_ssm_1.StringParameter.valueForStringParameter(this, "/hosted_zone/umccr/id");
+        this.domainName = `${props.customDomainNamePrefix}.${hostedDomainName}`;
+        const apiGWDomainName = new aws_apigatewayv2_1.DomainName(this, "UmccrDomainName", {
+            domainName: this.domainName,
+            certificate: aws_certificatemanager_1.Certificate.fromCertificateArn(this, "cert", umccrAcmArn),
+        });
+        this.httpApi = new aws_apigatewayv2_1.HttpApi(this, "HttpApi", {
+            apiName: "OrcaBusAPI-" + props.apiName,
+            corsPreflight: {
+                allowHeaders: [
+                    "content-type",
+                    "content-disposition",
+                    "authorization",
+                    "x-amz-date",
+                    "x-api-key",
+                    "x-amz-security-token",
+                    "x-amz-user-agent",
+                ],
+                allowMethods: [
+                    aws_apigatewayv2_1.CorsHttpMethod.GET,
+                    aws_apigatewayv2_1.CorsHttpMethod.HEAD,
+                    aws_apigatewayv2_1.CorsHttpMethod.OPTIONS,
+                    aws_apigatewayv2_1.CorsHttpMethod.POST,
+                    aws_apigatewayv2_1.CorsHttpMethod.PATCH,
+                    aws_apigatewayv2_1.CorsHttpMethod.DELETE,
+                ],
+                allowOrigins: props.corsAllowOrigins,
+                maxAge: aws_cdk_lib_1.Duration.days(10),
+            },
+            defaultAuthorizer: this.getJWTAuthorizer(props),
+            defaultDomainMapping: {
+                domainName: apiGWDomainName,
+            },
+        });
+        this.authStackHttpLambdaAuthorizer =
+            this.getAuthStackHTTPLambdaAuthorizer();
+        new aws_route53_1.ARecord(this, "CustomDomainARecord", {
+            zone: aws_route53_1.HostedZone.fromHostedZoneAttributes(this, "UmccrHostedZone", {
+                hostedZoneId,
+                zoneName: hostedDomainName,
+            }),
+            recordName: this.domainName,
+            target: aws_route53_1.RecordTarget.fromAlias(new aws_route53_targets_1.ApiGatewayv2DomainProperties(apiGWDomainName.regionalDomainName, apiGWDomainName.regionalHostedZoneId)),
+        });
+        // LogGroups
+        this.setupAccessLogs(props.apiGwLogsConfig);
+        // CloudMap
+        // this.setupCloudServiceDiscovery()
+    }
+    // TODO: https://github.com/aws-samples/aws-cdk-service-discovery-example/tree/main
+    // private setupCloudServiceDiscovery() {
+    // }
+    // TODO: Taken from https://github.com/aws/aws-cdk/issues/11100#issuecomment-904627081
+    // Monitor for higher level CDK construct instead of leveraging CfnStage
+    setupAccessLogs(props) {
+        const accessLogs = new aws_logs_1.LogGroup(this, "ApiGwAccessLogs", {
+            retention: props.retention,
+            removalPolicy: props.removalPolicy,
+        });
+        const stage = this.httpApi.defaultStage?.node.defaultChild;
+        stage.accessLogSettings = {
+            destinationArn: accessLogs.logGroupArn,
+            format: JSON.stringify({
+                requestId: "$context.requestId",
+                userAgent: "$context.identity.userAgent",
+                sourceIp: "$context.identity.sourceIp",
+                requestTime: "$context.requestTime",
+                requestTimeEpoch: "$context.requestTimeEpoch",
+                httpMethod: "$context.httpMethod",
+                path: "$context.path",
+                status: "$context.status",
+                protocol: "$context.protocol",
+                responseLength: "$context.responseLength",
+                domainName: "$context.domainName",
+            }),
+        };
+        // Allow writing access logs, managed
+        const role = new aws_iam_1.Role(this, "AmazonAPIGatewayPushToCloudWatchLogs", {
+            assumedBy: new aws_iam_1.ServicePrincipal("apigateway.amazonaws.com"),
+        });
+        accessLogs.grantWrite(role);
+    }
+    getJWTAuthorizer({ cognitoUserPoolIdParameterName = config_1.DEFAULT_COGNITO_USER_POOL_ID_PARAMETER_NAME, cognitoClientIdParameterNameArray = config_1.DEFAULT_COGNITO_CLIENT_ID_PARAMETER_NAME_ARRAY, }) {
+        /**
+         * FIXME One fine day in future when we have proper Cognito AAI setup.
+         *  For the moment, we leverage Portal and established Cognito infrastructure.
+         *  See https://github.com/umccr/orcabus/issues/102
+         */
+        const userPoolIdParam = aws_ssm_1.StringParameter.fromStringParameterName(this, "CognitoUserPoolIdParameter", cognitoUserPoolIdParameterName);
+        const clientIdParamsArray = cognitoClientIdParameterNameArray.map((name) => aws_cdk_lib_1.aws_ssm.StringParameter.fromStringParameterName(this, `CognitoClientId${name}Parameter`, name));
+        const issuer = "https://cognito-idp." +
+            this.region +
+            ".amazonaws.com/" +
+            userPoolIdParam.stringValue;
+        return new aws_apigatewayv2_authorizers_1.HttpJwtAuthorizer("PortalAuthorizer", issuer, {
+            jwtAudience: clientIdParamsArray.map((param) => param.stringValue),
+        });
+    }
+    /**
+     * Get the HTTP Lambda Authorizer defined in the authorization stack manager
+     * @param authStackHttpLambdaAuthorizerParameterName The SSM Parameter Name that stores the ARN of the lambda authorizer
+     * @returns
+     */
+    getAuthStackHTTPLambdaAuthorizer() {
+        const lambdaArn = aws_ssm_1.StringParameter.valueForStringParameter(this, "/orcabus/authorization-stack/http-lambda-authorization-arn");
+        // Get the lambda HTTP authorizer defined in the authorization stack manager
+        const lambdaAuthorizer = aws_lambda_1.Function.fromFunctionAttributes(this, "AuthStackHTTPLambdaAuthorizer", {
+            functionArn: lambdaArn,
+            sameEnvironment: true,
+        });
+        return new aws_apigatewayv2_authorizers_1.HttpLambdaAuthorizer("AuthStackLambdaHttpAuthorizer", lambdaAuthorizer, {
+            authorizerName: "AuthStackHTTPLambdaAuthorizer",
+            responseTypes: [aws_apigatewayv2_authorizers_1.HttpLambdaResponseType.SIMPLE],
+        });
+    }
+}
+exports.OrcaBusApiGateway = OrcaBusApiGateway;
+_a = JSII_RTTI_SYMBOL_1;
+OrcaBusApiGateway[_a] = { fqn: "@orcabus/platform-cdk-constructs.apigateway.OrcaBusApiGateway", version: "0.0.4" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBpLWdhdGV3YXkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJhcGktZ2F0ZXdheS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLDJDQUF1QztBQUN2Qyw2Q0FBc0U7QUFDdEUsMkZBSWtEO0FBQ2xELG1FQUtzQztBQUN0QywrRUFBaUU7QUFDakUsaURBQXdFO0FBQ3hFLG1EQUErRDtBQUMvRCx5REFBNEU7QUFDNUUsaURBQTZEO0FBQzdELHVEQUFrRDtBQUNsRCx5RUFBK0U7QUFDL0UscUNBR2tCO0FBOENsQixNQUFhLGlCQUFrQixTQUFRLHNCQUFTO0lBc0I5QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQTZCO1FBQ3JFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLE1BQU0sR0FBRyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxNQUFNLENBQUM7UUFFcEMsZ0JBQWdCO1FBQ2hCLE1BQU0sV0FBVyxHQUFHLHlCQUFlLENBQUMsdUJBQXVCLENBQ3pELElBQUksRUFDSix3QkFBd0IsQ0FDekIsQ0FBQztRQUNGLE1BQU0sZ0JBQWdCLEdBQUcseUJBQWUsQ0FBQyx1QkFBdUIsQ0FDOUQsSUFBSSxFQUNKLHlCQUF5QixDQUMxQixDQUFDO1FBQ0YsTUFBTSxZQUFZLEdBQUcseUJBQWUsQ0FBQyx1QkFBdUIsQ0FDMUQsSUFBSSxFQUNKLHVCQUF1QixDQUN4QixDQUFDO1FBRUYsSUFBSSxDQUFDLFVBQVUsR0FBRyxHQUFHLEtBQUssQ0FBQyxzQkFBc0IsSUFBSSxnQkFBZ0IsRUFBRSxDQUFDO1FBQ3hFLE1BQU0sZUFBZSxHQUFHLElBQUksNkJBQVUsQ0FBQyxJQUFJLEVBQUUsaUJBQWlCLEVBQUU7WUFDOUQsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLFdBQVcsRUFBRSxvQ0FBVyxDQUFDLGtCQUFrQixDQUFDLElBQUksRUFBRSxNQUFNLEVBQUUsV0FBVyxDQUFDO1NBQ3ZFLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxPQUFPLEdBQUcsSUFBSSwwQkFBTyxDQUFDLElBQUksRUFBRSxTQUFTLEVBQUU7WUFDMUMsT0FBTyxFQUFFLGFBQWEsR0FBRyxLQUFLLENBQUMsT0FBTztZQUN0QyxhQUFhLEVBQUU7Z0JBQ2IsWUFBWSxFQUFFO29CQUNaLGNBQWM7b0JBQ2QscUJBQXFCO29CQUNyQixlQUFlO29CQUNmLFlBQVk7b0JBQ1osV0FBVztvQkFDWCxzQkFBc0I7b0JBQ3RCLGtCQUFrQjtpQkFDbkI7Z0JBQ0QsWUFBWSxFQUFFO29CQUNaLGlDQUFjLENBQUMsR0FBRztvQkFDbEIsaUNBQWMsQ0FBQyxJQUFJO29CQUNuQixpQ0FBYyxDQUFDLE9BQU87b0JBQ3RCLGlDQUFjLENBQUMsSUFBSTtvQkFDbkIsaUNBQWMsQ0FBQyxLQUFLO29CQUNwQixpQ0FBYyxDQUFDLE1BQU07aUJBQ3RCO2dCQUNELFlBQVksRUFBRSxLQUFLLENBQUMsZ0JBQWdCO2dCQUNwQyxNQUFNLEVBQUUsc0JBQVEsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO2FBQzFCO1lBQ0QsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEtBQUssQ0FBQztZQUMvQyxvQkFBb0IsRUFBRTtnQkFDcEIsVUFBVSxFQUFFLGVBQWU7YUFDNUI7U0FDRixDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsNkJBQTZCO1lBQ2hDLElBQUksQ0FBQyxnQ0FBZ0MsRUFBRSxDQUFDO1FBRTFDLElBQUkscUJBQU8sQ0FBQyxJQUFJLEVBQUUscUJBQXFCLEVBQUU7WUFDdkMsSUFBSSxFQUFFLHdCQUFVLENBQUMsd0JBQXdCLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFO2dCQUNqRSxZQUFZO2dCQUNaLFFBQVEsRUFBRSxnQkFBZ0I7YUFDM0IsQ0FBQztZQUNGLFVBQVUsRUFBRSxJQUFJLENBQUMsVUFBVTtZQUMzQixNQUFNLEVBQUUsMEJBQVksQ0FBQyxTQUFTLENBQzVCLElBQUksa0RBQTRCLENBQzlCLGVBQWUsQ0FBQyxrQkFBa0IsRUFDbEMsZUFBZSxDQUFDLG9CQUFvQixDQUNyQyxDQUNGO1NBQ0YsQ0FBQyxDQUFDO1FBRUgsWUFBWTtRQUNaLElBQUksQ0FBQyxlQUFlLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBRTVDLFdBQVc7UUFDWCxvQ0FBb0M7SUFDdEMsQ0FBQztJQUVELG1GQUFtRjtJQUNuRix5Q0FBeUM7SUFDekMsSUFBSTtJQUVKLHNGQUFzRjtJQUN0Rix3RUFBd0U7SUFDaEUsZUFBZSxDQUFDLEtBQXNCO1FBQzVDLE1BQU0sVUFBVSxHQUFHLElBQUksbUJBQVEsQ0FBQyxJQUFJLEVBQUUsaUJBQWlCLEVBQUU7WUFDdkQsU0FBUyxFQUFFLEtBQUssQ0FBQyxTQUFTO1lBQzFCLGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYTtTQUNuQyxDQUFDLENBQUM7UUFDSCxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBd0IsQ0FBQztRQUN2RSxLQUFLLENBQUMsaUJBQWlCLEdBQUc7WUFDeEIsY0FBYyxFQUFFLFVBQVUsQ0FBQyxXQUFXO1lBQ3RDLE1BQU0sRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDO2dCQUNyQixTQUFTLEVBQUUsb0JBQW9CO2dCQUMvQixTQUFTLEVBQUUsNkJBQTZCO2dCQUN4QyxRQUFRLEVBQUUsNEJBQTRCO2dCQUN0QyxXQUFXLEVBQUUsc0JBQXNCO2dCQUNuQyxnQkFBZ0IsRUFBRSwyQkFBMkI7Z0JBQzdDLFVBQVUsRUFBRSxxQkFBcUI7Z0JBQ2pDLElBQUksRUFBRSxlQUFlO2dCQUNyQixNQUFNLEVBQUUsaUJBQWlCO2dCQUN6QixRQUFRLEVBQUUsbUJBQW1CO2dCQUM3QixjQUFjLEVBQUUseUJBQXlCO2dCQUN6QyxVQUFVLEVBQUUscUJBQXFCO2FBQ2xDLENBQUM7U0FDSCxDQUFDO1FBRUYscUNBQXFDO1FBQ3JDLE1BQU0sSUFBSSxHQUFHLElBQUksY0FBSSxDQUFDLElBQUksRUFBRSxzQ0FBc0MsRUFBRTtZQUNsRSxTQUFTLEVBQUUsSUFBSSwwQkFBZ0IsQ0FBQywwQkFBMEIsQ0FBQztTQUM1RCxDQUFDLENBQUM7UUFFSCxVQUFVLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQzlCLENBQUM7SUFFTyxnQkFBZ0IsQ0FBQyxFQUN2Qiw4QkFBOEIsR0FBRyxvREFBMkMsRUFDNUUsaUNBQWlDLEdBQUcsdURBQThDLEdBQzNEO1FBQ3ZCOzs7O1dBSUc7UUFFSCxNQUFNLGVBQWUsR0FDbkIseUJBQWUsQ0FBQyx1QkFBdUIsQ0FDckMsSUFBSSxFQUNKLDRCQUE0QixFQUM1Qiw4QkFBOEIsQ0FDL0IsQ0FBQztRQUVKLE1BQU0sbUJBQW1CLEdBQ3ZCLGlDQUFpQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQzdDLHFCQUFPLENBQUMsZUFBZSxDQUFDLHVCQUF1QixDQUM3QyxJQUFJLEVBQ0osa0JBQWtCLElBQUksV0FBVyxFQUNqQyxJQUFJLENBQ0wsQ0FDRixDQUFDO1FBRUosTUFBTSxNQUFNLEdBQ1Ysc0JBQXNCO1lBQ3RCLElBQUksQ0FBQyxNQUFNO1lBQ1gsaUJBQWlCO1lBQ2pCLGVBQWUsQ0FBQyxXQUFXLENBQUM7UUFFOUIsT0FBTyxJQUFJLGdEQUFpQixDQUFDLGtCQUFrQixFQUFFLE1BQU0sRUFBRTtZQUN2RCxXQUFXLEVBQUUsbUJBQW1CLENBQUMsR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDO1NBQ25FLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssZ0NBQWdDO1FBQ3RDLE1BQU0sU0FBUyxHQUFHLHlCQUFlLENBQUMsdUJBQXVCLENBQ3ZELElBQUksRUFDSiw0REFBNEQsQ0FDN0QsQ0FBQztRQUVGLDRFQUE0RTtRQUM1RSxNQUFNLGdCQUFnQixHQUFHLHFCQUFRLENBQUMsc0JBQXNCLENBQ3RELElBQUksRUFDSiwrQkFBK0IsRUFDL0I7WUFDRSxXQUFXLEVBQUUsU0FBUztZQUN0QixlQUFlLEVBQUUsSUFBSTtTQUN0QixDQUNGLENBQUM7UUFFRixPQUFPLElBQUksbURBQW9CLENBQzdCLCtCQUErQixFQUMvQixnQkFBZ0IsRUFDaEI7WUFDRSxjQUFjLEVBQUUsK0JBQStCO1lBQy9DLGFBQWEsRUFBRSxDQUFDLHFEQUFzQixDQUFDLE1BQU0sQ0FBQztTQUMvQyxDQUNGLENBQUM7SUFDSixDQUFDOztBQTNNSCw4Q0E0TUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgYXdzX3NzbSwgRHVyYXRpb24sIFJlbW92YWxQb2xpY3ksIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQge1xuICBIdHRwSnd0QXV0aG9yaXplcixcbiAgSHR0cExhbWJkYUF1dGhvcml6ZXIsXG4gIEh0dHBMYW1iZGFSZXNwb25zZVR5cGUsXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtYXBpZ2F0ZXdheXYyLWF1dGhvcml6ZXJzXCI7XG5pbXBvcnQge1xuICBDZm5TdGFnZSxcbiAgQ29yc0h0dHBNZXRob2QsXG4gIERvbWFpbk5hbWUsXG4gIEh0dHBBcGksXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtYXBpZ2F0ZXdheXYyXCI7XG5pbXBvcnQgeyBDZXJ0aWZpY2F0ZSB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtY2VydGlmaWNhdGVtYW5hZ2VyXCI7XG5pbXBvcnQgeyBJU3RyaW5nUGFyYW1ldGVyLCBTdHJpbmdQYXJhbWV0ZXIgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNzbVwiO1xuaW1wb3J0IHsgTG9nR3JvdXAsIFJldGVudGlvbkRheXMgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxvZ3NcIjtcbmltcG9ydCB7IEFSZWNvcmQsIEhvc3RlZFpvbmUsIFJlY29yZFRhcmdldCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtcm91dGU1M1wiO1xuaW1wb3J0IHsgUm9sZSwgU2VydmljZVByaW5jaXBhbCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5pbXBvcnQgeyBGdW5jdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtbGFtYmRhXCI7XG5pbXBvcnQgeyBBcGlHYXRld2F5djJEb21haW5Qcm9wZXJ0aWVzIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1yb3V0ZTUzLXRhcmdldHNcIjtcbmltcG9ydCB7XG4gIERFRkFVTFRfQ09HTklUT19DTElFTlRfSURfUEFSQU1FVEVSX05BTUVfQVJSQVksXG4gIERFRkFVTFRfQ09HTklUT19VU0VSX1BPT0xfSURfUEFSQU1FVEVSX05BTUUsXG59IGZyb20gXCIuL2NvbmZpZ1wiO1xuXG5leHBvcnQgaW50ZXJmYWNlIEFwaUd3TG9nc0NvbmZpZyB7XG4gIC8qKlxuICAgKiBUaGUgbnVtYmVyIG9mIGRheXMgbG9nIGV2ZW50cyBhcmUga2VwdCBpbiBDbG91ZFdhdGNoIExvZ3MuXG4gICAqL1xuICByZWFkb25seSByZXRlbnRpb246IFJldGVudGlvbkRheXM7XG4gIC8qKlxuICAgKiBUaGUgcmVtb3ZhbCBwb2xpY3kgdG8gYXBwbHkgdG8gdGhlIGxvZyBncm91cC5cbiAgICovXG4gIHJlYWRvbmx5IHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3k7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgT3JjYUJ1c0FwaUdhdGV3YXlQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgbmFtZSBvZiB0aGUgQVBJLlxuICAgKi9cbiAgcmVhZG9ubHkgYXBpTmFtZTogc3RyaW5nO1xuICAvKipcbiAgICogVGhlIHByZWZpeCBmb3IgdGhlIGN1c3RvbSBkb21haW4gbmFtZVxuICAgKi9cbiAgcmVhZG9ubHkgY3VzdG9tRG9tYWluTmFtZVByZWZpeDogc3RyaW5nO1xuICAvKipcbiAgICpUaGUgY29nbml0byB1c2VyIHBvb2wgaWQgcGFyYW1ldGVyIG5hbWUuXG5cbiAgIEBkZWZhdWx0IERFRkFVTFRfQ09HTklUT19VU0VSX1BPT0xfSURfUEFSQU1FVEVSX05BTUVcbiAgICovXG4gIHJlYWRvbmx5IGNvZ25pdG9Vc2VyUG9vbElkUGFyYW1ldGVyTmFtZT86IHN0cmluZztcbiAgLyoqXG4gICAqIFRoZSBwYXJhbWV0ZXIgbmFtZSBmb3IgdGhlIGNvZ25pdG8gY2xpZW50IGlkIGluIGFycmF5LlxuICAgKiBJbiBvcmRlciBBUEkgR2F0ZXdheSB0byB2YWxpZGF0ZSB0aGUgSldUIHRva2VuLCBpdCBuZWVkcyB0byBrbm93IHRoZSBjbGllbnQgaWQgd2hpY2ggdXN1YWxseVxuICAgKiBzdG9yZWQgaW4gU1NNIFBhcmFtZXRlci4gVGhpcyB3aWxsIGFjY2VwdCBtdWx0aXBsZSBwYXJhbWV0ZXIgbmFtZSBpbiBhbiBhcnJheS5cbiAgICpcbiAgICogQGRlZmF1bHQgREVGQVVMVF9DT0dOSVRPX0NMSUVOVF9JRF9QQVJBTUVURVJfTkFNRV9BUlJBWVxuICAgKi9cbiAgcmVhZG9ubHkgY29nbml0b0NsaWVudElkUGFyYW1ldGVyTmFtZUFycmF5Pzogc3RyaW5nW107XG4gIC8qKlxuICAgKiBUaGUgY29uZmlndXJhdGlvbiBmb3IgYXdzIGNsb3Vkd2F0Y2ggbG9nc1xuICAgKi9cbiAgcmVhZG9ubHkgYXBpR3dMb2dzQ29uZmlnOiBBcGlHd0xvZ3NDb25maWc7XG4gIC8qKlxuICAgKiBBbGxvd2VkIENPUlMgb3JpZ2lucy5cbiAgICovXG4gIHJlYWRvbmx5IGNvcnNBbGxvd09yaWdpbnM6IHN0cmluZ1tdO1xufVxuXG5leHBvcnQgY2xhc3MgT3JjYUJ1c0FwaUdhdGV3YXkgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICAvKipcbiAgICogVGhlIEFXUyByZWdpb24gd2hlcmUgdGhlIEFQSSBHYXRld2F5IGlzIGRlcGxveWVkLlxuICAgKi9cbiAgcmVhZG9ubHkgcmVnaW9uOiBzdHJpbmc7XG4gIC8qKlxuICAgKiBUaGUgSFRUUCBBUElcbiAgICovXG4gIHJlYWRvbmx5IGh0dHBBcGk6IEh0dHBBcGk7XG4gIC8qKlxuICAgKiBEb21haW4gbmFtZSBkZWZpbmVkIGluIHRoaXMgZ2F0ZXdheVxuICAgKi9cbiAgcmVhZG9ubHkgZG9tYWluTmFtZTogc3RyaW5nO1xuICAvKipcbiAgICogVGhlIExhbWJkYSBIVFRQIEF1dGhvcml6ZXIgdXNlZCB0byBlbmZvcmNlIGF1dGhvcml6YXRpb24gcG9saWNpZXNcbiAgICogZGVmaW5lZCBpbiB0aGUgYXV0aG9yaXphdGlvbiBzdGFjay5cbiAgICpcbiAgICogVG8gdXNlIHRoaXMsIHNldCBpdCBhcyB0aGUgYGF1dGhvcml6ZXJgIHByb3BlcnR5IGluIGFuIGBIdHRwUm91dGVgIGNvbnN0cnVjdC5cbiAgICogRXhhbXBsZTogYGF1dGhvcml6ZXI6IGFwaUdhdGV3YXkuYXV0aFN0YWNrSHR0cExhbWJkYUF1dGhvcml6ZXJgXG4gICAqL1xuICByZWFkb25seSBhdXRoU3RhY2tIdHRwTGFtYmRhQXV0aG9yaXplcjogSHR0cExhbWJkYUF1dGhvcml6ZXI7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IE9yY2FCdXNBcGlHYXRld2F5UHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5yZWdpb24gPSBTdGFjay5vZih0aGlzKS5yZWdpb247XG5cbiAgICAvLyB1bWNjciBhY20gYXJuXG4gICAgY29uc3QgdW1jY3JBY21Bcm4gPSBTdHJpbmdQYXJhbWV0ZXIudmFsdWVGb3JTdHJpbmdQYXJhbWV0ZXIoXG4gICAgICB0aGlzLFxuICAgICAgXCIvdW1jY3IvY2VydGlmaWNhdGVfYXJuXCIsXG4gICAgKTtcbiAgICBjb25zdCBob3N0ZWREb21haW5OYW1lID0gU3RyaW5nUGFyYW1ldGVyLnZhbHVlRm9yU3RyaW5nUGFyYW1ldGVyKFxuICAgICAgdGhpcyxcbiAgICAgIFwiL2hvc3RlZF96b25lL3VtY2NyL25hbWVcIixcbiAgICApO1xuICAgIGNvbnN0IGhvc3RlZFpvbmVJZCA9IFN0cmluZ1BhcmFtZXRlci52YWx1ZUZvclN0cmluZ1BhcmFtZXRlcihcbiAgICAgIHRoaXMsXG4gICAgICBcIi9ob3N0ZWRfem9uZS91bWNjci9pZFwiLFxuICAgICk7XG5cbiAgICB0aGlzLmRvbWFpbk5hbWUgPSBgJHtwcm9wcy5jdXN0b21Eb21haW5OYW1lUHJlZml4fS4ke2hvc3RlZERvbWFpbk5hbWV9YDtcbiAgICBjb25zdCBhcGlHV0RvbWFpbk5hbWUgPSBuZXcgRG9tYWluTmFtZSh0aGlzLCBcIlVtY2NyRG9tYWluTmFtZVwiLCB7XG4gICAgICBkb21haW5OYW1lOiB0aGlzLmRvbWFpbk5hbWUsXG4gICAgICBjZXJ0aWZpY2F0ZTogQ2VydGlmaWNhdGUuZnJvbUNlcnRpZmljYXRlQXJuKHRoaXMsIFwiY2VydFwiLCB1bWNjckFjbUFybiksXG4gICAgfSk7XG5cbiAgICB0aGlzLmh0dHBBcGkgPSBuZXcgSHR0cEFwaSh0aGlzLCBcIkh0dHBBcGlcIiwge1xuICAgICAgYXBpTmFtZTogXCJPcmNhQnVzQVBJLVwiICsgcHJvcHMuYXBpTmFtZSxcbiAgICAgIGNvcnNQcmVmbGlnaHQ6IHtcbiAgICAgICAgYWxsb3dIZWFkZXJzOiBbXG4gICAgICAgICAgXCJjb250ZW50LXR5cGVcIixcbiAgICAgICAgICBcImNvbnRlbnQtZGlzcG9zaXRpb25cIixcbiAgICAgICAgICBcImF1dGhvcml6YXRpb25cIixcbiAgICAgICAgICBcIngtYW16LWRhdGVcIixcbiAgICAgICAgICBcIngtYXBpLWtleVwiLFxuICAgICAgICAgIFwieC1hbXotc2VjdXJpdHktdG9rZW5cIixcbiAgICAgICAgICBcIngtYW16LXVzZXItYWdlbnRcIixcbiAgICAgICAgXSxcbiAgICAgICAgYWxsb3dNZXRob2RzOiBbXG4gICAgICAgICAgQ29yc0h0dHBNZXRob2QuR0VULFxuICAgICAgICAgIENvcnNIdHRwTWV0aG9kLkhFQUQsXG4gICAgICAgICAgQ29yc0h0dHBNZXRob2QuT1BUSU9OUyxcbiAgICAgICAgICBDb3JzSHR0cE1ldGhvZC5QT1NULFxuICAgICAgICAgIENvcnNIdHRwTWV0aG9kLlBBVENILFxuICAgICAgICAgIENvcnNIdHRwTWV0aG9kLkRFTEVURSxcbiAgICAgICAgXSxcbiAgICAgICAgYWxsb3dPcmlnaW5zOiBwcm9wcy5jb3JzQWxsb3dPcmlnaW5zLFxuICAgICAgICBtYXhBZ2U6IER1cmF0aW9uLmRheXMoMTApLFxuICAgICAgfSxcbiAgICAgIGRlZmF1bHRBdXRob3JpemVyOiB0aGlzLmdldEpXVEF1dGhvcml6ZXIocHJvcHMpLFxuICAgICAgZGVmYXVsdERvbWFpbk1hcHBpbmc6IHtcbiAgICAgICAgZG9tYWluTmFtZTogYXBpR1dEb21haW5OYW1lLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIHRoaXMuYXV0aFN0YWNrSHR0cExhbWJkYUF1dGhvcml6ZXIgPVxuICAgICAgdGhpcy5nZXRBdXRoU3RhY2tIVFRQTGFtYmRhQXV0aG9yaXplcigpO1xuXG4gICAgbmV3IEFSZWNvcmQodGhpcywgXCJDdXN0b21Eb21haW5BUmVjb3JkXCIsIHtcbiAgICAgIHpvbmU6IEhvc3RlZFpvbmUuZnJvbUhvc3RlZFpvbmVBdHRyaWJ1dGVzKHRoaXMsIFwiVW1jY3JIb3N0ZWRab25lXCIsIHtcbiAgICAgICAgaG9zdGVkWm9uZUlkLFxuICAgICAgICB6b25lTmFtZTogaG9zdGVkRG9tYWluTmFtZSxcbiAgICAgIH0pLFxuICAgICAgcmVjb3JkTmFtZTogdGhpcy5kb21haW5OYW1lLFxuICAgICAgdGFyZ2V0OiBSZWNvcmRUYXJnZXQuZnJvbUFsaWFzKFxuICAgICAgICBuZXcgQXBpR2F0ZXdheXYyRG9tYWluUHJvcGVydGllcyhcbiAgICAgICAgICBhcGlHV0RvbWFpbk5hbWUucmVnaW9uYWxEb21haW5OYW1lLFxuICAgICAgICAgIGFwaUdXRG9tYWluTmFtZS5yZWdpb25hbEhvc3RlZFpvbmVJZCxcbiAgICAgICAgKSxcbiAgICAgICksXG4gICAgfSk7XG5cbiAgICAvLyBMb2dHcm91cHNcbiAgICB0aGlzLnNldHVwQWNjZXNzTG9ncyhwcm9wcy5hcGlHd0xvZ3NDb25maWcpO1xuXG4gICAgLy8gQ2xvdWRNYXBcbiAgICAvLyB0aGlzLnNldHVwQ2xvdWRTZXJ2aWNlRGlzY292ZXJ5KClcbiAgfVxuXG4gIC8vIFRPRE86IGh0dHBzOi8vZ2l0aHViLmNvbS9hd3Mtc2FtcGxlcy9hd3MtY2RrLXNlcnZpY2UtZGlzY292ZXJ5LWV4YW1wbGUvdHJlZS9tYWluXG4gIC8vIHByaXZhdGUgc2V0dXBDbG91ZFNlcnZpY2VEaXNjb3ZlcnkoKSB7XG4gIC8vIH1cblxuICAvLyBUT0RPOiBUYWtlbiBmcm9tIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9pc3N1ZXMvMTExMDAjaXNzdWVjb21tZW50LTkwNDYyNzA4MVxuICAvLyBNb25pdG9yIGZvciBoaWdoZXIgbGV2ZWwgQ0RLIGNvbnN0cnVjdCBpbnN0ZWFkIG9mIGxldmVyYWdpbmcgQ2ZuU3RhZ2VcbiAgcHJpdmF0ZSBzZXR1cEFjY2Vzc0xvZ3MocHJvcHM6IEFwaUd3TG9nc0NvbmZpZykge1xuICAgIGNvbnN0IGFjY2Vzc0xvZ3MgPSBuZXcgTG9nR3JvdXAodGhpcywgXCJBcGlHd0FjY2Vzc0xvZ3NcIiwge1xuICAgICAgcmV0ZW50aW9uOiBwcm9wcy5yZXRlbnRpb24sXG4gICAgICByZW1vdmFsUG9saWN5OiBwcm9wcy5yZW1vdmFsUG9saWN5LFxuICAgIH0pO1xuICAgIGNvbnN0IHN0YWdlID0gdGhpcy5odHRwQXBpLmRlZmF1bHRTdGFnZT8ubm9kZS5kZWZhdWx0Q2hpbGQgYXMgQ2ZuU3RhZ2U7XG4gICAgc3RhZ2UuYWNjZXNzTG9nU2V0dGluZ3MgPSB7XG4gICAgICBkZXN0aW5hdGlvbkFybjogYWNjZXNzTG9ncy5sb2dHcm91cEFybixcbiAgICAgIGZvcm1hdDogSlNPTi5zdHJpbmdpZnkoe1xuICAgICAgICByZXF1ZXN0SWQ6IFwiJGNvbnRleHQucmVxdWVzdElkXCIsXG4gICAgICAgIHVzZXJBZ2VudDogXCIkY29udGV4dC5pZGVudGl0eS51c2VyQWdlbnRcIixcbiAgICAgICAgc291cmNlSXA6IFwiJGNvbnRleHQuaWRlbnRpdHkuc291cmNlSXBcIixcbiAgICAgICAgcmVxdWVzdFRpbWU6IFwiJGNvbnRleHQucmVxdWVzdFRpbWVcIixcbiAgICAgICAgcmVxdWVzdFRpbWVFcG9jaDogXCIkY29udGV4dC5yZXF1ZXN0VGltZUVwb2NoXCIsXG4gICAgICAgIGh0dHBNZXRob2Q6IFwiJGNvbnRleHQuaHR0cE1ldGhvZFwiLFxuICAgICAgICBwYXRoOiBcIiRjb250ZXh0LnBhdGhcIixcbiAgICAgICAgc3RhdHVzOiBcIiRjb250ZXh0LnN0YXR1c1wiLFxuICAgICAgICBwcm90b2NvbDogXCIkY29udGV4dC5wcm90b2NvbFwiLFxuICAgICAgICByZXNwb25zZUxlbmd0aDogXCIkY29udGV4dC5yZXNwb25zZUxlbmd0aFwiLFxuICAgICAgICBkb21haW5OYW1lOiBcIiRjb250ZXh0LmRvbWFpbk5hbWVcIixcbiAgICAgIH0pLFxuICAgIH07XG5cbiAgICAvLyBBbGxvdyB3cml0aW5nIGFjY2VzcyBsb2dzLCBtYW5hZ2VkXG4gICAgY29uc3Qgcm9sZSA9IG5ldyBSb2xlKHRoaXMsIFwiQW1hem9uQVBJR2F0ZXdheVB1c2hUb0Nsb3VkV2F0Y2hMb2dzXCIsIHtcbiAgICAgIGFzc3VtZWRCeTogbmV3IFNlcnZpY2VQcmluY2lwYWwoXCJhcGlnYXRld2F5LmFtYXpvbmF3cy5jb21cIiksXG4gICAgfSk7XG5cbiAgICBhY2Nlc3NMb2dzLmdyYW50V3JpdGUocm9sZSk7XG4gIH1cblxuICBwcml2YXRlIGdldEpXVEF1dGhvcml6ZXIoe1xuICAgIGNvZ25pdG9Vc2VyUG9vbElkUGFyYW1ldGVyTmFtZSA9IERFRkFVTFRfQ09HTklUT19VU0VSX1BPT0xfSURfUEFSQU1FVEVSX05BTUUsXG4gICAgY29nbml0b0NsaWVudElkUGFyYW1ldGVyTmFtZUFycmF5ID0gREVGQVVMVF9DT0dOSVRPX0NMSUVOVF9JRF9QQVJBTUVURVJfTkFNRV9BUlJBWSxcbiAgfTogT3JjYUJ1c0FwaUdhdGV3YXlQcm9wcyk6IEh0dHBKd3RBdXRob3JpemVyIHtcbiAgICAvKipcbiAgICAgKiBGSVhNRSBPbmUgZmluZSBkYXkgaW4gZnV0dXJlIHdoZW4gd2UgaGF2ZSBwcm9wZXIgQ29nbml0byBBQUkgc2V0dXAuXG4gICAgICogIEZvciB0aGUgbW9tZW50LCB3ZSBsZXZlcmFnZSBQb3J0YWwgYW5kIGVzdGFibGlzaGVkIENvZ25pdG8gaW5mcmFzdHJ1Y3R1cmUuXG4gICAgICogIFNlZSBodHRwczovL2dpdGh1Yi5jb20vdW1jY3Ivb3JjYWJ1cy9pc3N1ZXMvMTAyXG4gICAgICovXG5cbiAgICBjb25zdCB1c2VyUG9vbElkUGFyYW06IElTdHJpbmdQYXJhbWV0ZXIgPVxuICAgICAgU3RyaW5nUGFyYW1ldGVyLmZyb21TdHJpbmdQYXJhbWV0ZXJOYW1lKFxuICAgICAgICB0aGlzLFxuICAgICAgICBcIkNvZ25pdG9Vc2VyUG9vbElkUGFyYW1ldGVyXCIsXG4gICAgICAgIGNvZ25pdG9Vc2VyUG9vbElkUGFyYW1ldGVyTmFtZSxcbiAgICAgICk7XG5cbiAgICBjb25zdCBjbGllbnRJZFBhcmFtc0FycmF5OiBJU3RyaW5nUGFyYW1ldGVyW10gPVxuICAgICAgY29nbml0b0NsaWVudElkUGFyYW1ldGVyTmFtZUFycmF5Lm1hcCgobmFtZSkgPT5cbiAgICAgICAgYXdzX3NzbS5TdHJpbmdQYXJhbWV0ZXIuZnJvbVN0cmluZ1BhcmFtZXRlck5hbWUoXG4gICAgICAgICAgdGhpcyxcbiAgICAgICAgICBgQ29nbml0b0NsaWVudElkJHtuYW1lfVBhcmFtZXRlcmAsXG4gICAgICAgICAgbmFtZSxcbiAgICAgICAgKSxcbiAgICAgICk7XG5cbiAgICBjb25zdCBpc3N1ZXIgPVxuICAgICAgXCJodHRwczovL2NvZ25pdG8taWRwLlwiICtcbiAgICAgIHRoaXMucmVnaW9uICtcbiAgICAgIFwiLmFtYXpvbmF3cy5jb20vXCIgK1xuICAgICAgdXNlclBvb2xJZFBhcmFtLnN0cmluZ1ZhbHVlO1xuXG4gICAgcmV0dXJuIG5ldyBIdHRwSnd0QXV0aG9yaXplcihcIlBvcnRhbEF1dGhvcml6ZXJcIiwgaXNzdWVyLCB7XG4gICAgICBqd3RBdWRpZW5jZTogY2xpZW50SWRQYXJhbXNBcnJheS5tYXAoKHBhcmFtKSA9PiBwYXJhbS5zdHJpbmdWYWx1ZSksXG4gICAgfSk7XG4gIH1cblxuICAvKipcbiAgICogR2V0IHRoZSBIVFRQIExhbWJkYSBBdXRob3JpemVyIGRlZmluZWQgaW4gdGhlIGF1dGhvcml6YXRpb24gc3RhY2sgbWFuYWdlclxuICAgKiBAcGFyYW0gYXV0aFN0YWNrSHR0cExhbWJkYUF1dGhvcml6ZXJQYXJhbWV0ZXJOYW1lIFRoZSBTU00gUGFyYW1ldGVyIE5hbWUgdGhhdCBzdG9yZXMgdGhlIEFSTiBvZiB0aGUgbGFtYmRhIGF1dGhvcml6ZXJcbiAgICogQHJldHVybnNcbiAgICovXG4gIHByaXZhdGUgZ2V0QXV0aFN0YWNrSFRUUExhbWJkYUF1dGhvcml6ZXIoKSB7XG4gICAgY29uc3QgbGFtYmRhQXJuID0gU3RyaW5nUGFyYW1ldGVyLnZhbHVlRm9yU3RyaW5nUGFyYW1ldGVyKFxuICAgICAgdGhpcyxcbiAgICAgIFwiL29yY2FidXMvYXV0aG9yaXphdGlvbi1zdGFjay9odHRwLWxhbWJkYS1hdXRob3JpemF0aW9uLWFyblwiLFxuICAgICk7XG5cbiAgICAvLyBHZXQgdGhlIGxhbWJkYSBIVFRQIGF1dGhvcml6ZXIgZGVmaW5lZCBpbiB0aGUgYXV0aG9yaXphdGlvbiBzdGFjayBtYW5hZ2VyXG4gICAgY29uc3QgbGFtYmRhQXV0aG9yaXplciA9IEZ1bmN0aW9uLmZyb21GdW5jdGlvbkF0dHJpYnV0ZXMoXG4gICAgICB0aGlzLFxuICAgICAgXCJBdXRoU3RhY2tIVFRQTGFtYmRhQXV0aG9yaXplclwiLFxuICAgICAge1xuICAgICAgICBmdW5jdGlvbkFybjogbGFtYmRhQXJuLFxuICAgICAgICBzYW1lRW52aXJvbm1lbnQ6IHRydWUsXG4gICAgICB9LFxuICAgICk7XG5cbiAgICByZXR1cm4gbmV3IEh0dHBMYW1iZGFBdXRob3JpemVyKFxuICAgICAgXCJBdXRoU3RhY2tMYW1iZGFIdHRwQXV0aG9yaXplclwiLFxuICAgICAgbGFtYmRhQXV0aG9yaXplcixcbiAgICAgIHtcbiAgICAgICAgYXV0aG9yaXplck5hbWU6IFwiQXV0aFN0YWNrSFRUUExhbWJkYUF1dGhvcml6ZXJcIixcbiAgICAgICAgcmVzcG9uc2VUeXBlczogW0h0dHBMYW1iZGFSZXNwb25zZVR5cGUuU0lNUExFXSxcbiAgICAgIH0sXG4gICAgKTtcbiAgfVxufVxuIl19

package/api-gateway/config.d.ts

@@ -0,0 +1,38 @@
+import { RetentionDays } from "aws-cdk-lib/aws-logs";
+import { RemovalPolicy } from "aws-cdk-lib";
+import { StageName } from "../utils";
+export declare const DEFAULT_LOGS_CONFIG: {
+    BETA: {
+        retention: RetentionDays;
+        removalPolicy: RemovalPolicy;
+    };
+    GAMMA: {
+        retention: RetentionDays;
+        removalPolicy: RemovalPolicy;
+    };
+    PROD: {
+        retention: RetentionDays;
+        removalPolicy: RemovalPolicy;
+    };
+};
+export declare const DEFAULT_ALLOW_CORS_ORIGINS: {
+    BETA: string[];
+    GAMMA: string[];
+    PROD: string[];
+};
+export declare const DEFAULT_COGNITO_CLIENT_ID_PARAMETER_NAME_ARRAY: string[];
+export declare const DEFAULT_COGNITO_USER_POOL_ID_PARAMETER_NAME = "/data_portal/client/cog_user_pool_id";
+export declare const getDefaultApiGatewayConfiguration: (stage: StageName) => {
+    cognitoClientIdParameterNameArray: string[];
+    corsAllowOrigins: string[];
+    apiGwLogsConfig: {
+        retention: RetentionDays;
+        removalPolicy: RemovalPolicy;
+    } | {
+        retention: RetentionDays;
+        removalPolicy: RemovalPolicy;
+    } | {
+        retention: RetentionDays;
+        removalPolicy: RemovalPolicy;
+    };
+};

package/api-gateway/config.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDefaultApiGatewayConfiguration = exports.DEFAULT_COGNITO_USER_POOL_ID_PARAMETER_NAME = exports.DEFAULT_COGNITO_CLIENT_ID_PARAMETER_NAME_ARRAY = exports.DEFAULT_ALLOW_CORS_ORIGINS = exports.DEFAULT_LOGS_CONFIG = void 0;
+const aws_logs_1 = require("aws-cdk-lib/aws-logs");
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+exports.DEFAULT_LOGS_CONFIG = {
+    BETA: {
+        retention: aws_logs_1.RetentionDays.TWO_WEEKS,
+        removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
+    },
+    GAMMA: {
+        retention: aws_logs_1.RetentionDays.TWO_WEEKS,
+        removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
+    },
+    PROD: {
+        retention: aws_logs_1.RetentionDays.TWO_WEEKS,
+        removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
+    },
+};
+exports.DEFAULT_ALLOW_CORS_ORIGINS = {
+    BETA: ["https://orcaui.dev.umccr.org"],
+    GAMMA: ["https://orcaui.stg.umccr.org"],
+    PROD: ["https://orcaui.prod.umccr.org", "https://orcaui.umccr.org"],
+};
+exports.DEFAULT_COGNITO_CLIENT_ID_PARAMETER_NAME_ARRAY = [
+    "/data_portal/client/data2/cog_app_client_id_stage", // portal - TokenServiceStack
+    "/orcaui/cog_app_client_id_stage", // orcaui - https://github.com/umccr/orca-ui
+];
+exports.DEFAULT_COGNITO_USER_POOL_ID_PARAMETER_NAME = "/data_portal/client/cog_user_pool_id";
+const getDefaultApiGatewayConfiguration = (stage) => {
+    return {
+        cognitoClientIdParameterNameArray: exports.DEFAULT_COGNITO_CLIENT_ID_PARAMETER_NAME_ARRAY,
+        corsAllowOrigins: exports.DEFAULT_ALLOW_CORS_ORIGINS[stage],
+        apiGwLogsConfig: exports.DEFAULT_LOGS_CONFIG[stage],
+    };
+};
+exports.getDefaultApiGatewayConfiguration = getDefaultApiGatewayConfiguration;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLG1EQUFxRDtBQUNyRCw2Q0FBNEM7QUFHL0IsUUFBQSxtQkFBbUIsR0FBRztJQUNqQyxJQUFJLEVBQUU7UUFDSixTQUFTLEVBQUUsd0JBQWEsQ0FBQyxTQUFTO1FBQ2xDLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87S0FDckM7SUFDRCxLQUFLLEVBQUU7UUFDTCxTQUFTLEVBQUUsd0JBQWEsQ0FBQyxTQUFTO1FBQ2xDLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87S0FDckM7SUFDRCxJQUFJLEVBQUU7UUFDSixTQUFTLEVBQUUsd0JBQWEsQ0FBQyxTQUFTO1FBQ2xDLGFBQWEsRUFBRSwyQkFBYSxDQUFDLE9BQU87S0FDckM7Q0FDRixDQUFDO0FBRVcsUUFBQSwwQkFBMEIsR0FBRztJQUN4QyxJQUFJLEVBQUUsQ0FBQyw4QkFBOEIsQ0FBQztJQUN0QyxLQUFLLEVBQUUsQ0FBQyw4QkFBOEIsQ0FBQztJQUN2QyxJQUFJLEVBQUUsQ0FBQywrQkFBK0IsRUFBRSwwQkFBMEIsQ0FBQztDQUNwRSxDQUFDO0FBRVcsUUFBQSw4Q0FBOEMsR0FBRztJQUM1RCxtREFBbUQsRUFBRSw2QkFBNkI7SUFDbEYsaUNBQWlDLEVBQUUsNENBQTRDO0NBQ2hGLENBQUM7QUFFVyxRQUFBLDJDQUEyQyxHQUN0RCxzQ0FBc0MsQ0FBQztBQUVsQyxNQUFNLGlDQUFpQyxHQUFHLENBQUMsS0FBZ0IsRUFBRSxFQUFFO0lBQ3BFLE9BQU87UUFDTCxpQ0FBaUMsRUFDL0Isc0RBQThDO1FBQ2hELGdCQUFnQixFQUFFLGtDQUEwQixDQUFDLEtBQUssQ0FBQztRQUNuRCxlQUFlLEVBQUUsMkJBQW1CLENBQUMsS0FBSyxDQUFDO0tBQzVDLENBQUM7QUFDSixDQUFDLENBQUM7QUFQVyxRQUFBLGlDQUFpQyxxQ0FPNUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBSZXRlbnRpb25EYXlzIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1sb2dzXCI7XG5pbXBvcnQgeyBSZW1vdmFsUG9saWN5IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBTdGFnZU5hbWUgfSBmcm9tIFwiLi4vdXRpbHNcIjtcblxuZXhwb3J0IGNvbnN0IERFRkFVTFRfTE9HU19DT05GSUcgPSB7XG4gIEJFVEE6IHtcbiAgICByZXRlbnRpb246IFJldGVudGlvbkRheXMuVFdPX1dFRUtTLFxuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgfSxcbiAgR0FNTUE6IHtcbiAgICByZXRlbnRpb246IFJldGVudGlvbkRheXMuVFdPX1dFRUtTLFxuICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgfSxcbiAgUFJPRDoge1xuICAgIHJldGVudGlvbjogUmV0ZW50aW9uRGF5cy5UV09fV0VFS1MsXG4gICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuICB9LFxufTtcblxuZXhwb3J0IGNvbnN0IERFRkFVTFRfQUxMT1dfQ09SU19PUklHSU5TID0ge1xuICBCRVRBOiBbXCJodHRwczovL29yY2F1aS5kZXYudW1jY3Iub3JnXCJdLFxuICBHQU1NQTogW1wiaHR0cHM6Ly9vcmNhdWkuc3RnLnVtY2NyLm9yZ1wiXSxcbiAgUFJPRDogW1wiaHR0cHM6Ly9vcmNhdWkucHJvZC51bWNjci5vcmdcIiwgXCJodHRwczovL29yY2F1aS51bWNjci5vcmdcIl0sXG59O1xuXG5leHBvcnQgY29uc3QgREVGQVVMVF9DT0dOSVRPX0NMSUVOVF9JRF9QQVJBTUVURVJfTkFNRV9BUlJBWSA9IFtcbiAgXCIvZGF0YV9wb3J0YWwvY2xpZW50L2RhdGEyL2NvZ19hcHBfY2xpZW50X2lkX3N0YWdlXCIsIC8vIHBvcnRhbCAtIFRva2VuU2VydmljZVN0YWNrXG4gIFwiL29yY2F1aS9jb2dfYXBwX2NsaWVudF9pZF9zdGFnZVwiLCAvLyBvcmNhdWkgLSBodHRwczovL2dpdGh1Yi5jb20vdW1jY3Ivb3JjYS11aVxuXTtcblxuZXhwb3J0IGNvbnN0IERFRkFVTFRfQ09HTklUT19VU0VSX1BPT0xfSURfUEFSQU1FVEVSX05BTUUgPVxuICBcIi9kYXRhX3BvcnRhbC9jbGllbnQvY29nX3VzZXJfcG9vbF9pZFwiO1xuXG5leHBvcnQgY29uc3QgZ2V0RGVmYXVsdEFwaUdhdGV3YXlDb25maWd1cmF0aW9uID0gKHN0YWdlOiBTdGFnZU5hbWUpID0+IHtcbiAgcmV0dXJuIHtcbiAgICBjb2duaXRvQ2xpZW50SWRQYXJhbWV0ZXJOYW1lQXJyYXk6XG4gICAgICBERUZBVUxUX0NPR05JVE9fQ0xJRU5UX0lEX1BBUkFNRVRFUl9OQU1FX0FSUkFZLFxuICAgIGNvcnNBbGxvd09yaWdpbnM6IERFRkFVTFRfQUxMT1dfQ09SU19PUklHSU5TW3N0YWdlXSxcbiAgICBhcGlHd0xvZ3NDb25maWc6IERFRkFVTFRfTE9HU19DT05GSUdbc3RhZ2VdLFxuICB9O1xufTtcbiJdfQ==

package/api-gateway/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./config";
+export * from "./api-gateway";

package/api-gateway/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./config"), exports);
+__exportStar(require("./api-gateway"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsMkNBQXlCO0FBQ3pCLGdEQUE4QiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuL2NvbmZpZ1wiO1xuZXhwb3J0ICogZnJvbSBcIi4vYXBpLWdhdGV3YXlcIjtcbiJdfQ==

package/deployment-stack-pipeline/README.md

@@ -0,0 +1,27 @@
+# DeploymentStackPipeline
+
+This construct will deploy stack defined as props across 3 stages in our Beta, Gamma, and Prod environment.
+
+Usage example
+
+```ts
+new DeploymentStackPipeline(this, "DeploymentPipeline", {
+  githubBranch: "main",
+  githubRepo: "platform-cdk-constructs",
+  stack: DeploymentStack,
+  stackName: "TestStack",
+  stackConfig: {
+    beta: { bucketName: "my-simple-bucket-dev" },
+    gamma: { bucketName: "my-simple-bucket-stg" },
+    prod: { bucketName: "my-simple-bucket-prod" },
+  },
+  pipelineName: "TestDeploymentPipeline",
+  cdkSynthCmd: [
+    "pnpm install --frozen-lockfile --ignore-scripts",
+    "cd dev",
+    "pnpm cdk synth",
+  ],
+  cdkOut: "dev/cdk.out",
+});
+
+```

package/deployment-stack-pipeline/config.d.ts

@@ -0,0 +1,5 @@
+import { Environment } from "aws-cdk-lib";
+export declare const TOOLCHAIN_ENVIRONMENT: Environment;
+export declare const BETA_ENVIRONMENT: Environment;
+export declare const GAMMA_ENVIRONMENT: Environment;
+export declare const PROD_ENVIRONMENT: Environment;

package/deployment-stack-pipeline/config.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PROD_ENVIRONMENT = exports.GAMMA_ENVIRONMENT = exports.BETA_ENVIRONMENT = exports.TOOLCHAIN_ENVIRONMENT = void 0;
+exports.TOOLCHAIN_ENVIRONMENT = {
+    account: "383856791668",
+    region: "ap-southeast-2",
+};
+exports.BETA_ENVIRONMENT = {
+    account: "843407916570",
+    region: "ap-southeast-2",
+};
+exports.GAMMA_ENVIRONMENT = {
+    account: "455634345446",
+    region: "ap-southeast-2",
+};
+exports.PROD_ENVIRONMENT = {
+    account: "472057503814",
+    region: "ap-southeast-2",
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVhLFFBQUEscUJBQXFCLEdBQWdCO0lBQ2hELE9BQU8sRUFBRSxjQUFjO0lBQ3ZCLE1BQU0sRUFBRSxnQkFBZ0I7Q0FDekIsQ0FBQztBQUVXLFFBQUEsZ0JBQWdCLEdBQWdCO0lBQzNDLE9BQU8sRUFBRSxjQUFjO0lBQ3ZCLE1BQU0sRUFBRSxnQkFBZ0I7Q0FDekIsQ0FBQztBQUVXLFFBQUEsaUJBQWlCLEdBQWdCO0lBQzVDLE9BQU8sRUFBRSxjQUFjO0lBQ3ZCLE1BQU0sRUFBRSxnQkFBZ0I7Q0FDekIsQ0FBQztBQUVXLFFBQUEsZ0JBQWdCLEdBQWdCO0lBQzNDLE9BQU8sRUFBRSxjQUFjO0lBQ3ZCLE1BQU0sRUFBRSxnQkFBZ0I7Q0FDekIsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEVudmlyb25tZW50IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5cbmV4cG9ydCBjb25zdCBUT09MQ0hBSU5fRU5WSVJPTk1FTlQ6IEVudmlyb25tZW50ID0ge1xuICBhY2NvdW50OiBcIjM4Mzg1Njc5MTY2OFwiLFxuICByZWdpb246IFwiYXAtc291dGhlYXN0LTJcIixcbn07XG5cbmV4cG9ydCBjb25zdCBCRVRBX0VOVklST05NRU5UOiBFbnZpcm9ubWVudCA9IHtcbiAgYWNjb3VudDogXCI4NDM0MDc5MTY1NzBcIixcbiAgcmVnaW9uOiBcImFwLXNvdXRoZWFzdC0yXCIsXG59O1xuXG5leHBvcnQgY29uc3QgR0FNTUFfRU5WSVJPTk1FTlQ6IEVudmlyb25tZW50ID0ge1xuICBhY2NvdW50OiBcIjQ1NTYzNDM0NTQ0NlwiLFxuICByZWdpb246IFwiYXAtc291dGhlYXN0LTJcIixcbn07XG5cbmV4cG9ydCBjb25zdCBQUk9EX0VOVklST05NRU5UOiBFbnZpcm9ubWVudCA9IHtcbiAgYWNjb3VudDogXCI0NzIwNTc1MDM4MTRcIixcbiAgcmVnaW9uOiBcImFwLXNvdXRoZWFzdC0yXCIsXG59O1xuIl19

package/deployment-stack-pipeline/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./config";
+export * from "./pipeline";

package/deployment-stack-pipeline/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./config"), exports);
+__exportStar(require("./pipeline"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsMkNBQXlCO0FBQ3pCLDZDQUEyQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuL2NvbmZpZ1wiO1xuZXhwb3J0ICogZnJvbSBcIi4vcGlwZWxpbmVcIjtcbiJdfQ==

package/deployment-stack-pipeline/pipeline.d.ts

@@ -0,0 +1,104 @@
+import { Construct } from "constructs";
+import { Environment } from "aws-cdk-lib";
+import { Pipeline } from "aws-cdk-lib/aws-codepipeline";
+/**
+ * The default partial build spec for the synth step in the pipeline.
+ */
+export declare const DEFAULT_SYNTH_STEP_PARTIAL_BUILD_SPEC: {
+    phases: {
+        install: {
+            "runtime-versions": {
+                nodejs: string;
+            };
+        };
+    };
+};
+export interface StageEnvProps {
+    /**
+     * The environment for the beta stage
+     */
+    readonly beta: Environment;
+    /**
+     * The environment for the gamma stage
+     */
+    readonly gamma: Environment;
+    /**
+     * The environment for the prod stage
+     */
+    readonly prod: Environment;
+}
+export interface StackConfigProps {
+    /**
+     * The configuration for the beta (dev) stage
+     */
+    readonly beta: Record<string, any>;
+    /**
+     * The configuration for the gamma (stg) stage
+     */
+    readonly gamma: Record<string, any>;
+    /**
+     * The configuration for the prod stage
+     */
+    readonly prod: Record<string, any>;
+}
+export interface DeploymentStackPipelineProps {
+    /**
+     * The github branch name it will listen to.
+     */
+    readonly githubBranch: string;
+    /**
+     * The repository name that exist in the 'OrcaBus' github organisation. e.g. `a-micro-service-repo`
+     */
+    readonly githubRepo: string;
+    /**
+     * The stack to which the pipeline will be deploying to its respective account
+     */
+    readonly stack: any;
+    /**
+     * The stack name (in cloudformation) for the stack defined in `stack`. The stack name will prepend with the stage
+     * name e.g. `OrcaBusBeta-<stackName>`, `OrcaBusGamma-<stackName>`, `OrcaBusProd-<stackName>`
+     */
+    readonly stackName: string;
+    /**
+     * The stack configuration/constants that will be passed to the stack props.
+     */
+    readonly stackConfig: StackConfigProps;
+    /**
+     * The pipeline name in the bastion account.
+     */
+    readonly pipelineName: string;
+    /**
+     * The file paths to trigger the pipeline. e.g. ["stateless/**"]
+     *
+     * https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-gitfilepathfiltercriteria.html
+     *
+     */
+    readonly filePaths?: string[];
+    /**
+     * The command to run to synth the cdk stack which also installing the cdk dependencies. e.g. ["yarn install --immutable", "yarn cdk synth"]
+     */
+    readonly cdkSynthCmd: string[];
+    /**
+     * The location where the cdk output will be stored.
+     *
+     * @default cdk.out
+     */
+    readonly cdkOut?: string;
+    /**
+     * Additional configuration for the CodeBuild step during the CDK synth phase. It will passed as the `partialBuildSpec` to the `CodeBuildStep`.
+     *
+     * @default DEFAULT_SYNTH_STEP_PARTIAL_BUILD_SPEC
+     */
+    readonly synthBuildSpec?: Record<string, any>;
+    /**
+     * The stage environment for the deployment stack
+     */
+    readonly stageEnv?: StageEnvProps;
+}
+export declare class DeploymentStackPipeline extends Construct {
+    /**
+     * The code pipeline construct that is created.
+     */
+    readonly pipeline: Pipeline;
+    constructor(scope: Construct, id: string, props: DeploymentStackPipelineProps);
+}