npm - @rio-cloud/cdk-v2-constructs - Versions diffs - 6.14.0 → 6.15.0-alpha.1 - Mend

@rio-cloud/cdk-v2-constructs 6.14.0 → 6.15.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/docs/API.md CHANGED Viewed

@@ -14271,6 +14271,136 @@ The threshold that needs to be set.
 ---
+### PipelineFeatures <a name="PipelineFeatures" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures"></a>
+#### Initializer <a name="Initializer" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.Initializer"></a>
+```typescript
+import { PipelineFeatures } from '@rio-cloud/cdk-v2-constructs'
+const pipelineFeatures: PipelineFeatures = { ... }
+```
+#### Properties <a name="Properties" id="Properties"></a>
+| **Name** | **Type** | **Description** |
+| --- | --- | --- |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.additionalBuildCommands">additionalBuildCommands</a></code> | <code>string[]</code> | Additional build commands for main and branch pipeline. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.branchPipeline">branchPipeline</a></code> | <code>boolean</code> | Create a branch pipeline used by renovate. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.frontendBucketName">frontendBucketName</a></code> | <code>string</code> | S3 Bucket to deploy frontend to. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.gradleBuild">gradleBuild</a></code> | <code>boolean</code> | Run a standard gradle build in the repository root. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.kafkaIntegration">kafkaIntegration</a></code> | <code>boolean</code> | Add required steps and permissions to support Kafka. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.npmBuild">npmBuild</a></code> | <code>boolean</code> | Run a standard npm build in the repository root. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.vulnerabilityPipeline">vulnerabilityPipeline</a></code> | <code>boolean</code> | Create a vulnerability pipeline to scan dependencies for vulnerabilities. |
+---
+##### `additionalBuildCommands`<sup>Optional</sup> <a name="additionalBuildCommands" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.additionalBuildCommands"></a>
+```typescript
+public readonly additionalBuildCommands: string[];
+```
+- *Type:* string[]
+Additional build commands for main and branch pipeline.
+Will be added after all build & test commands, before the infrastructure build.
+---
+##### `branchPipeline`<sup>Optional</sup> <a name="branchPipeline" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.branchPipeline"></a>
+```typescript
+public readonly branchPipeline: boolean;
+```
+- *Type:* boolean
+Create a branch pipeline used by renovate.
+Defaults to `true`.
+---
+##### `frontendBucketName`<sup>Optional</sup> <a name="frontendBucketName" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.frontendBucketName"></a>
+```typescript
+public readonly frontendBucketName: string;
+```
+- *Type:* string
+S3 Bucket to deploy frontend to.
+Requires `npmBuild` to be set to `true`. If set, the output of the npm build is deployed to the provided bucket.
+---
+##### `gradleBuild`<sup>Optional</sup> <a name="gradleBuild" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.gradleBuild"></a>
+```typescript
+public readonly gradleBuild: boolean;
+```
+- *Type:* boolean
+Run a standard gradle build in the repository root.
+Defaults to `false`:
+- build and test of the artifact via command "./gradlew clean build"
+- license-check and upload of license-check-file via command "./gradlew checkLicenses"
+- create a self-signed certificate to make TLS communication possible, e.g. with a loadbalancer
+- build the container image via command "./gradlew jibBuildTar"
+---
+##### `kafkaIntegration`<sup>Optional</sup> <a name="kafkaIntegration" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.kafkaIntegration"></a>
+```typescript
+public readonly kafkaIntegration: boolean;
+```
+- *Type:* boolean
+Add required steps and permissions to support Kafka.
+Currently, this requires `gradleBuild` to be set to `true`. Defaults to `false`.
+---
+##### `npmBuild`<sup>Optional</sup> <a name="npmBuild" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.npmBuild"></a>
+```typescript
+public readonly npmBuild: boolean;
+```
+- *Type:* boolean
+Run a standard npm build in the repository root.
+Defaults to `false`:
+- run linter via command "npm run lint"
+- run tests via command "npm run test:ci"
+- run a license check by calling the script "check-oss-licenses.sh" (from the RIO frontend template)
+- build the artifact via command "npm run build"
+---
+##### `vulnerabilityPipeline`<sup>Optional</sup> <a name="vulnerabilityPipeline" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.vulnerabilityPipeline"></a>
+```typescript
+public readonly vulnerabilityPipeline: boolean;
+```
+- *Type:* boolean
+Create a vulnerability pipeline to scan dependencies for vulnerabilities.
+Defaults to `true`.
+---
 ### PipelineSchedulesProps <a name="PipelineSchedulesProps" id="@rio-cloud/cdk-v2-constructs.PipelineSchedulesProps"></a>
 #### Initializer <a name="Initializer" id="@rio-cloud/cdk-v2-constructs.PipelineSchedulesProps.Initializer"></a>
@@ -14336,13 +14466,14 @@ const pipelineStackProps: PipelineStackProps = { ... }
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.tags">tags</a></code> | <code>{[ key: string ]: string}</code> | Stack tags that will be applied to all the taggable resources and the stack itself. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.terminationProtection">terminationProtection</a></code> | <code>boolean</code> | Whether to enable termination protection for this stack. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.appStackFactory">appStackFactory</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.IAppStackFactory">IAppStackFactory</a></code> | Provider for appStack to be deployed. |
-| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType">pipelineType</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a></code> | Defines which kind of pipeline is deployed. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.serviceName">serviceName</a></code> | <code>string</code> | The name of the service - This has to be the same name as the repository as the s3 trigger file created by the bitbucket-integration uses this as a prefix - The serviceName is available as an environment variable SERVICE_NAME in the CodeBuildStep - The serviceName is available in the AppStackProps in the appStackFactory - The serviceName is available as stackName property in the AppStackProps in the appStackFactory. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.codeBuildOptions">codeBuildOptions</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.CodeBuildOptions">CodeBuildOptions</a></code> | CodeBuild options overriding the rio-specific defaults. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.codePipelineType">codePipelineType</a></code> | <code>aws-cdk-lib.aws_codepipeline.PipelineType</code> | CodePipeline PipelineType (V1 or V2). |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.datadogAlertType">datadogAlertType</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.features">features</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures">PipelineFeatures</a></code> | Defines which kind of pipeline is deployed. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.monitoringDeployStepProps">monitoringDeployStepProps</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackRioMonitoringDeployStepProps">PipelineStackRioMonitoringDeployStepProps</a></code> | If present, the capability monitoring deploy step is added to the pipeline. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineSchedules">pipelineSchedules</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineSchedulesProps">PipelineSchedulesProps</a></code> | Defines how often the pipeline is triggered automatically. Is defined via a cron expression. |
+| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType">pipelineType</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a></code> | *No description.* |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.secretsDeployStepProps">secretsDeployStepProps</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackRioSecretsDeployStepProps">PipelineStackRioSecretsDeployStepProps</a></code> | Path to secrets file containing encrypted secrets. |
 | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.vulnerabilityNotification">vulnerabilityNotification</a></code> | <code>@rio-cloud/cdk-v2-constructs.datadogv2.INotification</code> | Notification type for the auto-generated vulnerability pipeline monitor. |
@@ -14585,18 +14716,6 @@ This acts as a wrapper for all resources you want to deploy via the pipeline.
 ---
-##### `pipelineType`<sup>Required</sup> <a name="pipelineType" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType"></a>
-```typescript
-public readonly pipelineType: PipelineType;
-```
-- *Type:* <a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a>
-Defines which kind of pipeline is deployed.
----
 ##### `serviceName`<sup>Required</sup> <a name="serviceName" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.serviceName"></a>
 ```typescript
@@ -14652,6 +14771,20 @@ public readonly datadogAlertType: string;
 ---
+##### `features`<sup>Optional</sup> <a name="features" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.features"></a>
+```typescript
+public readonly features: PipelineFeatures;
+```
+- *Type:* <a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures">PipelineFeatures</a>
+Defines which kind of pipeline is deployed.
+Use the features to combine different opinionated, RIO-specific pipeline features such as adding a branch pipeline or supporting Kafka.
+---
 ##### `monitoringDeployStepProps`<sup>Optional</sup> <a name="monitoringDeployStepProps" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.monitoringDeployStepProps"></a>
 ```typescript
@@ -14682,6 +14815,19 @@ Default values:
 ---
+##### ~~`pipelineType`~~<sup>Optional</sup> <a name="pipelineType" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType"></a>
+- *Deprecated:* Use the `features` property instead. For now, the pipeline types are mapped to the features.
+Defines which kind of pipeline is deployed.
+```typescript
+public readonly pipelineType: PipelineType;
+```
+- *Type:* <a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a>
+---
 ##### `secretsDeployStepProps`<sup>Optional</sup> <a name="secretsDeployStepProps" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.secretsDeployStepProps"></a>
 ```typescript

package/docs/changelog.md CHANGED Viewed

@@ -2,6 +2,34 @@
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
+## [6.15.0-alpha.1](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.15.0-alpha.0&sourceBranch=refs%2Ftags%2Fv6.15.0-alpha.1) (2024-11-21)
+### Features
+* **pipeline:** Switch to Lambda Compute for SelfMutate CodeBuild step ([d2964d9](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/d2964d9f19941c3e4680935bbaff93163de47b5c))
+### Bug Fixes
+* **pipeline:** Add missing setting to ensure pipeline is restarted after update ([380d5e0](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/380d5e04cecc1db7b353275c24de5d98a52ad90e))
+* **pipeline:** Fix typo in SSM parameter for kafka certificate script ([d63aebe](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/d63aebe7eb205b5c191d31e561554ddb82ab8c7b))
+* **pipeline:** Make workaround for tarball assets robust against missing input files ([35cea59](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/35cea59b1e84901186cf993f50ae947aa29f0d50))
+## [6.15.0-alpha.0](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.14.0&sourceBranch=refs%2Ftags%2Fv6.15.0-alpha.0) (2024-11-19)
+### Features
+* **pipeline:** Add frontend deploy step ([56b7f05](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/56b7f05752f6d59d243220fa95c3759706221a94))
+* **pipeline:** Allow to configure pipeline features in a modular way ([f773cc6](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/f773cc6e8a5c21039572ca4fd63134f07f4f865d))
+* **pipeline:** Remove now unused buildspecs ([a6e4bdc](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/a6e4bdc65a1bc35102aaae96a58b422bf78b282f))
+### Bug Fixes
+* **pipeline:** Fix typo in test ([65f1f5d](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/65f1f5d10f7f174317173454402b1e98f732b2c2))
 ## [6.14.0](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.13.4&sourceBranch=refs%2Ftags%2Fv6.14.0) (2024-11-18)

package/lib/contributions/team-transport-two/pipeline/buildspecs.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { BuildSpec } from 'aws-cdk-lib/aws-codebuild';
+import { PipelineFeatures } from './pipeline-stack';
+export declare const createMainBuildSpec: (features: PipelineFeatures) => BuildSpec;
+export declare const createVulnerabilityBuildSpec: (features: PipelineFeatures) => BuildSpec;
+export declare const logCommitHash: () => string[];

package/lib/contributions/team-transport-two/pipeline/buildspecs.js ADDED Viewed

@@ -0,0 +1,191 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logCommitHash = exports.createVulnerabilityBuildSpec = exports.createMainBuildSpec = void 0;
+const aws_codebuild_1 = require("aws-cdk-lib/aws-codebuild");
+const createMainBuildSpec = (features) => {
+    const env = {};
+    const buildCommands = [];
+    if (features.gradleBuild) {
+        buildCommands.push(...gradleBuildCommands(features.kafkaIntegration ?? false));
+        env['parameter-store'] = {
+            SERVICE_KEYSTORE_PASSWORD: '/config/${SERVICE_NAME}/service-keystore-password',
+            LICENSE_BUCKET_NAME: '/config/oss-licenses/bucket-name',
+            ACCOUNT_NAME: '/config/account/name',
+        };
+    }
+    if (features.kafkaIntegration) {
+        env['parameter-store'] = {
+            ...env['parameter-store'] ?? {},
+            CREATE_AND_SIGN_CERTIFICATE_SCRIPT_S3_LOCATION: '/config/kafka-integration/create-and-sign-certificate-script-s3-location',
+        };
+    }
+    if (features.npmBuild) {
+        env.variables = {
+            CI: 'true',
+        };
+        buildCommands.push(...npmBuildCommands());
+    }
+    if (features.additionalBuildCommands) {
+        buildCommands.push('### ADDITIONAL BUILD COMMANDS ###', ...features.additionalBuildCommands);
+    }
+    buildCommands.push(...infrastructureBuildCommands());
+    return aws_codebuild_1.BuildSpec.fromObject({
+        version: '0.2',
+        env,
+        phases: {
+            install: {
+                'runtime-versions': getRuntimes(features),
+            },
+            pre_build: {
+                commands: (0, exports.logCommitHash)(),
+            },
+            build: {
+                commands: buildCommands,
+            },
+            post_build: {
+                commands: (0, exports.logCommitHash)(),
+            },
+        },
+        reports: createReports(features),
+        cache: {
+            paths: cachePaths(),
+        },
+    });
+};
+exports.createMainBuildSpec = createMainBuildSpec;
+const createVulnerabilityBuildSpec = (features) => {
+    const env = {};
+    const buildCommands = [];
+    if (features.gradleBuild) {
+        env['parameter-store'] = {
+            NIST_DATA_MIRROR_URL: '/config/nist-data-mirror/url',
+        };
+        buildCommands.push(...[
+            '### GRADLE VULNERABILITY CHECK ###',
+            './gradlew -Dorg.gradle.jvmargs=-Xmx4g dependencyCheckAnalyze',
+        ]);
+    }
+    if (features.npmBuild) {
+        buildCommands.push(...[
+            '### NPM VULNERABILITY CHECK ###',
+            'npm audit --registry https://registry.npmjs.org --audit-level moderate --parseable --omit=dev',
+        ]);
+    }
+    buildCommands.push(...[
+        '### INFRASTRUCTURE VULNERABILITY CHECK ###',
+        'cd infrastructure',
+        'npm audit --registry https://registry.npmjs.org --audit-level moderate --parseable --omit=dev',
+        'cd ..',
+    ]);
+    return aws_codebuild_1.BuildSpec.fromObject({
+        version: '0.2',
+        env,
+        phases: {
+            install: {
+                'runtime-versions': getRuntimes(features),
+            },
+            pre_build: {
+                commands: (0, exports.logCommitHash)(),
+            },
+            build: {
+                commands: buildCommands,
+            },
+            post_build: {
+                commands: (0, exports.logCommitHash)(),
+            },
+        },
+        cache: {
+            paths: cachePathsVulnerability(),
+        },
+    });
+};
+exports.createVulnerabilityBuildSpec = createVulnerabilityBuildSpec;
+const getRuntimes = (features) => {
+    const runtimes = {};
+    if (features.gradleBuild) {
+        runtimes.java = 'corretto17';
+    }
+    runtimes.nodejs = '20';
+    return runtimes;
+};
+const logCommitHash = () => [
+    '(echo "Build triggered by commit " && git log --pretty=format:"%h%x09%an%x09%s" -n 1 ) | tr -d "\\n"',
+];
+exports.logCommitHash = logCommitHash;
+const infrastructureBuildCommands = () => [
+    '### INFRASTRUCTURE BUILD ###',
+    'cd infrastructure',
+    'npm ci',
+    'npm run cdk synth 1> /dev/null',
+    // In pipeline: Error parsing reference: is not a valid repository/tag: invalid reference format.
+    // workaround due to https://github.com/aws/aws-cdk/issues/18044',
+    'find ./ -type f -name "*DeployApplicationStacks*.assets.json" -print0 | xargs --no-run-if-empty -0 sed --in-place \'s|docker load -i asset.|docker load -i ../asset.|g\'',
+    'cd ..',
+];
+const gradleBuildCommands = (kafkaIntegration) => {
+    const commands = [];
+    commands.push(...[
+        '### GRADLE BUILD ###',
+        './gradlew clean build',
+        '# license check',
+        'set -u; aws s3 cp s3://${LICENSE_BUCKET_NAME}/whitelist-gradle.txt licenses/approved_licenses.txt',
+        './gradlew checkLicenses',
+        'set -u; aws s3 cp licenses/licenses.txt s3://${LICENSE_BUCKET_NAME}/reports/${ACCOUNT_NAME}/${SERVICE_NAME}.txt',
+        '# self signed certificate',
+        'set -u; keytool -genkey -alias InternalServiceCertificate -keyalg RSA -keystore containerfiles/service-keystore.p12 -validity 3650 -storetype PKCS12 -dname "CN=internal.service.${SERVICE_NAME}.${HOSTED_ZONE}, OU=Logistics, O=Rio, L=Munich, ST=BY, C=DE" -keypass ${SERVICE_KEYSTORE_PASSWORD} -storepass ${SERVICE_KEYSTORE_PASSWORD}',
+    ]);
+    if (kafkaIntegration) {
+        commands.push(...[
+            '# kafka certificate',
+            'set -u; aws s3 cp --quiet s3://${CREATE_AND_SIGN_CERTIFICATE_SCRIPT_S3_LOCATION} create-and-sign-certificate',
+            'chmod +x create-and-sign-certificate',
+            'set -u; ./create-and-sign-certificate --keystore-password ${SERVICE_KEYSTORE_PASSWORD} --fqdn ${SERVICE_NAME}.${HOSTED_ZONE}',
+            'cp /cert/certificate.p12 containerfiles/kafka-keystore.p12',
+        ]);
+    }
+    commands.push(...[
+        '# docker image build',
+        './gradlew jibBuildTar --quiet',
+    ]);
+    return commands;
+};
+const npmBuildCommands = () => [
+    '### NPM BUILD ###',
+    'npm ci',
+    'npm run lint',
+    'npm run test:ci',
+    './check-oss-licenses.sh',
+    'npm run build',
+];
+const cachePaths = () => [
+    '/cert/**/*',
+    '/root/.cache/**/*',
+    '/root/.npm/**/*',
+    '/root/.gradle/caches/**/*',
+    '/root/.gradle/wrapper/**/*',
+    '/root/google-cloud-tools-java/jib/**/*',
+    'target/jib-cache/**/*',
+];
+const cachePathsVulnerability = () => [
+    '/root/.cache/**/*',
+    '/root/.gradle/caches/**/*',
+    '/root/.gradle/wrapper/**/*',
+    '/root/.gradle/dependency-check-data/**/*',
+];
+const createReports = (features) => {
+    const reports = {};
+    if (features.gradleBuild) {
+        reports.GradleBuildTestResults = {
+            'files': ['**/*'],
+            'base-directory': 'build/test-results',
+        };
+    }
+    if (features.npmBuild) {
+        reports.NpmBuildTestResults = {
+            'files': ['**/*'],
+            'base-directory': 'results',
+        };
+    }
+    return reports;
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnVpbGRzcGVjcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9jb250cmlidXRpb25zL3RlYW0tdHJhbnNwb3J0LXR3by9waXBlbGluZS9idWlsZHNwZWNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZEQUFzRDtBQUkvQyxNQUFNLG1CQUFtQixHQUFHLENBQUMsUUFBMEIsRUFBYSxFQUFFO0lBQzNFLE1BQU0sR0FBRyxHQUEyQyxFQUFFLENBQUM7SUFDdkQsTUFBTSxhQUFhLEdBQWEsRUFBRSxDQUFDO0lBRW5DLElBQUksUUFBUSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ3pCLGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRyxtQkFBbUIsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLElBQUksS0FBSyxDQUFDLENBQUMsQ0FBQztRQUMvRSxHQUFHLENBQUMsaUJBQWlCLENBQUMsR0FBRztZQUN2Qix5QkFBeUIsRUFBRSxtREFBbUQ7WUFDOUUsbUJBQW1CLEVBQUUsa0NBQWtDO1lBQ3ZELFlBQVksRUFBRSxzQkFBc0I7U0FDckMsQ0FBQztJQUNKLENBQUM7SUFDRCxJQUFJLFFBQVEsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQzlCLEdBQUcsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHO1lBQ3ZCLEdBQUcsR0FBRyxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRTtZQUMvQiw4Q0FBOEMsRUFBRSwwRUFBMEU7U0FDM0gsQ0FBQztJQUNKLENBQUM7SUFDRCxJQUFJLFFBQVEsQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUN0QixHQUFHLENBQUMsU0FBUyxHQUFHO1lBQ2QsRUFBRSxFQUFFLE1BQU07U0FDWCxDQUFDO1FBQ0YsYUFBYSxDQUFDLElBQUksQ0FBQyxHQUFHLGdCQUFnQixFQUFFLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBQ0QsSUFBSSxRQUFRLENBQUMsdUJBQXVCLEVBQUUsQ0FBQztRQUNyQyxhQUFhLENBQUMsSUFBSSxDQUFDLG1DQUFtQyxFQUFFLEdBQUcsUUFBUSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDL0YsQ0FBQztJQUVELGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRywyQkFBMkIsRUFBRSxDQUFDLENBQUM7SUFFckQsT0FBTyx5QkFBUyxDQUFDLFVBQVUsQ0FBQztRQUMxQixPQUFPLEVBQUUsS0FBSztRQUNkLEdBQUc7UUFDSCxNQUFNLEVBQUU7WUFDTixPQUFPLEVBQUU7Z0JBQ1Asa0JBQWtCLEVBQUUsV0FBVyxDQUFDLFFBQVEsQ0FBQzthQUMxQztZQUNELFNBQVMsRUFBRTtnQkFDVCxRQUFRLEVBQUUsSUFBQSxxQkFBYSxHQUFFO2FBQzFCO1lBQ0QsS0FBSyxFQUFFO2dCQUNMLFFBQVEsRUFBRSxhQUFhO2FBQ3hCO1lBQ0QsVUFBVSxFQUFFO2dCQUNWLFFBQVEsRUFBRSxJQUFBLHFCQUFhLEdBQUU7YUFDMUI7U0FDRjtRQUNELE9BQU8sRUFBRSxhQUFhLENBQUMsUUFBUSxDQUFDO1FBQ2hDLEtBQUssRUFBRTtZQUNMLEtBQUssRUFBRSxVQUFVLEVBQUU7U0FDcEI7S0FDRixDQUFDLENBQUM7QUFDTCxDQUFDLENBQUM7QUFwRFcsUUFBQSxtQkFBbUIsdUJBb0Q5QjtBQUdLLE1BQU0sNEJBQTRCLEdBQUcsQ0FBQyxRQUEwQixFQUFFLEVBQUU7SUFDekUsTUFBTSxHQUFHLEdBQTJDLEVBQUUsQ0FBQztJQUN2RCxNQUFNLGFBQWEsR0FBYSxFQUFFLENBQUM7SUFFbkMsSUFBSSxRQUFRLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDekIsR0FBRyxDQUFDLGlCQUFpQixDQUFDLEdBQUc7WUFDdkIsb0JBQW9CLEVBQUUsOEJBQThCO1NBQ3JELENBQUM7UUFDRixhQUFhLENBQUMsSUFBSSxDQUFDLEdBQUc7WUFDcEIsb0NBQW9DO1lBQ3BDLDhEQUE4RDtTQUMvRCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBQ0QsSUFBSSxRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDdEIsYUFBYSxDQUFDLElBQUksQ0FBQyxHQUFHO1lBQ3BCLGlDQUFpQztZQUNqQywrRkFBK0Y7U0FDaEcsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUNELGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRztRQUNwQiw0Q0FBNEM7UUFDNUMsbUJBQW1CO1FBQ25CLCtGQUErRjtRQUMvRixPQUFPO0tBQ1IsQ0FBQyxDQUFDO0lBRUgsT0FBTyx5QkFBUyxDQUFDLFVBQVUsQ0FBQztRQUMxQixPQUFPLEVBQUUsS0FBSztRQUNkLEdBQUc7UUFDSCxNQUFNLEVBQUU7WUFDTixPQUFPLEVBQUU7Z0JBQ1Asa0JBQWtCLEVBQUUsV0FBVyxDQUFDLFFBQVEsQ0FBQzthQUMxQztZQUNELFNBQVMsRUFBRTtnQkFDVCxRQUFRLEVBQUUsSUFBQSxxQkFBYSxHQUFFO2FBQzFCO1lBQ0QsS0FBSyxFQUFFO2dCQUNMLFFBQVEsRUFBRSxhQUFhO2FBQ3hCO1lBQ0QsVUFBVSxFQUFFO2dCQUNWLFFBQVEsRUFBRSxJQUFBLHFCQUFhLEdBQUU7YUFDMUI7U0FDRjtRQUNELEtBQUssRUFBRTtZQUNMLEtBQUssRUFBRSx1QkFBdUIsRUFBRTtTQUNqQztLQUNGLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQztBQS9DVyxRQUFBLDRCQUE0QixnQ0ErQ3ZDO0FBRUYsTUFBTSxXQUFXLEdBQUcsQ0FBQyxRQUEwQixFQUFFLEVBQUU7SUFDakQsTUFBTSxRQUFRLEdBQTJCLEVBQUUsQ0FBQztJQUM1QyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN6QixRQUFRLENBQUMsSUFBSSxHQUFHLFlBQVksQ0FBQztJQUMvQixDQUFDO0lBQ0QsUUFBUSxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUM7SUFDdkIsT0FBTyxRQUFRLENBQUM7QUFDbEIsQ0FBQyxDQUFDO0FBRUssTUFBTSxhQUFhLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFDakMsc0dBQXNHO0NBQ3ZHLENBQUM7QUFGVyxRQUFBLGFBQWEsaUJBRXhCO0FBRUYsTUFBTSwyQkFBMkIsR0FBRyxHQUFHLEVBQUUsQ0FBQztJQUN4Qyw4QkFBOEI7SUFDOUIsbUJBQW1CO0lBQ25CLFFBQVE7SUFDUixnQ0FBZ0M7SUFDaEMsaUdBQWlHO0lBQ2pHLGtFQUFrRTtJQUNsRSwwS0FBMEs7SUFDMUssT0FBTztDQUNSLENBQUM7QUFFRixNQUFNLG1CQUFtQixHQUFHLENBQUMsZ0JBQXlCLEVBQUUsRUFBRTtJQUN4RCxNQUFNLFFBQVEsR0FBYSxFQUFFLENBQUM7SUFDOUIsUUFBUSxDQUFDLElBQUksQ0FBQyxHQUFHO1FBQ2Ysc0JBQXNCO1FBQ3RCLHVCQUF1QjtRQUN2QixpQkFBaUI7UUFDakIsbUdBQW1HO1FBQ25HLHlCQUF5QjtRQUN6QixpSEFBaUg7UUFDakgsMkJBQTJCO1FBQzNCLDRVQUE0VTtLQUM3VSxDQUFDLENBQUM7SUFDSCxJQUFJLGdCQUFnQixFQUFFLENBQUM7UUFDckIsUUFBUSxDQUFDLElBQUksQ0FBQyxHQUFHO1lBQ2YscUJBQXFCO1lBQ3JCLDhHQUE4RztZQUM5RyxzQ0FBc0M7WUFDdEMsOEhBQThIO1lBQzlILDREQUE0RDtTQUM3RCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBQ0QsUUFBUSxDQUFDLElBQUksQ0FBQyxHQUFHO1FBQ2Ysc0JBQXNCO1FBQ3RCLCtCQUErQjtLQUNoQyxDQUFDLENBQUM7SUFDSCxPQUFPLFFBQVEsQ0FBQztBQUNsQixDQUFDLENBQUM7QUFFRixNQUFNLGdCQUFnQixHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQzdCLG1CQUFtQjtJQUNuQixRQUFRO0lBQ1IsY0FBYztJQUNkLGlCQUFpQjtJQUNqQix5QkFBeUI7SUFDekIsZUFBZTtDQUNoQixDQUFDO0FBRUYsTUFBTSxVQUFVLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFDdkIsWUFBWTtJQUNaLG1CQUFtQjtJQUNuQixpQkFBaUI7SUFDakIsMkJBQTJCO0lBQzNCLDRCQUE0QjtJQUM1Qix3Q0FBd0M7SUFDeEMsdUJBQXVCO0NBQ3hCLENBQUM7QUFFRixNQUFNLHVCQUF1QixHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQ3BDLG1CQUFtQjtJQUNuQiwyQkFBMkI7SUFDM0IsNEJBQTRCO0lBQzVCLDBDQUEwQztDQUMzQyxDQUFDO0FBRUYsTUFBTSxhQUFhLEdBQUcsQ0FBQyxRQUEwQixFQUFFLEVBQUU7SUFDbkQsTUFBTSxPQUFPLEdBQXdCLEVBQUUsQ0FBQztJQUN4QyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN6QixPQUFPLENBQUMsc0JBQXNCLEdBQUc7WUFDL0IsT0FBTyxFQUFFLENBQUMsTUFBTSxDQUFDO1lBQ2pCLGdCQUFnQixFQUFFLG9CQUFvQjtTQUN2QyxDQUFDO0lBQ0osQ0FBQztJQUNELElBQUksUUFBUSxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQ3RCLE9BQU8sQ0FBQyxtQkFBbUIsR0FBRztZQUM1QixPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUM7WUFDakIsZ0JBQWdCLEVBQUUsU0FBUztTQUM1QixDQUFDO0lBQ0osQ0FBQztJQUNELE9BQU8sT0FBTyxDQUFDO0FBQ2pCLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJ1aWxkU3BlYyB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1jb2RlYnVpbGQnO1xuaW1wb3J0IHsgUGlwZWxpbmVGZWF0dXJlcyB9IGZyb20gJy4vcGlwZWxpbmUtc3RhY2snO1xuXG5cbmV4cG9ydCBjb25zdCBjcmVhdGVNYWluQnVpbGRTcGVjID0gKGZlYXR1cmVzOiBQaXBlbGluZUZlYXR1cmVzKTogQnVpbGRTcGVjID0+IHtcbiAgY29uc3QgZW52OiBSZWNvcmQ8c3RyaW5nLCBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+PiA9IHt9O1xuICBjb25zdCBidWlsZENvbW1hbmRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gIGlmIChmZWF0dXJlcy5ncmFkbGVCdWlsZCkge1xuICAgIGJ1aWxkQ29tbWFuZHMucHVzaCguLi5ncmFkbGVCdWlsZENvbW1hbmRzKGZlYXR1cmVzLmthZmthSW50ZWdyYXRpb24gPz8gZmFsc2UpKTtcbiAgICBlbnZbJ3BhcmFtZXRlci1zdG9yZSddID0ge1xuICAgICAgU0VSVklDRV9LRVlTVE9SRV9QQVNTV09SRDogJy9jb25maWcvJHtTRVJWSUNFX05BTUV9L3NlcnZpY2Uta2V5c3RvcmUtcGFzc3dvcmQnLFxuICAgICAgTElDRU5TRV9CVUNLRVRfTkFNRTogJy9jb25maWcvb3NzLWxpY2Vuc2VzL2J1Y2tldC1uYW1lJyxcbiAgICAgIEFDQ09VTlRfTkFNRTogJy9jb25maWcvYWNjb3VudC9uYW1lJyxcbiAgICB9O1xuICB9XG4gIGlmIChmZWF0dXJlcy5rYWZrYUludGVncmF0aW9uKSB7XG4gICAgZW52WydwYXJhbWV0ZXItc3RvcmUnXSA9IHtcbiAgICAgIC4uLmVudlsncGFyYW1ldGVyLXN0b3JlJ10gPz8ge30sXG4gICAgICBDUkVBVEVfQU5EX1NJR05fQ0VSVElGSUNBVEVfU0NSSVBUX1MzX0xPQ0FUSU9OOiAnL2NvbmZpZy9rYWZrYS1pbnRlZ3JhdGlvbi9jcmVhdGUtYW5kLXNpZ24tY2VydGlmaWNhdGUtc2NyaXB0LXMzLWxvY2F0aW9uJyxcbiAgICB9O1xuICB9XG4gIGlmIChmZWF0dXJlcy5ucG1CdWlsZCkge1xuICAgIGVudi52YXJpYWJsZXMgPSB7XG4gICAgICBDSTogJ3RydWUnLFxuICAgIH07XG4gICAgYnVpbGRDb21tYW5kcy5wdXNoKC4uLm5wbUJ1aWxkQ29tbWFuZHMoKSk7XG4gIH1cbiAgaWYgKGZlYXR1cmVzLmFkZGl0aW9uYWxCdWlsZENvbW1hbmRzKSB7XG4gICAgYnVpbGRDb21tYW5kcy5wdXNoKCcjIyMgQURESVRJT05BTCBCVUlMRCBDT01NQU5EUyAjIyMnLCAuLi5mZWF0dXJlcy5hZGRpdGlvbmFsQnVpbGRDb21tYW5kcyk7XG4gIH1cblxuICBidWlsZENvbW1hbmRzLnB1c2goLi4uaW5mcmFzdHJ1Y3R1cmVCdWlsZENvbW1hbmRzKCkpO1xuXG4gIHJldHVybiBCdWlsZFNwZWMuZnJvbU9iamVjdCh7XG4gICAgdmVyc2lvbjogJzAuMicsXG4gICAgZW52LFxuICAgIHBoYXNlczoge1xuICAgICAgaW5zdGFsbDoge1xuICAgICAgICAncnVudGltZS12ZXJzaW9ucyc6IGdldFJ1bnRpbWVzKGZlYXR1cmVzKSxcbiAgICAgIH0sXG4gICAgICBwcmVfYnVpbGQ6IHtcbiAgICAgICAgY29tbWFuZHM6IGxvZ0NvbW1pdEhhc2goKSxcbiAgICAgIH0sXG4gICAgICBidWlsZDoge1xuICAgICAgICBjb21tYW5kczogYnVpbGRDb21tYW5kcyxcbiAgICAgIH0sXG4gICAgICBwb3N0X2J1aWxkOiB7XG4gICAgICAgIGNvbW1hbmRzOiBsb2dDb21taXRIYXNoKCksXG4gICAgICB9LFxuICAgIH0sXG4gICAgcmVwb3J0czogY3JlYXRlUmVwb3J0cyhmZWF0dXJlcyksXG4gICAgY2FjaGU6IHtcbiAgICAgIHBhdGhzOiBjYWNoZVBhdGhzKCksXG4gICAgfSxcbiAgfSk7XG59O1xuXG5cbmV4cG9ydCBjb25zdCBjcmVhdGVWdWxuZXJhYmlsaXR5QnVpbGRTcGVjID0gKGZlYXR1cmVzOiBQaXBlbGluZUZlYXR1cmVzKSA9PiB7XG4gIGNvbnN0IGVudjogUmVjb3JkPHN0cmluZywgUmVjb3JkPHN0cmluZywgc3RyaW5nPj4gPSB7fTtcbiAgY29uc3QgYnVpbGRDb21tYW5kczogc3RyaW5nW10gPSBbXTtcblxuICBpZiAoZmVhdHVyZXMuZ3JhZGxlQnVpbGQpIHtcbiAgICBlbnZbJ3BhcmFtZXRlci1zdG9yZSddID0ge1xuICAgICAgTklTVF9EQVRBX01JUlJPUl9VUkw6ICcvY29uZmlnL25pc3QtZGF0YS1taXJyb3IvdXJsJyxcbiAgICB9O1xuICAgIGJ1aWxkQ29tbWFuZHMucHVzaCguLi5bXG4gICAgICAnIyMjIEdSQURMRSBWVUxORVJBQklMSVRZIENIRUNLICMjIycsXG4gICAgICAnLi9ncmFkbGV3IC1Eb3JnLmdyYWRsZS5qdm1hcmdzPS1YbXg0ZyBkZXBlbmRlbmN5Q2hlY2tBbmFseXplJyxcbiAgICBdKTtcbiAgfVxuICBpZiAoZmVhdHVyZXMubnBtQnVpbGQpIHtcbiAgICBidWlsZENvbW1hbmRzLnB1c2goLi4uW1xuICAgICAgJyMjIyBOUE0gVlVMTkVSQUJJTElUWSBDSEVDSyAjIyMnLFxuICAgICAgJ25wbSBhdWRpdCAtLXJlZ2lzdHJ5IGh0dHBzOi8vcmVnaXN0cnkubnBtanMub3JnIC0tYXVkaXQtbGV2ZWwgbW9kZXJhdGUgLS1wYXJzZWFibGUgLS1vbWl0PWRldicsXG4gICAgXSk7XG4gIH1cbiAgYnVpbGRDb21tYW5kcy5wdXNoKC4uLltcbiAgICAnIyMjIElORlJBU1RSVUNUVVJFIFZVTE5FUkFCSUxJVFkgQ0hFQ0sgIyMjJyxcbiAgICAnY2QgaW5mcmFzdHJ1Y3R1cmUnLFxuICAgICducG0gYXVkaXQgLS1yZWdpc3RyeSBodHRwczovL3JlZ2lzdHJ5Lm5wbWpzLm9yZyAtLWF1ZGl0LWxldmVsIG1vZGVyYXRlIC0tcGFyc2VhYmxlIC0tb21pdD1kZXYnLFxuICAgICdjZCAuLicsXG4gIF0pO1xuXG4gIHJldHVybiBCdWlsZFNwZWMuZnJvbU9iamVjdCh7XG4gICAgdmVyc2lvbjogJzAuMicsXG4gICAgZW52LFxuICAgIHBoYXNlczoge1xuICAgICAgaW5zdGFsbDoge1xuICAgICAgICAncnVudGltZS12ZXJzaW9ucyc6IGdldFJ1bnRpbWVzKGZlYXR1cmVzKSxcbiAgICAgIH0sXG4gICAgICBwcmVfYnVpbGQ6IHtcbiAgICAgICAgY29tbWFuZHM6IGxvZ0NvbW1pdEhhc2goKSxcbiAgICAgIH0sXG4gICAgICBidWlsZDoge1xuICAgICAgICBjb21tYW5kczogYnVpbGRDb21tYW5kcyxcbiAgICAgIH0sXG4gICAgICBwb3N0X2J1aWxkOiB7XG4gICAgICAgIGNvbW1hbmRzOiBsb2dDb21taXRIYXNoKCksXG4gICAgICB9LFxuICAgIH0sXG4gICAgY2FjaGU6IHtcbiAgICAgIHBhdGhzOiBjYWNoZVBhdGhzVnVsbmVyYWJpbGl0eSgpLFxuICAgIH0sXG4gIH0pO1xufTtcblxuY29uc3QgZ2V0UnVudGltZXMgPSAoZmVhdHVyZXM6IFBpcGVsaW5lRmVhdHVyZXMpID0+IHtcbiAgY29uc3QgcnVudGltZXM6IFJlY29yZDxzdHJpbmcsIHN0cmluZz4gPSB7fTtcbiAgaWYgKGZlYXR1cmVzLmdyYWRsZUJ1aWxkKSB7XG4gICAgcnVudGltZXMuamF2YSA9ICdjb3JyZXR0bzE3JztcbiAgfVxuICBydW50aW1lcy5ub2RlanMgPSAnMjAnO1xuICByZXR1cm4gcnVudGltZXM7XG59O1xuXG5leHBvcnQgY29uc3QgbG9nQ29tbWl0SGFzaCA9ICgpID0+IFtcbiAgJyhlY2hvIFwiQnVpbGQgdHJpZ2dlcmVkIGJ5IGNvbW1pdCBcIiAmJiBnaXQgbG9nIC0tcHJldHR5PWZvcm1hdDpcIiVoJXgwOSVhbiV4MDklc1wiIC1uIDEgKSB8IHRyIC1kIFwiXFxcXG5cIicsXG5dO1xuXG5jb25zdCBpbmZyYXN0cnVjdHVyZUJ1aWxkQ29tbWFuZHMgPSAoKSA9PiBbXG4gICcjIyMgSU5GUkFTVFJVQ1RVUkUgQlVJTEQgIyMjJyxcbiAgJ2NkIGluZnJhc3RydWN0dXJlJyxcbiAgJ25wbSBjaScsXG4gICducG0gcnVuIGNkayBzeW50aCAxPiAvZGV2L251bGwnLFxuICAvLyBJbiBwaXBlbGluZTogRXJyb3IgcGFyc2luZyByZWZlcmVuY2U6IGlzIG5vdCBhIHZhbGlkIHJlcG9zaXRvcnkvdGFnOiBpbnZhbGlkIHJlZmVyZW5jZSBmb3JtYXQuXG4gIC8vIHdvcmthcm91bmQgZHVlIHRvIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9pc3N1ZXMvMTgwNDQnLFxuICAnZmluZCAuLyAtdHlwZSBmIC1uYW1lIFwiKkRlcGxveUFwcGxpY2F0aW9uU3RhY2tzKi5hc3NldHMuanNvblwiIC1wcmludDAgfCB4YXJncyAtLW5vLXJ1bi1pZi1lbXB0eSAtMCBzZWQgLS1pbi1wbGFjZSBcXCdzfGRvY2tlciBsb2FkIC1pIGFzc2V0Lnxkb2NrZXIgbG9hZCAtaSAuLi9hc3NldC58Z1xcJycsXG4gICdjZCAuLicsXG5dO1xuXG5jb25zdCBncmFkbGVCdWlsZENvbW1hbmRzID0gKGthZmthSW50ZWdyYXRpb246IGJvb2xlYW4pID0+IHtcbiAgY29uc3QgY29tbWFuZHM6IHN0cmluZ1tdID0gW107XG4gIGNvbW1hbmRzLnB1c2goLi4uW1xuICAgICcjIyMgR1JBRExFIEJVSUxEICMjIycsXG4gICAgJy4vZ3JhZGxldyBjbGVhbiBidWlsZCcsXG4gICAgJyMgbGljZW5zZSBjaGVjaycsXG4gICAgJ3NldCAtdTsgYXdzIHMzIGNwIHMzOi8vJHtMSUNFTlNFX0JVQ0tFVF9OQU1FfS93aGl0ZWxpc3QtZ3JhZGxlLnR4dCBsaWNlbnNlcy9hcHByb3ZlZF9saWNlbnNlcy50eHQnLFxuICAgICcuL2dyYWRsZXcgY2hlY2tMaWNlbnNlcycsXG4gICAgJ3NldCAtdTsgYXdzIHMzIGNwIGxpY2Vuc2VzL2xpY2Vuc2VzLnR4dCBzMzovLyR7TElDRU5TRV9CVUNLRVRfTkFNRX0vcmVwb3J0cy8ke0FDQ09VTlRfTkFNRX0vJHtTRVJWSUNFX05BTUV9LnR4dCcsXG4gICAgJyMgc2VsZiBzaWduZWQgY2VydGlmaWNhdGUnLFxuICAgICdzZXQgLXU7IGtleXRvb2wgLWdlbmtleSAtYWxpYXMgSW50ZXJuYWxTZXJ2aWNlQ2VydGlmaWNhdGUgLWtleWFsZyBSU0EgLWtleXN0b3JlIGNvbnRhaW5lcmZpbGVzL3NlcnZpY2Uta2V5c3RvcmUucDEyIC12YWxpZGl0eSAzNjUwIC1zdG9yZXR5cGUgUEtDUzEyIC1kbmFtZSBcIkNOPWludGVybmFsLnNlcnZpY2UuJHtTRVJWSUNFX05BTUV9LiR7SE9TVEVEX1pPTkV9LCBPVT1Mb2dpc3RpY3MsIE89UmlvLCBMPU11bmljaCwgU1Q9QlksIEM9REVcIiAta2V5cGFzcyAke1NFUlZJQ0VfS0VZU1RPUkVfUEFTU1dPUkR9IC1zdG9yZXBhc3MgJHtTRVJWSUNFX0tFWVNUT1JFX1BBU1NXT1JEfScsXG4gIF0pO1xuICBpZiAoa2Fma2FJbnRlZ3JhdGlvbikge1xuICAgIGNvbW1hbmRzLnB1c2goLi4uW1xuICAgICAgJyMga2Fma2EgY2VydGlmaWNhdGUnLFxuICAgICAgJ3NldCAtdTsgYXdzIHMzIGNwIC0tcXVpZXQgczM6Ly8ke0NSRUFURV9BTkRfU0lHTl9DRVJUSUZJQ0FURV9TQ1JJUFRfUzNfTE9DQVRJT059IGNyZWF0ZS1hbmQtc2lnbi1jZXJ0aWZpY2F0ZScsXG4gICAgICAnY2htb2QgK3ggY3JlYXRlLWFuZC1zaWduLWNlcnRpZmljYXRlJyxcbiAgICAgICdzZXQgLXU7IC4vY3JlYXRlLWFuZC1zaWduLWNlcnRpZmljYXRlIC0ta2V5c3RvcmUtcGFzc3dvcmQgJHtTRVJWSUNFX0tFWVNUT1JFX1BBU1NXT1JEfSAtLWZxZG4gJHtTRVJWSUNFX05BTUV9LiR7SE9TVEVEX1pPTkV9JyxcbiAgICAgICdjcCAvY2VydC9jZXJ0aWZpY2F0ZS5wMTIgY29udGFpbmVyZmlsZXMva2Fma2Eta2V5c3RvcmUucDEyJyxcbiAgICBdKTtcbiAgfVxuICBjb21tYW5kcy5wdXNoKC4uLltcbiAgICAnIyBkb2NrZXIgaW1hZ2UgYnVpbGQnLFxuICAgICcuL2dyYWRsZXcgamliQnVpbGRUYXIgLS1xdWlldCcsXG4gIF0pO1xuICByZXR1cm4gY29tbWFuZHM7XG59O1xuXG5jb25zdCBucG1CdWlsZENvbW1hbmRzID0gKCkgPT4gW1xuICAnIyMjIE5QTSBCVUlMRCAjIyMnLFxuICAnbnBtIGNpJyxcbiAgJ25wbSBydW4gbGludCcsXG4gICducG0gcnVuIHRlc3Q6Y2knLFxuICAnLi9jaGVjay1vc3MtbGljZW5zZXMuc2gnLFxuICAnbnBtIHJ1biBidWlsZCcsXG5dO1xuXG5jb25zdCBjYWNoZVBhdGhzID0gKCkgPT4gW1xuICAnL2NlcnQvKiovKicsXG4gICcvcm9vdC8uY2FjaGUvKiovKicsXG4gICcvcm9vdC8ubnBtLyoqLyonLFxuICAnL3Jvb3QvLmdyYWRsZS9jYWNoZXMvKiovKicsXG4gICcvcm9vdC8uZ3JhZGxlL3dyYXBwZXIvKiovKicsXG4gICcvcm9vdC9nb29nbGUtY2xvdWQtdG9vbHMtamF2YS9qaWIvKiovKicsXG4gICd0YXJnZXQvamliLWNhY2hlLyoqLyonLFxuXTtcblxuY29uc3QgY2FjaGVQYXRoc1Z1bG5lcmFiaWxpdHkgPSAoKSA9PiBbXG4gICcvcm9vdC8uY2FjaGUvKiovKicsXG4gICcvcm9vdC8uZ3JhZGxlL2NhY2hlcy8qKi8qJyxcbiAgJy9yb290Ly5ncmFkbGUvd3JhcHBlci8qKi8qJyxcbiAgJy9yb290Ly5ncmFkbGUvZGVwZW5kZW5jeS1jaGVjay1kYXRhLyoqLyonLFxuXTtcblxuY29uc3QgY3JlYXRlUmVwb3J0cyA9IChmZWF0dXJlczogUGlwZWxpbmVGZWF0dXJlcykgPT4ge1xuICBjb25zdCByZXBvcnRzOiBSZWNvcmQ8c3RyaW5nLCBhbnk+ID0ge307XG4gIGlmIChmZWF0dXJlcy5ncmFkbGVCdWlsZCkge1xuICAgIHJlcG9ydHMuR3JhZGxlQnVpbGRUZXN0UmVzdWx0cyA9IHtcbiAgICAgICdmaWxlcyc6IFsnKiovKiddLFxuICAgICAgJ2Jhc2UtZGlyZWN0b3J5JzogJ2J1aWxkL3Rlc3QtcmVzdWx0cycsXG4gICAgfTtcbiAgfVxuICBpZiAoZmVhdHVyZXMubnBtQnVpbGQpIHtcbiAgICByZXBvcnRzLk5wbUJ1aWxkVGVzdFJlc3VsdHMgPSB7XG4gICAgICAnZmlsZXMnOiBbJyoqLyonXSxcbiAgICAgICdiYXNlLWRpcmVjdG9yeSc6ICdyZXN1bHRzJyxcbiAgICB9O1xuICB9XG4gIHJldHVybiByZXBvcnRzO1xufTtcbiJdfQ==

package/lib/contributions/team-transport-two/pipeline/pipeline-stack.d.ts CHANGED Viewed

@@ -32,8 +32,15 @@ export interface PipelineStackProps extends StackProps {
     readonly appStackFactory: IAppStackFactory;
     /**
      * Defines which kind of pipeline is deployed.
+     *
+     * Use the features to combine different opinionated, RIO-specific pipeline features such as adding a branch pipeline or supporting Kafka.
      */
-    readonly pipelineType: PipelineType;
+    readonly features?: PipelineFeatures;
+    /**
+     * @deprecated Use the `features` property instead. For now, the pipeline types are mapped to the features.
+     * Defines which kind of pipeline is deployed.
+     */
+    readonly pipelineType?: PipelineType;
     /**
      * Defines how often the pipeline is triggered automatically. Is defined via a cron expression.
      *
@@ -131,6 +138,44 @@ export interface PipelineStackRioMonitoringDeployStepProps {
         [directory: string]: string[];
     };
 }
+export interface PipelineFeatures {
+    /**
+     * Create a branch pipeline used by renovate. Defaults to `true`.
+     */
+    readonly branchPipeline?: boolean;
+    /**
+     * Create a vulnerability pipeline to scan dependencies for vulnerabilities. Defaults to `true`.
+     */
+    readonly vulnerabilityPipeline?: boolean;
+    /**
+     * Run a standard gradle build in the repository root. Defaults to `false`:
+     * - build and test of the artifact via command "./gradlew clean build"
+     * - license-check and upload of license-check-file via command "./gradlew checkLicenses"
+     * - create a self-signed certificate to make TLS communication possible, e.g. with a loadbalancer
+     * - build the container image via command "./gradlew jibBuildTar"
+     */
+    readonly gradleBuild?: boolean;
+    /**
+     * Run a standard npm build in the repository root. Defaults to `false`:
+     * - run linter via command "npm run lint"
+     * - run tests via command "npm run test:ci"
+     * - run a license check by calling the script "check-oss-licenses.sh" (from the RIO frontend template)
+     * - build the artifact via command "npm run build"
+     */
+    readonly npmBuild?: boolean;
+    /**
+     * Add required steps and permissions to support Kafka. Currently, this requires `gradleBuild` to be set to `true`. Defaults to `false`.
+     */
+    readonly kafkaIntegration?: boolean;
+    /**
+     * S3 Bucket to deploy frontend to. Requires `npmBuild` to be set to `true`. If set, the output of the npm build is deployed to the provided bucket.
+     */
+    readonly frontendBucketName?: string;
+    /**
+     * Additional build commands for main and branch pipeline. Will be added after all build & test commands, before the infrastructure build.
+     */
+    readonly additionalBuildCommands?: string[];
+}
 export declare enum PipelineType {
     /**
      * Self-mutating codepipeline deploying the provided AppStack. Be aware: The provided service won't have access to Kafka.
@@ -181,6 +226,7 @@ export interface CodeBuildOptions {
     readonly buildEnvironment?: BuildEnvironment;
 }
 export declare class PipelineStack extends Stack {
+    private readonly _features;
     private readonly _mainCodeBuildProject;
     private readonly _branchCodeBuildProject;
     private readonly _bucket;
@@ -197,6 +243,7 @@ export declare class PipelineStack extends Stack {
     constructor(scope: Construct, id: string, props: PipelineStackProps);
     get mainCodebuildProject(): cdk.pipelines.CodeBuildStep;
     get branchCodeBuildProject(): CodeBuildStep;
+    private parseFeatures;
     private createRioCodeBuildProject;
     private addMainPipeline;
     private addBranchPipeline;
@@ -204,7 +251,7 @@ export declare class PipelineStack extends Stack {
     private createStripAssetsStep;
     private createCapabilityMonitoringDeployStep;
     private createSecretsDeployStep;
-    private resolveDefaultBuildSpec;
+    private createDeployFrontendDeployStep;
     private grantPermissionsForKafkaIntegration;
     private loadBuildSpecFromFile;
     private renamePipelineToLowerCase;