@zincapp/zn-vault-agent 1.3.0

package/dist/lib/deployer.js

@@ -0,0 +1,407 @@
+// Path: src/lib/deployer.ts
+// Certificate deployment with atomic writes and verification
+import fs from 'node:fs';
+import path from 'node:path';
+import crypto from 'node:crypto';
+import { execSync } from 'node:child_process';
+import os from 'node:os';
+import { decryptCertificate, getCertificate, ackDelivery } from './api.js';
+import { updateTargetFingerprint, loadConfig } from './config.js';
+import { deployLogger as log } from './logger.js';
+import { metrics } from './metrics.js';
+import { updateCertStatus } from './health.js';
+/**
+ * Parse PEM certificate bundle into components
+ */
+function parsePemBundle(pemData) {
+    const certRegex = /-----BEGIN CERTIFICATE-----[\s\S]*?-----END CERTIFICATE-----/g;
+    // Support all private key formats: RSA, EC, PKCS8, and encrypted
+    const keyRegex = /-----BEGIN (?:RSA |EC |ENCRYPTED )?PRIVATE KEY-----[\s\S]*?-----END (?:RSA |EC |ENCRYPTED )?PRIVATE KEY-----/;
+    const certs = pemData.match(certRegex) || [];
+    const keyMatch = pemData.match(keyRegex);
+    log.debug({
+        certsFound: certs.length,
+        hasPrivateKey: !!keyMatch,
+        pemLength: pemData.length,
+    }, 'Parsed PEM bundle');
+    return {
+        certificate: certs[0] || '',
+        privateKey: keyMatch ? keyMatch[0] : '',
+        chain: certs.slice(1),
+    };
+}
+/**
+ * Calculate SHA-256 hash of content
+ */
+function hashContent(content) {
+    return crypto.createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Write file atomically using temp file + rename
+ * This ensures the file is either fully written or not at all
+ */
+function writeFileAtomic(filePath, content, mode) {
+    const dir = path.dirname(filePath);
+    const tempPath = path.join(dir, `.${path.basename(filePath)}.${process.pid}.tmp`);
+    // Create directory if needed
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+    try {
+        // Write to temp file
+        fs.writeFileSync(tempPath, content, { mode });
+        // Atomic rename
+        fs.renameSync(tempPath, filePath);
+    }
+    catch (err) {
+        // Clean up temp file on error
+        try {
+            if (fs.existsSync(tempPath)) {
+                fs.unlinkSync(tempPath);
+            }
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+        throw err;
+    }
+}
+/**
+ * Verify file was written correctly by re-reading and comparing hash
+ */
+function verifyFile(filePath, expectedHash) {
+    try {
+        const content = fs.readFileSync(filePath, 'utf-8');
+        const actualHash = hashContent(content);
+        return actualHash === expectedHash;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Write file with proper ownership and permissions, using atomic write
+ */
+function writeSecureFile(filePath, content, owner, mode) {
+    const fileMode = mode ? parseInt(mode, 8) : 0o600;
+    // Atomic write
+    writeFileAtomic(filePath, content, fileMode);
+    // Set ownership if specified and running as root
+    if (owner && process.getuid?.() === 0) {
+        const [user, group] = owner.split(':');
+        try {
+            execSync(`chown ${user}:${group || user} "${filePath}"`, { stdio: 'pipe' });
+        }
+        catch (err) {
+            log.warn({ filePath, owner, err }, 'Failed to set file ownership');
+        }
+    }
+    // Set permissions (may be different from atomic write due to umask)
+    if (mode) {
+        try {
+            fs.chmodSync(filePath, fileMode);
+        }
+        catch (err) {
+            log.warn({ filePath, mode, err }, 'Failed to set file permissions');
+        }
+    }
+    return { hash: hashContent(content) };
+}
+/**
+ * Backup existing files before deployment
+ */
+function backupFiles(outputs) {
+    const backups = new Map();
+    for (const filePath of Object.values(outputs)) {
+        if (filePath && fs.existsSync(filePath)) {
+            const backupPath = `${filePath}.bak`;
+            try {
+                fs.copyFileSync(filePath, backupPath);
+                backups.set(filePath, backupPath);
+                log.debug({ original: filePath, backup: backupPath }, 'Created backup');
+            }
+            catch (err) {
+                log.warn({ filePath, err }, 'Failed to create backup');
+            }
+        }
+    }
+    return backups;
+}
+/**
+ * Restore files from backup
+ */
+function restoreBackups(backups) {
+    for (const [original, backup] of backups) {
+        if (fs.existsSync(backup)) {
+            try {
+                fs.copyFileSync(backup, original);
+                log.info({ original, backup }, 'Restored from backup');
+            }
+            catch (err) {
+                log.error({ original, backup, err }, 'Failed to restore backup');
+            }
+        }
+    }
+}
+/**
+ * Clean up backup files after successful deployment
+ */
+function cleanupBackups(backups) {
+    for (const backup of backups.values()) {
+        try {
+            if (fs.existsSync(backup)) {
+                fs.unlinkSync(backup);
+            }
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+    }
+}
+/**
+ * Execute reload command
+ */
+function executeReload(cmd) {
+    log.debug({ cmd }, 'Executing reload command');
+    try {
+        const output = execSync(cmd, { encoding: 'utf-8', timeout: 30000 });
+        log.info({ cmd }, 'Reload command succeeded');
+        return { success: true, output };
+    }
+    catch (err) {
+        const error = err;
+        const output = error.stderr || error.message || 'Unknown error';
+        log.error({ cmd, error: output }, 'Reload command failed');
+        return { success: false, output };
+    }
+}
+/**
+ * Execute health check command
+ */
+function executeHealthCheck(cmd) {
+    log.debug({ cmd }, 'Executing health check');
+    try {
+        execSync(cmd, { encoding: 'utf-8', timeout: 10000, stdio: 'pipe' });
+        log.debug({ cmd }, 'Health check passed');
+        return true;
+    }
+    catch (err) {
+        log.warn({ cmd, err }, 'Health check failed');
+        return false;
+    }
+}
+/**
+ * Deploy a certificate to its target locations
+ */
+export async function deployCertificate(target, force = false) {
+    const { certId, name, outputs, owner, mode, reloadCmd, healthCheckCmd } = target;
+    const config = loadConfig();
+    const startTime = Date.now();
+    log.info({ certId, name, force }, 'Starting certificate deployment');
+    try {
+        // Get certificate metadata to check fingerprint
+        const metadata = await getCertificate(certId);
+        // Update expiry metric
+        metrics.setCertExpiry(certId, name, metadata.daysUntilExpiry);
+        // Check if certificate has changed (unless forced)
+        if (!force && target.lastFingerprint === metadata.fingerprintSha256) {
+            const duration = Date.now() - startTime;
+            log.debug({ certId, name, duration }, 'Certificate unchanged, skipping');
+            return {
+                success: true,
+                certId,
+                name,
+                message: 'Certificate unchanged',
+                fingerprint: metadata.fingerprintSha256,
+                durationMs: duration,
+            };
+        }
+        // Check expiry
+        if (metadata.daysUntilExpiry < 0) {
+            const duration = Date.now() - startTime;
+            const message = `Certificate is EXPIRED (${Math.abs(metadata.daysUntilExpiry)} days ago)`;
+            log.error({ certId, name, daysExpired: Math.abs(metadata.daysUntilExpiry) }, message);
+            metrics.syncFailure(name, 'expired');
+            return {
+                success: false,
+                certId,
+                name,
+                message,
+                durationMs: duration,
+            };
+        }
+        // Decrypt certificate
+        const decrypted = await decryptCertificate(certId, `Agent sync to ${os.hostname()}`);
+        // Decode from base64
+        const pemData = Buffer.from(decrypted.certificateData, 'base64').toString('utf-8');
+        // Parse PEM bundle
+        const { certificate, privateKey, chain } = parsePemBundle(pemData);
+        if (!certificate) {
+            throw new Error('No certificate found in PEM data');
+        }
+        // Backup existing files
+        const backups = backupFiles(outputs);
+        const filesWritten = [];
+        const fileHashes = new Map();
+        try {
+            // Write files based on output configuration
+            if (outputs.combined) {
+                const combined = [certificate, privateKey, ...chain].filter(Boolean).join('\n');
+                const { hash } = writeSecureFile(outputs.combined, combined, owner, mode);
+                fileHashes.set(outputs.combined, hash);
+                filesWritten.push(outputs.combined);
+            }
+            if (outputs.cert) {
+                const { hash } = writeSecureFile(outputs.cert, certificate, owner, mode);
+                fileHashes.set(outputs.cert, hash);
+                filesWritten.push(outputs.cert);
+            }
+            if (outputs.key) {
+                if (privateKey) {
+                    const { hash } = writeSecureFile(outputs.key, privateKey, owner, mode || '0600');
+                    fileHashes.set(outputs.key, hash);
+                    filesWritten.push(outputs.key);
+                }
+                else {
+                    log.warn({
+                        certId,
+                        name,
+                        keyPath: outputs.key,
+                    }, 'Private key output configured but certificate has no private key - was the key included when storing?');
+                }
+            }
+            if (outputs.chain && chain.length > 0) {
+                const chainContent = chain.join('\n');
+                const { hash } = writeSecureFile(outputs.chain, chainContent, owner, mode);
+                fileHashes.set(outputs.chain, hash);
+                filesWritten.push(outputs.chain);
+            }
+            if (outputs.fullchain) {
+                const fullchain = [certificate, ...chain].filter(Boolean).join('\n');
+                const { hash } = writeSecureFile(outputs.fullchain, fullchain, owner, mode);
+                fileHashes.set(outputs.fullchain, hash);
+                filesWritten.push(outputs.fullchain);
+            }
+            // Verify all written files
+            for (const [filePath, expectedHash] of fileHashes) {
+                if (!verifyFile(filePath, expectedHash)) {
+                    throw new Error(`File verification failed for ${filePath}`);
+                }
+            }
+            log.debug({ files: filesWritten.length }, 'All files written and verified');
+            // Execute reload command
+            const reloadCommand = reloadCmd || config.globalReloadCmd;
+            let reloadOutput;
+            if (reloadCommand) {
+                const result = executeReload(reloadCommand);
+                reloadOutput = result.output;
+                if (!result.success) {
+                    // Reload failed, rollback
+                    log.warn({ certId, name }, 'Reload failed, rolling back');
+                    restoreBackups(backups);
+                    if (reloadCommand) {
+                        executeReload(reloadCommand); // Try to reload with old certs
+                    }
+                    metrics.syncFailure(name, 'reload_failed');
+                    return {
+                        success: false,
+                        certId,
+                        name,
+                        message: `Reload failed: ${result.output}`,
+                        rolledBack: true,
+                        durationMs: Date.now() - startTime,
+                    };
+                }
+            }
+            // Execute health check
+            let healthCheckPassed;
+            if (healthCheckCmd) {
+                healthCheckPassed = executeHealthCheck(healthCheckCmd);
+                if (!healthCheckPassed) {
+                    // Health check failed, rollback
+                    log.warn({ certId, name }, 'Health check failed, rolling back');
+                    restoreBackups(backups);
+                    if (reloadCommand) {
+                        executeReload(reloadCommand); // Reload with old certs
+                    }
+                    metrics.syncFailure(name, 'health_check_failed');
+                    return {
+                        success: false,
+                        certId,
+                        name,
+                        message: 'Health check failed after deployment',
+                        rolledBack: true,
+                        durationMs: Date.now() - startTime,
+                    };
+                }
+            }
+            // Update fingerprint in config
+            updateTargetFingerprint(certId, metadata.fingerprintSha256);
+            // Acknowledge delivery to server
+            await ackDelivery(certId, os.hostname(), metadata.version);
+            // Clean up backups after successful deployment
+            cleanupBackups(backups);
+            const duration = Date.now() - startTime;
+            const message = `Deployed v${metadata.version} (expires in ${metadata.daysUntilExpiry}d)`;
+            log.info({ certId, name, version: metadata.version, expiresIn: metadata.daysUntilExpiry, duration }, message);
+            metrics.syncSuccess(name);
+            metrics.syncDuration(name, duration);
+            return {
+                success: true,
+                certId,
+                name,
+                message,
+                fingerprint: metadata.fingerprintSha256,
+                filesWritten,
+                reloadOutput,
+                healthCheckPassed,
+                durationMs: duration,
+            };
+        }
+        catch (deployErr) {
+            // Deployment failed, try to rollback
+            log.error({ certId, name, err: deployErr }, 'Deployment failed, rolling back');
+            restoreBackups(backups);
+            throw deployErr;
+        }
+    }
+    catch (err) {
+        const duration = Date.now() - startTime;
+        const message = err instanceof Error ? err.message : String(err);
+        log.error({ certId, name, err, duration }, 'Certificate deployment failed');
+        metrics.syncFailure(name, 'error');
+        return {
+            success: false,
+            certId,
+            name,
+            message,
+            durationMs: duration,
+        };
+    }
+}
+/**
+ * Deploy all configured certificate targets
+ */
+export async function deployAllCertificates(force = false) {
+    const config = loadConfig();
+    const results = [];
+    let successCount = 0;
+    let errorCount = 0;
+    log.info({ count: config.targets.length, force }, 'Deploying all certificates');
+    for (const target of config.targets) {
+        const result = await deployCertificate(target, force);
+        results.push(result);
+        if (result.success) {
+            successCount++;
+        }
+        else {
+            errorCount++;
+        }
+    }
+    // Update health status
+    updateCertStatus(successCount, errorCount);
+    metrics.setCertsTracked(config.targets.length);
+    log.info({ total: config.targets.length, success: successCount, errors: errorCount }, 'Deployment complete');
+    return results;
+}
+//# sourceMappingURL=deployer.js.map

package/dist/lib/deployer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deployer.js","sourceRoot":"","sources":["../../src/lib/deployer.ts"],"names":[],"mappings":"AAAA,4BAA4B;AAC5B,6DAA6D;AAE7D,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,OAAO,EAAE,kBAAkB,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAC3E,OAAO,EAAE,uBAAuB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,YAAY,IAAI,GAAG,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAe/C;;GAEG;AACH,SAAS,cAAc,CAAC,OAAe;IAKrC,MAAM,SAAS,GAAG,+DAA+D,CAAC;IAClF,iEAAiE;IACjE,MAAM,QAAQ,GAAG,8GAA8G,CAAC;IAEhI,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAEzC,GAAG,CAAC,KAAK,CAAC;QACR,UAAU,EAAE,KAAK,CAAC,MAAM;QACxB,aAAa,EAAE,CAAC,CAAC,QAAQ;QACzB,SAAS,EAAE,OAAO,CAAC,MAAM;KAC1B,EAAE,mBAAmB,CAAC,CAAC;IAExB,OAAO;QACL,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE;QAC3B,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;QACvC,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;KACtB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,OAAe;IAClC,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnE,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAY;IACtE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;IAElF,6BAA6B;IAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,IAAI,CAAC;QACH,qBAAqB;QACrB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QAE9C,gBAAgB;QAChB,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACpC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,8BAA8B;QAC9B,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5B,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,QAAgB,EAAE,YAAoB;IACxD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,UAAU,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QACxC,OAAO,UAAU,KAAK,YAAY,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB,EAAE,OAAe,EAAE,KAAc,EAAE,IAAa;IACvF,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAElD,eAAe;IACf,eAAe,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;IAE7C,iDAAiD;IACjD,IAAI,KAAK,IAAI,OAAO,CAAC,MAAM,EAAE,EAAE,KAAK,CAAC,EAAE,CAAC;QACtC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACvC,IAAI,CAAC;YACH,QAAQ,CAAC,SAAS,IAAI,IAAI,KAAK,IAAI,IAAI,KAAK,QAAQ,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,8BAA8B,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,gCAAgC,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,OAA8B;IACjD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE1C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9C,IAAI,QAAQ,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,MAAM,UAAU,GAAG,GAAG,QAAQ,MAAM,CAAC;YACrC,IAAI,CAAC;gBACH,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;gBAClC,GAAG,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,gBAAgB,CAAC,CAAC;YAC1E,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAE,yBAAyB,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,OAA4B;IAClD,KAAK,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACzC,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACH,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,sBAAsB,CAAC,CAAC;YACzD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,0BAA0B,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,OAA4B;IAClD,KAAK,MAAM,MAAM,IAAI,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;QACtC,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,GAAW;IAChC,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,0BAA0B,CAAC,CAAC;IAC/C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QACpE,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,EAAE,0BAA0B,CAAC,CAAC;QAC9C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IACnC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,GAA4C,CAAC;QAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,OAAO,IAAI,eAAe,CAAC;QAChE,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,uBAAuB,CAAC,CAAC;QAC3D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IACpC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,wBAAwB,CAAC,CAAC;IAC7C,IAAI,CAAC;QACH,QAAQ,CAAC,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACpE,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,qBAAqB,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,qBAAqB,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAkB,EAClB,QAAiB,KAAK;IAEtB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;IACjF,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,iCAAiC,CAAC,CAAC;IAErE,IAAI,CAAC;QACH,gDAAgD;QAChD,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;QAE9C,uBAAuB;QACvB,OAAO,CAAC,aAAa,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC;QAE9D,mDAAmD;QACnD,IAAI,CAAC,KAAK,IAAI,MAAM,CAAC,eAAe,KAAK,QAAQ,CAAC,iBAAiB,EAAE,CAAC;YACpE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACxC,GAAG,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,iCAAiC,CAAC,CAAC;YACzE,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM;gBACN,IAAI;gBACJ,OAAO,EAAE,uBAAuB;gBAChC,WAAW,EAAE,QAAQ,CAAC,iBAAiB;gBACvC,UAAU,EAAE,QAAQ;aACrB,CAAC;QACJ,CAAC;QAED,eAAe;QACf,IAAI,QAAQ,CAAC,eAAe,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACxC,MAAM,OAAO,GAAG,2BAA2B,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,YAAY,CAAC;YAC1F,GAAG,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;YACtF,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACrC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM;gBACN,IAAI;gBACJ,OAAO;gBACP,UAAU,EAAE,QAAQ;aACrB,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,MAAM,SAAS,GAAG,MAAM,kBAAkB,CACxC,MAAM,EACN,iBAAiB,EAAE,CAAC,QAAQ,EAAE,EAAE,CACjC,CAAC;QAEF,qBAAqB;QACrB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEnF,mBAAmB;QACnB,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;QAEnE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,wBAAwB;QACxB,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,YAAY,GAAa,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;QAE7C,IAAI,CAAC;YACH,4CAA4C;YAC5C,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACrB,MAAM,QAAQ,GAAG,CAAC,WAAW,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAChF,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC1E,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;gBACvC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACtC,CAAC;YAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;gBACzE,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACnC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;YAED,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,IAAI,MAAM,CAAC,CAAC;oBACjF,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;oBAClC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBACjC,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,IAAI,CAAC;wBACP,MAAM;wBACN,IAAI;wBACJ,OAAO,EAAE,OAAO,CAAC,GAAG;qBACrB,EAAE,uGAAuG,CAAC,CAAC;gBAC9G,CAAC;YACH,CAAC;YAED,IAAI,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtC,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACtC,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC3E,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBACpC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YACnC,CAAC;YAED,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;gBACtB,MAAM,SAAS,GAAG,CAAC,WAAW,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrE,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC5E,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;gBACxC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACvC,CAAC;YAED,2BAA2B;YAC3B,KAAK,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,UAAU,EAAE,CAAC;gBAClD,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC;oBACxC,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,EAAE,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YACD,GAAG,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,MAAM,EAAE,EAAE,gCAAgC,CAAC,CAAC;YAE5E,yBAAyB;YACzB,MAAM,aAAa,GAAG,SAAS,IAAI,MAAM,CAAC,eAAe,CAAC;YAC1D,IAAI,YAAgC,CAAC;YAErC,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,MAAM,GAAG,aAAa,CAAC,aAAa,CAAC,CAAC;gBAC5C,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC;gBAE7B,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBACpB,0BAA0B;oBAC1B,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,6BAA6B,CAAC,CAAC;oBAC1D,cAAc,CAAC,OAAO,CAAC,CAAC;oBACxB,IAAI,aAAa,EAAE,CAAC;wBAClB,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,+BAA+B;oBAC/D,CAAC;oBACD,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;oBAC3C,OAAO;wBACL,OAAO,EAAE,KAAK;wBACd,MAAM;wBACN,IAAI;wBACJ,OAAO,EAAE,kBAAkB,MAAM,CAAC,MAAM,EAAE;wBAC1C,UAAU,EAAE,IAAI;wBAChB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;qBACnC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,uBAAuB;YACvB,IAAI,iBAAsC,CAAC;YAC3C,IAAI,cAAc,EAAE,CAAC;gBACnB,iBAAiB,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;gBAEvD,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACvB,gCAAgC;oBAChC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,mCAAmC,CAAC,CAAC;oBAChE,cAAc,CAAC,OAAO,CAAC,CAAC;oBACxB,IAAI,aAAa,EAAE,CAAC;wBAClB,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,wBAAwB;oBACxD,CAAC;oBACD,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;oBACjD,OAAO;wBACL,OAAO,EAAE,KAAK;wBACd,MAAM;wBACN,IAAI;wBACJ,OAAO,EAAE,sCAAsC;wBAC/C,UAAU,EAAE,IAAI;wBAChB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;qBACnC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,+BAA+B;YAC/B,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,iBAAiB,CAAC,CAAC;YAE5D,iCAAiC;YACjC,MAAM,WAAW,CAAC,MAAM,EAAE,EAAE,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;YAE3D,+CAA+C;YAC/C,cAAc,CAAC,OAAO,CAAC,CAAC;YAExB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACxC,MAAM,OAAO,GAAG,aAAa,QAAQ,CAAC,OAAO,gBAAgB,QAAQ,CAAC,eAAe,IAAI,CAAC;YAE1F,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,eAAe,EAAE,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC;YAC9G,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAC1B,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAErC,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM;gBACN,IAAI;gBACJ,OAAO;gBACP,WAAW,EAAE,QAAQ,CAAC,iBAAiB;gBACvC,YAAY;gBACZ,YAAY;gBACZ,iBAAiB;gBACjB,UAAU,EAAE,QAAQ;aACrB,CAAC;QACJ,CAAC;QAAC,OAAO,SAAS,EAAE,CAAC;YACnB,qCAAqC;YACrC,GAAG,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,SAAS,EAAE,EAAE,iCAAiC,CAAC,CAAC;YAC/E,cAAc,CAAC,OAAO,CAAC,CAAC;YACxB,MAAM,SAAS,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QACxC,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,GAAG,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE,+BAA+B,CAAC,CAAC;QAC5E,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACnC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM;YACN,IAAI;YACJ,OAAO;YACP,UAAU,EAAE,QAAQ;SACrB,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,QAAiB,KAAK;IAChE,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,4BAA4B,CAAC,CAAC;IAEhF,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrB,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,YAAY,EAAE,CAAC;QACjB,CAAC;aAAM,CAAC;YACN,UAAU,EAAE,CAAC;QACf,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,gBAAgB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;IAC3C,OAAO,CAAC,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAE/C,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,qBAAqB,CAAC,CAAC;IAE7G,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/lib/health.d.ts

@@ -0,0 +1,68 @@
+import http from 'node:http';
+export interface HealthStatus {
+    status: 'healthy' | 'degraded' | 'unhealthy';
+    timestamp: string;
+    uptime: number;
+    version: string;
+    websocket: {
+        certificates: {
+            connected: boolean;
+            lastEvent?: string;
+        };
+        secrets: {
+            connected: boolean;
+            lastEvent?: string;
+        };
+    };
+    vault: {
+        url: string;
+        reachable: boolean;
+    };
+    certificates: {
+        total: number;
+        synced: number;
+        errors: number;
+    };
+    secrets: {
+        total: number;
+        synced: number;
+        errors: number;
+    };
+}
+/**
+ * Update WebSocket connection status for certificates
+ */
+export declare function setWebSocketStatus(connected: boolean, eventTime?: Date): void;
+/**
+ * Update WebSocket connection status for secrets
+ */
+export declare function setSecretWebSocketStatus(connected: boolean, eventTime?: Date): void;
+/**
+ * Update vault reachability status
+ */
+export declare function setVaultReachable(reachable: boolean): void;
+/**
+ * Update certificate sync status
+ */
+export declare function updateCertStatus(synced: number, errors: number): void;
+/**
+ * Update secret sync status
+ */
+export declare function updateSecretStatus(synced: number, errors: number): void;
+/**
+ * Get current health status
+ */
+export declare function getHealthStatus(): HealthStatus;
+/**
+ * Start the health HTTP server
+ */
+export declare function startHealthServer(port?: number): Promise<http.Server>;
+/**
+ * Stop the health HTTP server
+ */
+export declare function stopHealthServer(): Promise<void>;
+/**
+ * Check if health server is running
+ */
+export declare function isHealthServerRunning(): boolean;
+//# sourceMappingURL=health.d.ts.map

package/dist/lib/health.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../src/lib/health.ts"],"names":[],"mappings":"AAGA,OAAO,IAAI,MAAM,WAAW,CAAC;AAK7B,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;IAC7C,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE;QACT,YAAY,EAAE;YAAE,SAAS,EAAE,OAAO,CAAC;YAAC,SAAS,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QACzD,OAAO,EAAE;YAAE,SAAS,EAAE,OAAO,CAAC;YAAC,SAAS,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;KACrD,CAAC;IACF,KAAK,EAAE;QACL,GAAG,EAAE,MAAM,CAAC;QACZ,SAAS,EAAE,OAAO,CAAC;KACpB,CAAC;IACF,YAAY,EAAE;QACZ,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,OAAO,EAAE;QACP,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAcD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAK7E;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAKnF;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,OAAO,GAAG,IAAI,CAE1D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAGrE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAGvE;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,YAAY,CAoD9C;AAmED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,GAAE,MAAa,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAwB3E;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC,CAiBhD;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,OAAO,CAE/C"}