aws-cdk 2.1000.0 → 2.1000.2

package/lib/api/environment/environment-resources.js

@@ -0,0 +1,209 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NoBootstrapStackEnvironmentResources = exports.EnvironmentResources = exports.EnvironmentResourcesRegistry = void 0;
+const messages_1 = require("../../cli/messages");
+const notices_1 = require("../../notices");
+const error_1 = require("../../toolkit/error");
+const error_2 = require("../../util/error");
+const toolkit_info_1 = require("../toolkit-info");
+/**
+ * Registry class for `EnvironmentResources`.
+ *
+ * The state management of this class is a bit non-standard. We want to cache
+ * data related to toolkit stacks and SSM parameters, but we are not in charge
+ * of ensuring caching of SDKs. Since `EnvironmentResources` needs an SDK to
+ * function, we treat it as an ephemeral class, and store the actual cached data
+ * in `EnvironmentResourcesRegistry`.
+ */
+class EnvironmentResourcesRegistry {
+    constructor(toolkitStackName) {
+        this.toolkitStackName = toolkitStackName;
+        this.cache = new Map();
+    }
+    for(resolvedEnvironment, sdk, msg) {
+        const key = `${resolvedEnvironment.account}:${resolvedEnvironment.region}`;
+        let envCache = this.cache.get(key);
+        if (!envCache) {
+            envCache = emptyCache();
+            this.cache.set(key, envCache);
+        }
+        return new EnvironmentResources(resolvedEnvironment, sdk, msg, envCache, this.toolkitStackName);
+    }
+}
+exports.EnvironmentResourcesRegistry = EnvironmentResourcesRegistry;
+/**
+ * Interface with the account and region we're deploying into
+ *
+ * Manages lookups for bootstrapped resources, falling back to the legacy "CDK Toolkit"
+ * original bootstrap stack if necessary.
+ *
+ * The state management of this class is a bit non-standard. We want to cache
+ * data related to toolkit stacks and SSM parameters, but we are not in charge
+ * of ensuring caching of SDKs. Since `EnvironmentResources` needs an SDK to
+ * function, we treat it as an ephemeral class, and store the actual cached data
+ * in `EnvironmentResourcesRegistry`.
+ */
+class EnvironmentResources {
+    constructor(environment, sdk, msg, cache, toolkitStackName) {
+        this.environment = environment;
+        this.sdk = sdk;
+        this.msg = msg;
+        this.cache = cache;
+        this.toolkitStackName = toolkitStackName;
+    }
+    /**
+     * Look up the toolkit for a given environment, using a given SDK
+     */
+    async lookupToolkit() {
+        if (!this.cache.toolkitInfo) {
+            this.cache.toolkitInfo = await toolkit_info_1.ToolkitInfo.lookup(this.environment, this.sdk, this.msg, this.toolkitStackName);
+        }
+        return this.cache.toolkitInfo;
+    }
+    /**
+     * Validate that the bootstrap stack version matches or exceeds the expected version
+     *
+     * Use the SSM parameter name to read the version number if given, otherwise use the version
+     * discovered on the bootstrap stack.
+     *
+     * Pass in the SSM parameter name so we can cache the lookups an don't need to do the same
+     * lookup again and again for every artifact.
+     */
+    async validateVersion(expectedVersion, ssmParameterName) {
+        if (expectedVersion === undefined) {
+            // No requirement
+            return;
+        }
+        const defExpectedVersion = expectedVersion;
+        if (ssmParameterName !== undefined) {
+            try {
+                doValidate(await this.versionFromSsmParameter(ssmParameterName), this.environment);
+                return;
+            }
+            catch (e) {
+                if (e.name !== 'AccessDeniedException') {
+                    throw e;
+                }
+                // This is a fallback! The bootstrap template that goes along with this change introduces
+                // a new 'ssm:GetParameter' permission, but when run using the previous bootstrap template we
+                // won't have the permissions yet to read the version, so we won't be able to show the
+                // message telling the user they need to update! When we see an AccessDeniedException, fall
+                // back to the version we read from Stack Outputs; but ONLY if the version we discovered via
+                // outputs is legitimately an old version. If it's newer than that, something else must be broken,
+                // so let it fail as it would if we didn't have this fallback.
+                const bootstrapStack = await this.lookupToolkit();
+                if (bootstrapStack.found && bootstrapStack.version < BOOTSTRAP_TEMPLATE_VERSION_INTRODUCING_GETPARAMETER) {
+                    await this.msg.ioHost.notify((0, messages_1.warn)(this.msg.action, `Could not read SSM parameter ${ssmParameterName}: ${(0, error_2.formatErrorMessage)(e)}, falling back to version from ${bootstrapStack}`));
+                    doValidate(bootstrapStack.version, this.environment);
+                    return;
+                }
+                throw new error_1.ToolkitError(`This CDK deployment requires bootstrap stack version '${expectedVersion}', but during the confirmation via SSM parameter ${ssmParameterName} the following error occurred: ${e}`);
+            }
+        }
+        // No SSM parameter
+        const bootstrapStack = await this.lookupToolkit();
+        doValidate(bootstrapStack.version, this.environment);
+        function doValidate(version, environment) {
+            const notices = notices_1.Notices.get();
+            if (notices) {
+                // if `Notices` hasn't been initialized there is probably a good
+                // reason for it. handle gracefully.
+                notices.addBootstrappedEnvironment({ bootstrapStackVersion: version, environment });
+            }
+            if (defExpectedVersion > version) {
+                throw new error_1.ToolkitError(`This CDK deployment requires bootstrap stack version '${expectedVersion}', found '${version}'. Please run 'cdk bootstrap'.`);
+            }
+        }
+    }
+    /**
+     * Read a version from an SSM parameter, cached
+     */
+    async versionFromSsmParameter(parameterName) {
+        var _a, _b;
+        const existing = this.cache.ssmParameters.get(parameterName);
+        if (existing !== undefined) {
+            return existing;
+        }
+        const ssm = this.sdk.ssm();
+        try {
+            const result = await ssm.getParameter({ Name: parameterName });
+            const asNumber = parseInt(`${(_a = result.Parameter) === null || _a === void 0 ? void 0 : _a.Value}`, 10);
+            if (isNaN(asNumber)) {
+                throw new error_1.ToolkitError(`SSM parameter ${parameterName} not a number: ${(_b = result.Parameter) === null || _b === void 0 ? void 0 : _b.Value}`);
+            }
+            this.cache.ssmParameters.set(parameterName, asNumber);
+            return asNumber;
+        }
+        catch (e) {
+            if (e.name === 'ParameterNotFound') {
+                throw new error_1.ToolkitError(`SSM parameter ${parameterName} not found. Has the environment been bootstrapped? Please run \'cdk bootstrap\' (see https://docs.aws.amazon.com/cdk/latest/guide/bootstrapping.html)`);
+            }
+            throw e;
+        }
+    }
+    async prepareEcrRepository(repositoryName) {
+        var _a, _b;
+        if (!this.sdk) {
+            throw new error_1.ToolkitError('ToolkitInfo needs to have been initialized with an sdk to call prepareEcrRepository');
+        }
+        const ecr = this.sdk.ecr();
+        // check if repo already exists
+        try {
+            await this.msg.ioHost.notify((0, messages_1.debug)(this.msg.action, `${repositoryName}: checking if ECR repository already exists`));
+            const describeResponse = await ecr.describeRepositories({
+                repositoryNames: [repositoryName],
+            });
+            const existingRepositoryUri = (_a = describeResponse.repositories[0]) === null || _a === void 0 ? void 0 : _a.repositoryUri;
+            if (existingRepositoryUri) {
+                return { repositoryUri: existingRepositoryUri };
+            }
+        }
+        catch (e) {
+            if (e.name !== 'RepositoryNotFoundException') {
+                throw e;
+            }
+        }
+        // create the repo (tag it so it will be easier to garbage collect in the future)
+        await this.msg.ioHost.notify((0, messages_1.debug)(this.msg.action, `${repositoryName}: creating ECR repository`));
+        const assetTag = { Key: 'awscdk:asset', Value: 'true' };
+        const response = await ecr.createRepository({
+            repositoryName,
+            tags: [assetTag],
+        });
+        const repositoryUri = (_b = response.repository) === null || _b === void 0 ? void 0 : _b.repositoryUri;
+        if (!repositoryUri) {
+            throw new error_1.ToolkitError(`CreateRepository did not return a repository URI for ${repositoryUri}`);
+        }
+        // configure image scanning on push (helps in identifying software vulnerabilities, no additional charge)
+        await this.msg.ioHost.notify((0, messages_1.debug)(this.msg.action, `${repositoryName}: enable image scanning`));
+        await ecr.putImageScanningConfiguration({
+            repositoryName,
+            imageScanningConfiguration: { scanOnPush: true },
+        });
+        return { repositoryUri };
+    }
+}
+exports.EnvironmentResources = EnvironmentResources;
+class NoBootstrapStackEnvironmentResources extends EnvironmentResources {
+    constructor(environment, sdk, msg) {
+        super(environment, sdk, msg, emptyCache());
+    }
+    /**
+     * Look up the toolkit for a given environment, using a given SDK
+     */
+    async lookupToolkit() {
+        throw new error_1.ToolkitError('Trying to perform an operation that requires a bootstrap stack; you should not see this error, this is a bug in the CDK CLI.');
+    }
+}
+exports.NoBootstrapStackEnvironmentResources = NoBootstrapStackEnvironmentResources;
+function emptyCache() {
+    return {
+        ssmParameters: new Map(),
+        toolkitInfo: undefined,
+    };
+}
+/**
+ * The bootstrap template version that introduced ssm:GetParameter
+ */
+const BOOTSTRAP_TEMPLATE_VERSION_INTRODUCING_GETPARAMETER = 5;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW52aXJvbm1lbnQtcmVzb3VyY2VzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiZW52aXJvbm1lbnQtcmVzb3VyY2VzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLGlEQUFpRDtBQUNqRCwyQ0FBd0M7QUFFeEMsK0NBQW1EO0FBQ25ELDRDQUFzRDtBQUV0RCxrREFBc0U7QUFFdEU7Ozs7Ozs7O0dBUUc7QUFDSCxNQUFhLDRCQUE0QjtJQUd2QyxZQUE2QixnQkFBeUI7UUFBekIscUJBQWdCLEdBQWhCLGdCQUFnQixDQUFTO1FBRnJDLFVBQUssR0FBRyxJQUFJLEdBQUcsRUFBNEIsQ0FBQztJQUVKLENBQUM7SUFFbkQsR0FBRyxDQUFDLG1CQUFnQyxFQUFFLEdBQVEsRUFBRSxHQUFnQjtRQUNyRSxNQUFNLEdBQUcsR0FBRyxHQUFHLG1CQUFtQixDQUFDLE9BQU8sSUFBSSxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUMzRSxJQUFJLFFBQVEsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNuQyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDZCxRQUFRLEdBQUcsVUFBVSxFQUFFLENBQUM7WUFDeEIsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ2hDLENBQUM7UUFDRCxPQUFPLElBQUksb0JBQW9CLENBQUMsbUJBQW1CLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxRQUFRLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFDbEcsQ0FBQztDQUNGO0FBZEQsb0VBY0M7QUFFRDs7Ozs7Ozs7Ozs7R0FXRztBQUNILE1BQWEsb0JBQW9CO0lBQy9CLFlBQ2tCLFdBQXdCLEVBQ3ZCLEdBQVEsRUFDUixHQUFnQixFQUNoQixLQUF1QixFQUN2QixnQkFBeUI7UUFKMUIsZ0JBQVcsR0FBWCxXQUFXLENBQWE7UUFDdkIsUUFBRyxHQUFILEdBQUcsQ0FBSztRQUNSLFFBQUcsR0FBSCxHQUFHLENBQWE7UUFDaEIsVUFBSyxHQUFMLEtBQUssQ0FBa0I7UUFDdkIscUJBQWdCLEdBQWhCLGdCQUFnQixDQUFTO0lBQ3pDLENBQUM7SUFFSjs7T0FFRztJQUNJLEtBQUssQ0FBQyxhQUFhO1FBQ3hCLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQzVCLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVyxHQUFHLE1BQU0sMEJBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxJQUFJLENBQUMsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixDQUFDLENBQUM7UUFDakgsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0ksS0FBSyxDQUFDLGVBQWUsQ0FBQyxlQUFtQyxFQUFFLGdCQUFvQztRQUNwRyxJQUFJLGVBQWUsS0FBSyxTQUFTLEVBQUUsQ0FBQztZQUNsQyxpQkFBaUI7WUFDakIsT0FBTztRQUNULENBQUM7UUFDRCxNQUFNLGtCQUFrQixHQUFHLGVBQWUsQ0FBQztRQUUzQyxJQUFJLGdCQUFnQixLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQ25DLElBQUksQ0FBQztnQkFDSCxVQUFVLENBQUMsTUFBTSxJQUFJLENBQUMsdUJBQXVCLENBQUMsZ0JBQWdCLENBQUMsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7Z0JBQ25GLE9BQU87WUFDVCxDQUFDO1lBQUMsT0FBTyxDQUFNLEVBQUUsQ0FBQztnQkFDaEIsSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLHVCQUF1QixFQUFFLENBQUM7b0JBQ3ZDLE1BQU0sQ0FBQyxDQUFDO2dCQUNWLENBQUM7Z0JBRUQseUZBQXlGO2dCQUN6Riw2RkFBNkY7Z0JBQzdGLHNGQUFzRjtnQkFDdEYsMkZBQTJGO2dCQUMzRiw0RkFBNEY7Z0JBQzVGLGtHQUFrRztnQkFDbEcsOERBQThEO2dCQUM5RCxNQUFNLGNBQWMsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztnQkFDbEQsSUFBSSxjQUFjLENBQUMsS0FBSyxJQUFJLGNBQWMsQ0FBQyxPQUFPLEdBQUcsbURBQW1ELEVBQUUsQ0FBQztvQkFDekcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBQSxlQUFJLEVBQy9CLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUNmLGdDQUFnQyxnQkFBZ0IsS0FBSyxJQUFBLDBCQUFrQixFQUFDLENBQUMsQ0FBQyxrQ0FBa0MsY0FBYyxFQUFFLENBQzdILENBQUMsQ0FBQztvQkFDSCxVQUFVLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7b0JBQ3JELE9BQU87Z0JBQ1QsQ0FBQztnQkFFRCxNQUFNLElBQUksb0JBQVksQ0FDcEIseURBQXlELGVBQWUsb0RBQW9ELGdCQUFnQixrQ0FBa0MsQ0FBQyxFQUFFLENBQ2xMLENBQUM7WUFDSixDQUFDO1FBQ0gsQ0FBQztRQUVELG1CQUFtQjtRQUNuQixNQUFNLGNBQWMsR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztRQUNsRCxVQUFVLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFckQsU0FBUyxVQUFVLENBQUMsT0FBZSxFQUFFLFdBQXdCO1lBQzNELE1BQU0sT0FBTyxHQUFHLGlCQUFPLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDOUIsSUFBSSxPQUFPLEVBQUUsQ0FBQztnQkFDWixnRUFBZ0U7Z0JBQ2hFLG9DQUFvQztnQkFDcEMsT0FBTyxDQUFDLDBCQUEwQixDQUFDLEVBQUUscUJBQXFCLEVBQUUsT0FBTyxFQUFFLFdBQVcsRUFBRSxDQUFDLENBQUM7WUFDdEYsQ0FBQztZQUNELElBQUksa0JBQWtCLEdBQUcsT0FBTyxFQUFFLENBQUM7Z0JBQ2pDLE1BQU0sSUFBSSxvQkFBWSxDQUNwQix5REFBeUQsZUFBZSxhQUFhLE9BQU8sZ0NBQWdDLENBQzdILENBQUM7WUFDSixDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNJLEtBQUssQ0FBQyx1QkFBdUIsQ0FBQyxhQUFxQjs7UUFDeEQsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxhQUFhLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQzdELElBQUksUUFBUSxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQzNCLE9BQU8sUUFBUSxDQUFDO1FBQ2xCLENBQUM7UUFFRCxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBRTNCLElBQUksQ0FBQztZQUNILE1BQU0sTUFBTSxHQUFHLE1BQU0sR0FBRyxDQUFDLFlBQVksQ0FBQyxFQUFFLElBQUksRUFBRSxhQUFhLEVBQUUsQ0FBQyxDQUFDO1lBRS9ELE1BQU0sUUFBUSxHQUFHLFFBQVEsQ0FBQyxHQUFHLE1BQUEsTUFBTSxDQUFDLFNBQVMsMENBQUUsS0FBSyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFDNUQsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztnQkFDcEIsTUFBTSxJQUFJLG9CQUFZLENBQUMsaUJBQWlCLGFBQWEsa0JBQWtCLE1BQUEsTUFBTSxDQUFDLFNBQVMsMENBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztZQUNwRyxDQUFDO1lBRUQsSUFBSSxDQUFDLEtBQUssQ0FBQyxhQUFhLENBQUMsR0FBRyxDQUFDLGFBQWEsRUFBRSxRQUFRLENBQUMsQ0FBQztZQUN0RCxPQUFPLFFBQVEsQ0FBQztRQUNsQixDQUFDO1FBQUMsT0FBTyxDQUFNLEVBQUUsQ0FBQztZQUNoQixJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssbUJBQW1CLEVBQUUsQ0FBQztnQkFDbkMsTUFBTSxJQUFJLG9CQUFZLENBQ3BCLGlCQUFpQixhQUFhLHVKQUF1SixDQUN0TCxDQUFDO1lBQ0osQ0FBQztZQUNELE1BQU0sQ0FBQyxDQUFDO1FBQ1YsQ0FBQztJQUNILENBQUM7SUFFTSxLQUFLLENBQUMsb0JBQW9CLENBQUMsY0FBc0I7O1FBQ3RELElBQUksQ0FBQyxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDZCxNQUFNLElBQUksb0JBQVksQ0FBQyxxRkFBcUYsQ0FBQyxDQUFDO1FBQ2hILENBQUM7UUFDRCxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBRTNCLCtCQUErQjtRQUMvQixJQUFJLENBQUM7WUFDSCxNQUFNLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFBLGdCQUFLLEVBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsR0FBRyxjQUFjLDZDQUE2QyxDQUFDLENBQUMsQ0FBQztZQUNySCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sR0FBRyxDQUFDLG9CQUFvQixDQUFDO2dCQUN0RCxlQUFlLEVBQUUsQ0FBQyxjQUFjLENBQUM7YUFDbEMsQ0FBQyxDQUFDO1lBQ0gsTUFBTSxxQkFBcUIsR0FBRyxNQUFBLGdCQUFnQixDQUFDLFlBQWEsQ0FBQyxDQUFDLENBQUMsMENBQUUsYUFBYSxDQUFDO1lBQy9FLElBQUkscUJBQXFCLEVBQUUsQ0FBQztnQkFDMUIsT0FBTyxFQUFFLGFBQWEsRUFBRSxxQkFBcUIsRUFBRSxDQUFDO1lBQ2xELENBQUM7UUFDSCxDQUFDO1FBQUMsT0FBTyxDQUFNLEVBQUUsQ0FBQztZQUNoQixJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssNkJBQTZCLEVBQUUsQ0FBQztnQkFDN0MsTUFBTSxDQUFDLENBQUM7WUFDVixDQUFDO1FBQ0gsQ0FBQztRQUVELGlGQUFpRjtRQUNqRixNQUFNLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFBLGdCQUFLLEVBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsR0FBRyxjQUFjLDJCQUEyQixDQUFDLENBQUMsQ0FBQztRQUNuRyxNQUFNLFFBQVEsR0FBRyxFQUFFLEdBQUcsRUFBRSxjQUFjLEVBQUUsS0FBSyxFQUFFLE1BQU0sRUFBRSxDQUFDO1FBQ3hELE1BQU0sUUFBUSxHQUFHLE1BQU0sR0FBRyxDQUFDLGdCQUFnQixDQUFDO1lBQzFDLGNBQWM7WUFDZCxJQUFJLEVBQUUsQ0FBQyxRQUFRLENBQUM7U0FDakIsQ0FBQyxDQUFDO1FBQ0gsTUFBTSxhQUFhLEdBQUcsTUFBQSxRQUFRLENBQUMsVUFBVSwwQ0FBRSxhQUFhLENBQUM7UUFDekQsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQ25CLE1BQU0sSUFBSSxvQkFBWSxDQUFDLHdEQUF3RCxhQUFhLEVBQUUsQ0FBQyxDQUFDO1FBQ2xHLENBQUM7UUFFRCx5R0FBeUc7UUFDekcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBQSxnQkFBSyxFQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLEdBQUcsY0FBYyx5QkFBeUIsQ0FBQyxDQUFDLENBQUM7UUFDakcsTUFBTSxHQUFHLENBQUMsNkJBQTZCLENBQUM7WUFDdEMsY0FBYztZQUNkLDBCQUEwQixFQUFFLEVBQUUsVUFBVSxFQUFFLElBQUksRUFBRTtTQUNqRCxDQUFDLENBQUM7UUFFSCxPQUFPLEVBQUUsYUFBYSxFQUFFLENBQUM7SUFDM0IsQ0FBQztDQUNGO0FBaEtELG9EQWdLQztBQUVELE1BQWEsb0NBQXFDLFNBQVEsb0JBQW9CO0lBQzVFLFlBQVksV0FBd0IsRUFBRSxHQUFRLEVBQUUsR0FBZ0I7UUFDOUQsS0FBSyxDQUFDLFdBQVcsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVEOztPQUVHO0lBQ0ksS0FBSyxDQUFDLGFBQWE7UUFDeEIsTUFBTSxJQUFJLG9CQUFZLENBQ3BCLDhIQUE4SCxDQUMvSCxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBYkQsb0ZBYUM7QUFZRCxTQUFTLFVBQVU7SUFDakIsT0FBTztRQUNMLGFBQWEsRUFBRSxJQUFJLEdBQUcsRUFBRTtRQUN4QixXQUFXLEVBQUUsU0FBUztLQUN2QixDQUFDO0FBQ0osQ0FBQztBQUVEOztHQUVHO0FBQ0gsTUFBTSxtREFBbUQsR0FBRyxDQUFDLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgdHlwZSB7IEVudmlyb25tZW50IH0gZnJvbSAnQGF3cy1jZGsvY3gtYXBpJztcbmltcG9ydCB7IGRlYnVnLCB3YXJuIH0gZnJvbSAnLi4vLi4vY2xpL21lc3NhZ2VzJztcbmltcG9ydCB7IE5vdGljZXMgfSBmcm9tICcuLi8uLi9ub3RpY2VzJztcbmltcG9ydCB7IElvTWVzc2FnaW5nIH0gZnJvbSAnLi4vLi4vdG9vbGtpdC9jbGktaW8taG9zdCc7XG5pbXBvcnQgeyBUb29sa2l0RXJyb3IgfSBmcm9tICcuLi8uLi90b29sa2l0L2Vycm9yJztcbmltcG9ydCB7IGZvcm1hdEVycm9yTWVzc2FnZSB9IGZyb20gJy4uLy4uL3V0aWwvZXJyb3InO1xuaW1wb3J0IHR5cGUgeyBTREsgfSBmcm9tICcuLi9hd3MtYXV0aCc7XG5pbXBvcnQgeyB0eXBlIEVjclJlcG9zaXRvcnlJbmZvLCBUb29sa2l0SW5mbyB9IGZyb20gJy4uL3Rvb2xraXQtaW5mbyc7XG5cbi8qKlxuICogUmVnaXN0cnkgY2xhc3MgZm9yIGBFbnZpcm9ubWVudFJlc291cmNlc2AuXG4gKlxuICogVGhlIHN0YXRlIG1hbmFnZW1lbnQgb2YgdGhpcyBjbGFzcyBpcyBhIGJpdCBub24tc3RhbmRhcmQuIFdlIHdhbnQgdG8gY2FjaGVcbiAqIGRhdGEgcmVsYXRlZCB0byB0b29sa2l0IHN0YWNrcyBhbmQgU1NNIHBhcmFtZXRlcnMsIGJ1dCB3ZSBhcmUgbm90IGluIGNoYXJnZVxuICogb2YgZW5zdXJpbmcgY2FjaGluZyBvZiBTREtzLiBTaW5jZSBgRW52aXJvbm1lbnRSZXNvdXJjZXNgIG5lZWRzIGFuIFNESyB0b1xuICogZnVuY3Rpb24sIHdlIHRyZWF0IGl0IGFzIGFuIGVwaGVtZXJhbCBjbGFzcywgYW5kIHN0b3JlIHRoZSBhY3R1YWwgY2FjaGVkIGRhdGFcbiAqIGluIGBFbnZpcm9ubWVudFJlc291cmNlc1JlZ2lzdHJ5YC5cbiAqL1xuZXhwb3J0IGNsYXNzIEVudmlyb25tZW50UmVzb3VyY2VzUmVnaXN0cnkge1xuICBwcml2YXRlIHJlYWRvbmx5IGNhY2hlID0gbmV3IE1hcDxzdHJpbmcsIEVudmlyb25tZW50Q2FjaGU+KCk7XG5cbiAgY29uc3RydWN0b3IocHJpdmF0ZSByZWFkb25seSB0b29sa2l0U3RhY2tOYW1lPzogc3RyaW5nKSB7fVxuXG4gIHB1YmxpYyBmb3IocmVzb2x2ZWRFbnZpcm9ubWVudDogRW52aXJvbm1lbnQsIHNkazogU0RLLCBtc2c6IElvTWVzc2FnaW5nKSB7XG4gICAgY29uc3Qga2V5ID0gYCR7cmVzb2x2ZWRFbnZpcm9ubWVudC5hY2NvdW50fToke3Jlc29sdmVkRW52aXJvbm1lbnQucmVnaW9ufWA7XG4gICAgbGV0IGVudkNhY2hlID0gdGhpcy5jYWNoZS5nZXQoa2V5KTtcbiAgICBpZiAoIWVudkNhY2hlKSB7XG4gICAgICBlbnZDYWNoZSA9IGVtcHR5Q2FjaGUoKTtcbiAgICAgIHRoaXMuY2FjaGUuc2V0KGtleSwgZW52Q2FjaGUpO1xuICAgIH1cbiAgICByZXR1cm4gbmV3IEVudmlyb25tZW50UmVzb3VyY2VzKHJlc29sdmVkRW52aXJvbm1lbnQsIHNkaywgbXNnLCBlbnZDYWNoZSwgdGhpcy50b29sa2l0U3RhY2tOYW1lKTtcbiAgfVxufVxuXG4vKipcbiAqIEludGVyZmFjZSB3aXRoIHRoZSBhY2NvdW50IGFuZCByZWdpb24gd2UncmUgZGVwbG95aW5nIGludG9cbiAqXG4gKiBNYW5hZ2VzIGxvb2t1cHMgZm9yIGJvb3RzdHJhcHBlZCByZXNvdXJjZXMsIGZhbGxpbmcgYmFjayB0byB0aGUgbGVnYWN5IFwiQ0RLIFRvb2xraXRcIlxuICogb3JpZ2luYWwgYm9vdHN0cmFwIHN0YWNrIGlmIG5lY2Vzc2FyeS5cbiAqXG4gKiBUaGUgc3RhdGUgbWFuYWdlbWVudCBvZiB0aGlzIGNsYXNzIGlzIGEgYml0IG5vbi1zdGFuZGFyZC4gV2Ugd2FudCB0byBjYWNoZVxuICogZGF0YSByZWxhdGVkIHRvIHRvb2xraXQgc3RhY2tzIGFuZCBTU00gcGFyYW1ldGVycywgYnV0IHdlIGFyZSBub3QgaW4gY2hhcmdlXG4gKiBvZiBlbnN1cmluZyBjYWNoaW5nIG9mIFNES3MuIFNpbmNlIGBFbnZpcm9ubWVudFJlc291cmNlc2AgbmVlZHMgYW4gU0RLIHRvXG4gKiBmdW5jdGlvbiwgd2UgdHJlYXQgaXQgYXMgYW4gZXBoZW1lcmFsIGNsYXNzLCBhbmQgc3RvcmUgdGhlIGFjdHVhbCBjYWNoZWQgZGF0YVxuICogaW4gYEVudmlyb25tZW50UmVzb3VyY2VzUmVnaXN0cnlgLlxuICovXG5leHBvcnQgY2xhc3MgRW52aXJvbm1lbnRSZXNvdXJjZXMge1xuICBjb25zdHJ1Y3RvcihcbiAgICBwdWJsaWMgcmVhZG9ubHkgZW52aXJvbm1lbnQ6IEVudmlyb25tZW50LFxuICAgIHByaXZhdGUgcmVhZG9ubHkgc2RrOiBTREssXG4gICAgcHJpdmF0ZSByZWFkb25seSBtc2c6IElvTWVzc2FnaW5nLFxuICAgIHByaXZhdGUgcmVhZG9ubHkgY2FjaGU6IEVudmlyb25tZW50Q2FjaGUsXG4gICAgcHJpdmF0ZSByZWFkb25seSB0b29sa2l0U3RhY2tOYW1lPzogc3RyaW5nLFxuICApIHt9XG5cbiAgLyoqXG4gICAqIExvb2sgdXAgdGhlIHRvb2xraXQgZm9yIGEgZ2l2ZW4gZW52aXJvbm1lbnQsIHVzaW5nIGEgZ2l2ZW4gU0RLXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgbG9va3VwVG9vbGtpdCgpIHtcbiAgICBpZiAoIXRoaXMuY2FjaGUudG9vbGtpdEluZm8pIHtcbiAgICAgIHRoaXMuY2FjaGUudG9vbGtpdEluZm8gPSBhd2FpdCBUb29sa2l0SW5mby5sb29rdXAodGhpcy5lbnZpcm9ubWVudCwgdGhpcy5zZGssIHRoaXMubXNnLCB0aGlzLnRvb2xraXRTdGFja05hbWUpO1xuICAgIH1cbiAgICByZXR1cm4gdGhpcy5jYWNoZS50b29sa2l0SW5mbztcbiAgfVxuXG4gIC8qKlxuICAgKiBWYWxpZGF0ZSB0aGF0IHRoZSBib290c3RyYXAgc3RhY2sgdmVyc2lvbiBtYXRjaGVzIG9yIGV4Y2VlZHMgdGhlIGV4cGVjdGVkIHZlcnNpb25cbiAgICpcbiAgICogVXNlIHRoZSBTU00gcGFyYW1ldGVyIG5hbWUgdG8gcmVhZCB0aGUgdmVyc2lvbiBudW1iZXIgaWYgZ2l2ZW4sIG90aGVyd2lzZSB1c2UgdGhlIHZlcnNpb25cbiAgICogZGlzY292ZXJlZCBvbiB0aGUgYm9vdHN0cmFwIHN0YWNrLlxuICAgKlxuICAgKiBQYXNzIGluIHRoZSBTU00gcGFyYW1ldGVyIG5hbWUgc28gd2UgY2FuIGNhY2hlIHRoZSBsb29rdXBzIGFuIGRvbid0IG5lZWQgdG8gZG8gdGhlIHNhbWVcbiAgICogbG9va3VwIGFnYWluIGFuZCBhZ2FpbiBmb3IgZXZlcnkgYXJ0aWZhY3QuXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgdmFsaWRhdGVWZXJzaW9uKGV4cGVjdGVkVmVyc2lvbjogbnVtYmVyIHwgdW5kZWZpbmVkLCBzc21QYXJhbWV0ZXJOYW1lOiBzdHJpbmcgfCB1bmRlZmluZWQpIHtcbiAgICBpZiAoZXhwZWN0ZWRWZXJzaW9uID09PSB1bmRlZmluZWQpIHtcbiAgICAgIC8vIE5vIHJlcXVpcmVtZW50XG4gICAgICByZXR1cm47XG4gICAgfVxuICAgIGNvbnN0IGRlZkV4cGVjdGVkVmVyc2lvbiA9IGV4cGVjdGVkVmVyc2lvbjtcblxuICAgIGlmIChzc21QYXJhbWV0ZXJOYW1lICE9PSB1bmRlZmluZWQpIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGRvVmFsaWRhdGUoYXdhaXQgdGhpcy52ZXJzaW9uRnJvbVNzbVBhcmFtZXRlcihzc21QYXJhbWV0ZXJOYW1lKSwgdGhpcy5lbnZpcm9ubWVudCk7XG4gICAgICAgIHJldHVybjtcbiAgICAgIH0gY2F0Y2ggKGU6IGFueSkge1xuICAgICAgICBpZiAoZS5uYW1lICE9PSAnQWNjZXNzRGVuaWVkRXhjZXB0aW9uJykge1xuICAgICAgICAgIHRocm93IGU7XG4gICAgICAgIH1cblxuICAgICAgICAvLyBUaGlzIGlzIGEgZmFsbGJhY2shIFRoZSBib290c3RyYXAgdGVtcGxhdGUgdGhhdCBnb2VzIGFsb25nIHdpdGggdGhpcyBjaGFuZ2UgaW50cm9kdWNlc1xuICAgICAgICAvLyBhIG5ldyAnc3NtOkdldFBhcmFtZXRlcicgcGVybWlzc2lvbiwgYnV0IHdoZW4gcnVuIHVzaW5nIHRoZSBwcmV2aW91cyBib290c3RyYXAgdGVtcGxhdGUgd2VcbiAgICAgICAgLy8gd29uJ3QgaGF2ZSB0aGUgcGVybWlzc2lvbnMgeWV0IHRvIHJlYWQgdGhlIHZlcnNpb24sIHNvIHdlIHdvbid0IGJlIGFibGUgdG8gc2hvdyB0aGVcbiAgICAgICAgLy8gbWVzc2FnZSB0ZWxsaW5nIHRoZSB1c2VyIHRoZXkgbmVlZCB0byB1cGRhdGUhIFdoZW4gd2Ugc2VlIGFuIEFjY2Vzc0RlbmllZEV4Y2VwdGlvbiwgZmFsbFxuICAgICAgICAvLyBiYWNrIHRvIHRoZSB2ZXJzaW9uIHdlIHJlYWQgZnJvbSBTdGFjayBPdXRwdXRzOyBidXQgT05MWSBpZiB0aGUgdmVyc2lvbiB3ZSBkaXNjb3ZlcmVkIHZpYVxuICAgICAgICAvLyBvdXRwdXRzIGlzIGxlZ2l0aW1hdGVseSBhbiBvbGQgdmVyc2lvbi4gSWYgaXQncyBuZXdlciB0aGFuIHRoYXQsIHNvbWV0aGluZyBlbHNlIG11c3QgYmUgYnJva2VuLFxuICAgICAgICAvLyBzbyBsZXQgaXQgZmFpbCBhcyBpdCB3b3VsZCBpZiB3ZSBkaWRuJ3QgaGF2ZSB0aGlzIGZhbGxiYWNrLlxuICAgICAgICBjb25zdCBib290c3RyYXBTdGFjayA9IGF3YWl0IHRoaXMubG9va3VwVG9vbGtpdCgpO1xuICAgICAgICBpZiAoYm9vdHN0cmFwU3RhY2suZm91bmQgJiYgYm9vdHN0cmFwU3RhY2sudmVyc2lvbiA8IEJPT1RTVFJBUF9URU1QTEFURV9WRVJTSU9OX0lOVFJPRFVDSU5HX0dFVFBBUkFNRVRFUikge1xuICAgICAgICAgIGF3YWl0IHRoaXMubXNnLmlvSG9zdC5ub3RpZnkod2FybihcbiAgICAgICAgICAgIHRoaXMubXNnLmFjdGlvbixcbiAgICAgICAgICAgIGBDb3VsZCBub3QgcmVhZCBTU00gcGFyYW1ldGVyICR7c3NtUGFyYW1ldGVyTmFtZX06ICR7Zm9ybWF0RXJyb3JNZXNzYWdlKGUpfSwgZmFsbGluZyBiYWNrIHRvIHZlcnNpb24gZnJvbSAke2Jvb3RzdHJhcFN0YWNrfWAsXG4gICAgICAgICAgKSk7XG4gICAgICAgICAgZG9WYWxpZGF0ZShib290c3RyYXBTdGFjay52ZXJzaW9uLCB0aGlzLmVudmlyb25tZW50KTtcbiAgICAgICAgICByZXR1cm47XG4gICAgICAgIH1cblxuICAgICAgICB0aHJvdyBuZXcgVG9vbGtpdEVycm9yKFxuICAgICAgICAgIGBUaGlzIENESyBkZXBsb3ltZW50IHJlcXVpcmVzIGJvb3RzdHJhcCBzdGFjayB2ZXJzaW9uICcke2V4cGVjdGVkVmVyc2lvbn0nLCBidXQgZHVyaW5nIHRoZSBjb25maXJtYXRpb24gdmlhIFNTTSBwYXJhbWV0ZXIgJHtzc21QYXJhbWV0ZXJOYW1lfSB0aGUgZm9sbG93aW5nIGVycm9yIG9jY3VycmVkOiAke2V9YCxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9XG5cbiAgICAvLyBObyBTU00gcGFyYW1ldGVyXG4gICAgY29uc3QgYm9vdHN0cmFwU3RhY2sgPSBhd2FpdCB0aGlzLmxvb2t1cFRvb2xraXQoKTtcbiAgICBkb1ZhbGlkYXRlKGJvb3RzdHJhcFN0YWNrLnZlcnNpb24sIHRoaXMuZW52aXJvbm1lbnQpO1xuXG4gICAgZnVuY3Rpb24gZG9WYWxpZGF0ZSh2ZXJzaW9uOiBudW1iZXIsIGVudmlyb25tZW50OiBFbnZpcm9ubWVudCkge1xuICAgICAgY29uc3Qgbm90aWNlcyA9IE5vdGljZXMuZ2V0KCk7XG4gICAgICBpZiAobm90aWNlcykge1xuICAgICAgICAvLyBpZiBgTm90aWNlc2AgaGFzbid0IGJlZW4gaW5pdGlhbGl6ZWQgdGhlcmUgaXMgcHJvYmFibHkgYSBnb29kXG4gICAgICAgIC8vIHJlYXNvbiBmb3IgaXQuIGhhbmRsZSBncmFjZWZ1bGx5LlxuICAgICAgICBub3RpY2VzLmFkZEJvb3RzdHJhcHBlZEVudmlyb25tZW50KHsgYm9vdHN0cmFwU3RhY2tWZXJzaW9uOiB2ZXJzaW9uLCBlbnZpcm9ubWVudCB9KTtcbiAgICAgIH1cbiAgICAgIGlmIChkZWZFeHBlY3RlZFZlcnNpb24gPiB2ZXJzaW9uKSB7XG4gICAgICAgIHRocm93IG5ldyBUb29sa2l0RXJyb3IoXG4gICAgICAgICAgYFRoaXMgQ0RLIGRlcGxveW1lbnQgcmVxdWlyZXMgYm9vdHN0cmFwIHN0YWNrIHZlcnNpb24gJyR7ZXhwZWN0ZWRWZXJzaW9ufScsIGZvdW5kICcke3ZlcnNpb259Jy4gUGxlYXNlIHJ1biAnY2RrIGJvb3RzdHJhcCcuYCxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9XG4gIH1cblxuICAvKipcbiAgICogUmVhZCBhIHZlcnNpb24gZnJvbSBhbiBTU00gcGFyYW1ldGVyLCBjYWNoZWRcbiAgICovXG4gIHB1YmxpYyBhc3luYyB2ZXJzaW9uRnJvbVNzbVBhcmFtZXRlcihwYXJhbWV0ZXJOYW1lOiBzdHJpbmcpOiBQcm9taXNlPG51bWJlcj4ge1xuICAgIGNvbnN0IGV4aXN0aW5nID0gdGhpcy5jYWNoZS5zc21QYXJhbWV0ZXJzLmdldChwYXJhbWV0ZXJOYW1lKTtcbiAgICBpZiAoZXhpc3RpbmcgIT09IHVuZGVmaW5lZCkge1xuICAgICAgcmV0dXJuIGV4aXN0aW5nO1xuICAgIH1cblxuICAgIGNvbnN0IHNzbSA9IHRoaXMuc2RrLnNzbSgpO1xuXG4gICAgdHJ5IHtcbiAgICAgIGNvbnN0IHJlc3VsdCA9IGF3YWl0IHNzbS5nZXRQYXJhbWV0ZXIoeyBOYW1lOiBwYXJhbWV0ZXJOYW1lIH0pO1xuXG4gICAgICBjb25zdCBhc051bWJlciA9IHBhcnNlSW50KGAke3Jlc3VsdC5QYXJhbWV0ZXI/LlZhbHVlfWAsIDEwKTtcbiAgICAgIGlmIChpc05hTihhc051bWJlcikpIHtcbiAgICAgICAgdGhyb3cgbmV3IFRvb2xraXRFcnJvcihgU1NNIHBhcmFtZXRlciAke3BhcmFtZXRlck5hbWV9IG5vdCBhIG51bWJlcjogJHtyZXN1bHQuUGFyYW1ldGVyPy5WYWx1ZX1gKTtcbiAgICAgIH1cblxuICAgICAgdGhpcy5jYWNoZS5zc21QYXJhbWV0ZXJzLnNldChwYXJhbWV0ZXJOYW1lLCBhc051bWJlcik7XG4gICAgICByZXR1cm4gYXNOdW1iZXI7XG4gICAgfSBjYXRjaCAoZTogYW55KSB7XG4gICAgICBpZiAoZS5uYW1lID09PSAnUGFyYW1ldGVyTm90Rm91bmQnKSB7XG4gICAgICAgIHRocm93IG5ldyBUb29sa2l0RXJyb3IoXG4gICAgICAgICAgYFNTTSBwYXJhbWV0ZXIgJHtwYXJhbWV0ZXJOYW1lfSBub3QgZm91bmQuIEhhcyB0aGUgZW52aXJvbm1lbnQgYmVlbiBib290c3RyYXBwZWQ/IFBsZWFzZSBydW4gXFwnY2RrIGJvb3RzdHJhcFxcJyAoc2VlIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9jZGsvbGF0ZXN0L2d1aWRlL2Jvb3RzdHJhcHBpbmcuaHRtbClgLFxuICAgICAgICApO1xuICAgICAgfVxuICAgICAgdGhyb3cgZTtcbiAgICB9XG4gIH1cblxuICBwdWJsaWMgYXN5bmMgcHJlcGFyZUVjclJlcG9zaXRvcnkocmVwb3NpdG9yeU5hbWU6IHN0cmluZyk6IFByb21pc2U8RWNyUmVwb3NpdG9yeUluZm8+IHtcbiAgICBpZiAoIXRoaXMuc2RrKSB7XG4gICAgICB0aHJvdyBuZXcgVG9vbGtpdEVycm9yKCdUb29sa2l0SW5mbyBuZWVkcyB0byBoYXZlIGJlZW4gaW5pdGlhbGl6ZWQgd2l0aCBhbiBzZGsgdG8gY2FsbCBwcmVwYXJlRWNyUmVwb3NpdG9yeScpO1xuICAgIH1cbiAgICBjb25zdCBlY3IgPSB0aGlzLnNkay5lY3IoKTtcblxuICAgIC8vIGNoZWNrIGlmIHJlcG8gYWxyZWFkeSBleGlzdHNcbiAgICB0cnkge1xuICAgICAgYXdhaXQgdGhpcy5tc2cuaW9Ib3N0Lm5vdGlmeShkZWJ1Zyh0aGlzLm1zZy5hY3Rpb24sIGAke3JlcG9zaXRvcnlOYW1lfTogY2hlY2tpbmcgaWYgRUNSIHJlcG9zaXRvcnkgYWxyZWFkeSBleGlzdHNgKSk7XG4gICAgICBjb25zdCBkZXNjcmliZVJlc3BvbnNlID0gYXdhaXQgZWNyLmRlc2NyaWJlUmVwb3NpdG9yaWVzKHtcbiAgICAgICAgcmVwb3NpdG9yeU5hbWVzOiBbcmVwb3NpdG9yeU5hbWVdLFxuICAgICAgfSk7XG4gICAgICBjb25zdCBleGlzdGluZ1JlcG9zaXRvcnlVcmkgPSBkZXNjcmliZVJlc3BvbnNlLnJlcG9zaXRvcmllcyFbMF0/LnJlcG9zaXRvcnlVcmk7XG4gICAgICBpZiAoZXhpc3RpbmdSZXBvc2l0b3J5VXJpKSB7XG4gICAgICAgIHJldHVybiB7IHJlcG9zaXRvcnlVcmk6IGV4aXN0aW5nUmVwb3NpdG9yeVVyaSB9O1xuICAgICAgfVxuICAgIH0gY2F0Y2ggKGU6IGFueSkge1xuICAgICAgaWYgKGUubmFtZSAhPT0gJ1JlcG9zaXRvcnlOb3RGb3VuZEV4Y2VwdGlvbicpIHtcbiAgICAgICAgdGhyb3cgZTtcbiAgICAgIH1cbiAgICB9XG5cbiAgICAvLyBjcmVhdGUgdGhlIHJlcG8gKHRhZyBpdCBzbyBpdCB3aWxsIGJlIGVhc2llciB0byBnYXJiYWdlIGNvbGxlY3QgaW4gdGhlIGZ1dHVyZSlcbiAgICBhd2FpdCB0aGlzLm1zZy5pb0hvc3Qubm90aWZ5KGRlYnVnKHRoaXMubXNnLmFjdGlvbiwgYCR7cmVwb3NpdG9yeU5hbWV9OiBjcmVhdGluZyBFQ1IgcmVwb3NpdG9yeWApKTtcbiAgICBjb25zdCBhc3NldFRhZyA9IHsgS2V5OiAnYXdzY2RrOmFzc2V0JywgVmFsdWU6ICd0cnVlJyB9O1xuICAgIGNvbnN0IHJlc3BvbnNlID0gYXdhaXQgZWNyLmNyZWF0ZVJlcG9zaXRvcnkoe1xuICAgICAgcmVwb3NpdG9yeU5hbWUsXG4gICAgICB0YWdzOiBbYXNzZXRUYWddLFxuICAgIH0pO1xuICAgIGNvbnN0IHJlcG9zaXRvcnlVcmkgPSByZXNwb25zZS5yZXBvc2l0b3J5Py5yZXBvc2l0b3J5VXJpO1xuICAgIGlmICghcmVwb3NpdG9yeVVyaSkge1xuICAgICAgdGhyb3cgbmV3IFRvb2xraXRFcnJvcihgQ3JlYXRlUmVwb3NpdG9yeSBkaWQgbm90IHJldHVybiBhIHJlcG9zaXRvcnkgVVJJIGZvciAke3JlcG9zaXRvcnlVcml9YCk7XG4gICAgfVxuXG4gICAgLy8gY29uZmlndXJlIGltYWdlIHNjYW5uaW5nIG9uIHB1c2ggKGhlbHBzIGluIGlkZW50aWZ5aW5nIHNvZnR3YXJlIHZ1bG5lcmFiaWxpdGllcywgbm8gYWRkaXRpb25hbCBjaGFyZ2UpXG4gICAgYXdhaXQgdGhpcy5tc2cuaW9Ib3N0Lm5vdGlmeShkZWJ1Zyh0aGlzLm1zZy5hY3Rpb24sIGAke3JlcG9zaXRvcnlOYW1lfTogZW5hYmxlIGltYWdlIHNjYW5uaW5nYCkpO1xuICAgIGF3YWl0IGVjci5wdXRJbWFnZVNjYW5uaW5nQ29uZmlndXJhdGlvbih7XG4gICAgICByZXBvc2l0b3J5TmFtZSxcbiAgICAgIGltYWdlU2Nhbm5pbmdDb25maWd1cmF0aW9uOiB7IHNjYW5PblB1c2g6IHRydWUgfSxcbiAgICB9KTtcblxuICAgIHJldHVybiB7IHJlcG9zaXRvcnlVcmkgfTtcbiAgfVxufVxuXG5leHBvcnQgY2xhc3MgTm9Cb290c3RyYXBTdGFja0Vudmlyb25tZW50UmVzb3VyY2VzIGV4dGVuZHMgRW52aXJvbm1lbnRSZXNvdXJjZXMge1xuICBjb25zdHJ1Y3RvcihlbnZpcm9ubWVudDogRW52aXJvbm1lbnQsIHNkazogU0RLLCBtc2c6IElvTWVzc2FnaW5nKSB7XG4gICAgc3VwZXIoZW52aXJvbm1lbnQsIHNkaywgbXNnLCBlbXB0eUNhY2hlKCkpO1xuICB9XG5cbiAgLyoqXG4gICAqIExvb2sgdXAgdGhlIHRvb2xraXQgZm9yIGEgZ2l2ZW4gZW52aXJvbm1lbnQsIHVzaW5nIGEgZ2l2ZW4gU0RLXG4gICAqL1xuICBwdWJsaWMgYXN5bmMgbG9va3VwVG9vbGtpdCgpOiBQcm9taXNlPFRvb2xraXRJbmZvPiB7XG4gICAgdGhyb3cgbmV3IFRvb2xraXRFcnJvcihcbiAgICAgICdUcnlpbmcgdG8gcGVyZm9ybSBhbiBvcGVyYXRpb24gdGhhdCByZXF1aXJlcyBhIGJvb3RzdHJhcCBzdGFjazsgeW91IHNob3VsZCBub3Qgc2VlIHRoaXMgZXJyb3IsIHRoaXMgaXMgYSBidWcgaW4gdGhlIENESyBDTEkuJyxcbiAgICApO1xuICB9XG59XG5cbi8qKlxuICogRGF0YSB0aGF0IGlzIGNhY2hlZCBvbiBhIHBlci1lbnZpcm9ubWVudCBsZXZlbFxuICpcbiAqIFRoaXMgY2FjaGUgbWF5IGJlIHNoYXJlZCBiZXR3ZWVuIGRpZmZlcmVudCBpbnN0YW5jZXMgb2YgdGhlIGBFbnZpcm9ubWVudFJlc291cmNlc2AgY2xhc3MuXG4gKi9cbmludGVyZmFjZSBFbnZpcm9ubWVudENhY2hlIHtcbiAgcmVhZG9ubHkgc3NtUGFyYW1ldGVyczogTWFwPHN0cmluZywgbnVtYmVyPjtcbiAgdG9vbGtpdEluZm8/OiBUb29sa2l0SW5mbztcbn1cblxuZnVuY3Rpb24gZW1wdHlDYWNoZSgpOiBFbnZpcm9ubWVudENhY2hlIHtcbiAgcmV0dXJuIHtcbiAgICBzc21QYXJhbWV0ZXJzOiBuZXcgTWFwKCksXG4gICAgdG9vbGtpdEluZm86IHVuZGVmaW5lZCxcbiAgfTtcbn1cblxuLyoqXG4gKiBUaGUgYm9vdHN0cmFwIHRlbXBsYXRlIHZlcnNpb24gdGhhdCBpbnRyb2R1Y2VkIHNzbTpHZXRQYXJhbWV0ZXJcbiAqL1xuY29uc3QgQk9PVFNUUkFQX1RFTVBMQVRFX1ZFUlNJT05fSU5UUk9EVUNJTkdfR0VUUEFSQU1FVEVSID0gNTtcbiJdfQ==

package/lib/api/environment/index.d.ts

@@ -0,0 +1,2 @@
+export * from './environment-access';
+export * from './environment-resources';

package/lib/api/environment/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./environment-access"), exports);
+__exportStar(require("./environment-resources"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsdURBQXFDO0FBQ3JDLDBEQUF3QyIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gJy4vZW52aXJvbm1lbnQtYWNjZXNzJztcbmV4cG9ydCAqIGZyb20gJy4vZW52aXJvbm1lbnQtcmVzb3VyY2VzJztcbiJdfQ==

package/lib/api/garbage-collection/garbage-collector.d.ts

@@ -2,6 +2,7 @@ import * as cxapi from '@aws-cdk/cx-api';
 import { Tag } from '@aws-sdk/client-s3';
 import { IS3Client, SDK, SdkProvider } from '../aws-auth';
 import { ActiveAssetCache, BackgroundStackRefresh } from './stack-refresh';
+import { IoMessaging } from '../../toolkit/cli-io-host';
 export declare const S3_ISOLATED_TAG = "aws-cdk:isolated";
 export declare const ECR_ISOLATED_TAG = "aws-cdk.isolated";
 export type GcAsset = ImageAsset | ObjectAsset;
@@ -72,6 +73,10 @@ interface GarbageCollectorProps {
      * Will be used to make SDK calls to CloudFormation, S3, and ECR.
      */
     readonly sdkProvider: SdkProvider;
+    /**
+     * Used to send messages.
+     */
+    readonly msg: IoMessaging;
     /**
      * The name of the bootstrap stack to look for.
      *
@@ -96,6 +101,8 @@ export declare class GarbageCollector {
     private permissionToTag;
     private bootstrapStackName;
     private confirm;
+    private ioHost;
+    private action;
     constructor(props: GarbageCollectorProps);
     /**
      * Perform garbage collection on the resolved environment.