npm - cdk-ecr-deployment - Versions diffs - 3.3.1 → 4.0.1 - Mend

cdk-ecr-deployment 3.3.1 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

package/.jsii +26 -103
package/.jsii.tabl.json +1 -1
package/API.md +0 -59
package/README.md +7 -17
package/lib/index.d.ts +1 -29
package/lib/index.js +9 -26
package/package.json +1 -1
package/lambda-src/.dockerignore +0 -9
package/lambda-src/Dockerfile +0 -26
package/lambda-src/Makefile +0 -33
package/lambda-src/go.mod +0 -136
package/lambda-src/go.sum +0 -499
package/lambda-src/internal/iolimits/iolimits.go +0 -68
package/lambda-src/internal/iolimits/iolimits_test.go +0 -39
package/lambda-src/internal/tarfile/reader.go +0 -179
package/lambda-src/internal/tarfile/reader_test.go +0 -31
package/lambda-src/internal/tarfile/s3file.go +0 -363
package/lambda-src/internal/tarfile/s3file_test.go +0 -135
package/lambda-src/internal/tarfile/src.go +0 -328
package/lambda-src/internal/tarfile/types.go +0 -31
package/lambda-src/main.go +0 -176
package/lambda-src/main_test.go +0 -64
package/lambda-src/s3/src.go +0 -40
package/lambda-src/s3/transport.go +0 -149
package/lambda-src/s3/transport_test.go +0 -96
package/lambda-src/utils.go +0 -206
package/lambda-src/utils_test.go +0 -63
package/lib/config.d.ts +0 -1
package/lib/config.js +0 -12

package/lambda-src/s3/transport.go DELETED Viewed

@@ -1,149 +0,0 @@
-// Taken from https://github.com/containers/image
-// Modifications Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
-package s3
-import (
-	"cdk-ecr-deployment-handler/internal/tarfile"
-	"context"
-	"fmt"
-	"strconv"
-	"strings"
-	"github.com/pkg/errors"
-	"github.com/containers/image/v5/docker/reference"
-	"github.com/containers/image/v5/image"
-	"github.com/containers/image/v5/transports"
-	"github.com/containers/image/v5/types"
-)
-func init() {
-	transports.Register(Transport)
-}
-var Transport = &s3Transport{}
-type s3Transport struct{}
-func (t *s3Transport) Name() string {
-	return "s3"
-}
-func (t *s3Transport) ParseReference(reference string) (types.ImageReference, error) {
-	return ParseReference(reference)
-}
-func (t *s3Transport) ValidatePolicyConfigurationScope(scope string) error {
-	// See the explanation in archiveReference.PolicyConfigurationIdentity.
-	return errors.New(`s3: does not support any scopes except the default "" one`)
-}
-type s3ArchiveReference struct {
-	s3uri *tarfile.S3Uri
-	// May be nil to read the only image in an archive, or to create an untagged image.
-	ref reference.NamedTagged
-	// If not -1, a zero-based index of the image in the manifest. Valid only for sources.
-	// Must not be set if ref is set.
-	sourceIndex int
-}
-func ParseReference(refString string) (types.ImageReference, error) {
-	if refString == "" {
-		return nil, errors.New("s3 reference cannot be empty")
-	}
-	parts := strings.SplitN(refString, ":", 2)
-	s3uri, err := tarfile.ParseS3Uri("s3:" + parts[0])
-	if err != nil {
-		return nil, err
-	}
-	var nt reference.NamedTagged
-	sourceIndex := -1
-	if len(parts) == 2 {
-		// A :tag or :@index was specified.
-		if len(parts[1]) > 0 && parts[1][0] == '@' {
-			i, err := strconv.Atoi(parts[1][1:])
-			if err != nil {
-				return nil, errors.Wrapf(err, "Invalid source index %s", parts[1])
-			}
-			if i < 0 {
-				return nil, errors.Errorf("Invalid source index @%d: must not be negative", i)
-			}
-			sourceIndex = i
-		} else {
-			ref, err := reference.ParseNormalizedNamed(parts[1])
-			if err != nil {
-				return nil, errors.Wrapf(err, "s3 parsing reference")
-			}
-			ref = reference.TagNameOnly(ref)
-			refTagged, isTagged := ref.(reference.NamedTagged)
-			if !isTagged { // If ref contains a digest, TagNameOnly does not change it
-				return nil, errors.Errorf("reference does not include a tag: %s", ref.String())
-			}
-			nt = refTagged
-		}
-	}
-	return newReference(s3uri, nt, sourceIndex)
-}
-func newReference(s3uri *tarfile.S3Uri, ref reference.NamedTagged, sourceIndex int) (types.ImageReference, error) {
-	if ref != nil && sourceIndex != -1 {
-		return nil, errors.Errorf("Invalid s3: reference: cannot use both a tag and a source index")
-	}
-	if _, isDigest := ref.(reference.Canonical); isDigest {
-		return nil, errors.Errorf("s3 doesn't support digest references: %s", ref.String())
-	}
-	if sourceIndex != -1 && sourceIndex < 0 {
-		return nil, errors.Errorf("Invalid s3: reference: index @%d must not be negative", sourceIndex)
-	}
-	return &s3ArchiveReference{
-		s3uri:       s3uri,
-		ref:         ref,
-		sourceIndex: sourceIndex,
-	}, nil
-}
-func (r *s3ArchiveReference) Transport() types.ImageTransport {
-	return Transport
-}
-func (r *s3ArchiveReference) StringWithinTransport() string {
-	if r.s3uri.Key == "" {
-		return fmt.Sprintf("//%s", r.s3uri.Bucket)
-	}
-	return fmt.Sprintf("//%s/%s", r.s3uri.Bucket, r.s3uri.Key)
-}
-func (r *s3ArchiveReference) DockerReference() reference.Named {
-	return r.ref
-}
-func (r *s3ArchiveReference) PolicyConfigurationIdentity() string {
-	return ""
-}
-func (r *s3ArchiveReference) PolicyConfigurationNamespaces() []string {
-	return []string{}
-}
-func (r *s3ArchiveReference) NewImage(ctx context.Context, sys *types.SystemContext) (types.ImageCloser, error) {
-	src, err := newImageSource(ctx, sys, r)
-	if err != nil {
-		return nil, err
-	}
-	return image.FromSource(ctx, sys, src)
-}
-func (r *s3ArchiveReference) DeleteImage(ctx context.Context, sys *types.SystemContext) error {
-	return errors.New("deleting images not implemented for s3")
-}
-func (r *s3ArchiveReference) NewImageSource(ctx context.Context, sys *types.SystemContext) (types.ImageSource, error) {
-	return newImageSource(ctx, sys, r)
-}
-func (r *s3ArchiveReference) NewImageDestination(ctx context.Context, sys *types.SystemContext) (types.ImageDestination, error) {
-	return nil, fmt.Errorf(`s3 locations can only be read from, not written to`)
-}

package/lambda-src/s3/transport_test.go DELETED Viewed

@@ -1,96 +0,0 @@
-// Taken from https://github.com/containers/image
-// Modifications Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
-package s3
-import (
-	"testing"
-	"github.com/containers/image/v5/types"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-const (
-	sha256digestHex = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
-	sha256digest    = "@sha256:" + sha256digestHex
-	tarFixture      = "fixtures/almostempty.tar"
-)
-func TestTransportName(t *testing.T) {
-	assert.Equal(t, "s3", Transport.Name())
-}
-func TestTransportParseReference(t *testing.T) {
-	testParseReference(t, Transport.ParseReference)
-}
-func TestTransportValidatePolicyConfigurationScope(t *testing.T) {
-	for _, scope := range []string{ // A semi-representative assortment of values; everything is rejected.
-		"docker.io/library/busybox:notlatest",
-		"docker.io/library/busybox",
-		"docker.io/library",
-		"docker.io",
-		"",
-	} {
-		err := Transport.ValidatePolicyConfigurationScope(scope)
-		assert.Error(t, err, scope)
-	}
-}
-func TestParseReference(t *testing.T) {
-	testParseReference(t, ParseReference)
-}
-// testParseReference is a test shared for Transport.ParseReference and ParseReference.
-func testParseReference(t *testing.T, fn func(string) (types.ImageReference, error)) {
-	for _, c := range []struct {
-		input, expectedBucket, expectedKey, expectedRef string
-		expectedSourceIndex                             int
-	}{
-		{"", "", "", "", -1}, // Empty input is explicitly rejected
-		{"//bucket", "bucket", "", "", -1},
-		{"//bucket/a/b", "bucket", "a/b", "", -1},
-		{"//bucket/", "bucket", "", "", -1},
-		{"//hello.com/", "hello.com", "", "", -1},
-		{"//bucket", "bucket", "", "", -1},
-		{"//bucket:busybox:notlatest", "bucket", "", "docker.io/library/busybox:notlatest", -1}, // Explicit tag
-		{"//bucket:busybox" + sha256digest, "", "", "", -1},                                     // Digest references are forbidden
-		{"//bucket:busybox", "bucket", "", "docker.io/library/busybox:latest", -1},              // Default tag
-		// A github.com/distribution/reference value can have a tag and a digest at the same time!
-		{"//bucket:busybox:latest" + sha256digest, "", "", "", -1},                                          // Both tag and digest is rejected
-		{"//bucket:docker.io/library/busybox:latest", "bucket", "", "docker.io/library/busybox:latest", -1}, // All implied reference parts explicitly specified
-		{"//bucket:UPPERCASEISINVALID", "", "", "", -1},                                                     // Invalid reference format
-		{"//bucket:@", "", "", "", -1},                                                                      // Missing source index
-		{"//bucket:@0", "bucket", "", "", 0},                                                                // Valid source index
-		{"//bucket:@999999", "bucket", "", "", 999999},                                                      // Valid source index
-		{"//bucket:@-2", "", "", "", -1},                                                                    // Negative source index
-		{"//bucket:@-1", "", "", "", -1},                                                                    // Negative source index, using the placeholder value
-		{"//bucket:busybox@0", "", "", "", -1},                                                              // References and source indices can’t be combined.
-		{"//bucket:@0:busybox", "", "", "", -1},                                                             // References and source indices can’t be combined.
-	} {
-		ref, err := fn(c.input)
-		if c.expectedBucket == "" {
-			assert.Error(t, err, c.input)
-		} else {
-			require.NoError(t, err, c.input)
-			archiveRef, ok := ref.(*s3ArchiveReference)
-			require.True(t, ok, c.input)
-			assert.Equal(t, c.expectedBucket, archiveRef.s3uri.Bucket, c.input)
-			assert.Equal(t, c.expectedKey, archiveRef.s3uri.Key, c.input)
-			if c.expectedRef == "" {
-				assert.Nil(t, archiveRef.ref, c.input)
-			} else {
-				require.NotNil(t, archiveRef.ref, c.input)
-				assert.Equal(t, c.expectedRef, archiveRef.ref.String(), c.input)
-			}
-			assert.Equal(t, c.expectedSourceIndex, archiveRef.sourceIndex, c.input)
-		}
-	}
-}
-func TestReferenceTransport(t *testing.T) {
-	ref, err := ParseReference("//bucket/archive.tar:nginx:latest")
-	require.NoError(t, err)
-	assert.Equal(t, Transport, ref.Transport())
-}

package/lambda-src/utils.go DELETED Viewed

@@ -1,206 +0,0 @@
-// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
-// SPDX-License-Identifier: Apache-2.0
-package main
-import (
-	"context"
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"log"
-	"regexp"
-	"strings"
-	"time"
-	"github.com/aws/aws-sdk-go-v2/aws"
-	"github.com/aws/aws-sdk-go-v2/config"
-	"github.com/aws/aws-sdk-go-v2/service/ecr"
-	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
-	"github.com/containers/image/v5/types"
-)
-const (
-	SRC_IMAGE  string = "SrcImage"
-	DEST_IMAGE string = "DestImage"
-	IMAGE_ARCH string = "ImageArch"
-	SRC_CREDS  string = "SrcCreds"
-	DEST_CREDS string = "DestCreds"
-)
-type ECRAuth struct {
-	Token         string
-	User          string
-	Pass          string
-	ProxyEndpoint string
-	ExpiresAt     time.Time
-}
-func GetECRRegion(uri string) string {
-	re := regexp.MustCompile(`dkr\.ecr\.(.+?)\.`)
-	m := re.FindStringSubmatch(uri)
-	if m != nil {
-		return m[1]
-	}
-	return "us-east-1"
-}
-func GetECRLogin(region string) ([]ECRAuth, error) {
-	cfg, err := config.LoadDefaultConfig(
-		context.TODO(),
-		config.WithRegion(region),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("api client configuration error: %v", err.Error())
-	}
-	client := ecr.NewFromConfig(cfg)
-	input := &ecr.GetAuthorizationTokenInput{}
-	resp, err := client.GetAuthorizationToken(context.TODO(), input)
-	if err != nil {
-		return nil, fmt.Errorf("error login into ECR: %v", err.Error())
-	}
-	auths := make([]ECRAuth, len(resp.AuthorizationData))
-	for i, auth := range resp.AuthorizationData {
-		// extract base64 token
-		data, err := base64.StdEncoding.DecodeString(*auth.AuthorizationToken)
-		if err != nil {
-			return nil, err
-		}
-		// extract username and password
-		token := strings.SplitN(string(data), ":", 2)
-		// object to pass to template
-		auths[i] = ECRAuth{
-			Token:         *auth.AuthorizationToken,
-			User:          token[0],
-			Pass:          token[1],
-			ProxyEndpoint: *(auth.ProxyEndpoint),
-			ExpiresAt:     *(auth.ExpiresAt),
-		}
-	}
-	return auths, nil
-}
-type ImageOpts struct {
-	uri             string
-	requireECRLogin bool
-	region          string
-	creds           string
-	arch            string
-}
-func NewImageOpts(uri string, arch string) *ImageOpts {
-	requireECRLogin := strings.Contains(uri, "dkr.ecr")
-	if requireECRLogin {
-		return &ImageOpts{uri, requireECRLogin, GetECRRegion(uri), "", arch}
-	} else {
-		return &ImageOpts{uri, requireECRLogin, "", "", arch}
-	}
-}
-func (s *ImageOpts) SetRegion(region string) {
-	s.region = region
-}
-func (s *ImageOpts) SetCreds(creds string) {
-	s.creds = creds
-}
-func (s *ImageOpts) NewSystemContext() (*types.SystemContext, error) {
-	ctx := &types.SystemContext{
-		DockerRegistryUserAgent: "ecr-deployment",
-		DockerAuthConfig:        &types.DockerAuthConfig{},
-		ArchitectureChoice:      s.arch,
-	}
-	if s.creds != "" {
-		log.Printf("Credentials login mode for %v", s.uri)
-		token := strings.SplitN(s.creds, ":", 2)
-		ctx.DockerAuthConfig = &types.DockerAuthConfig{
-			Username: token[0],
-		}
-		if len(token) == 2 {
-			ctx.DockerAuthConfig.Password = token[1]
-		}
-	} else {
-		if s.requireECRLogin {
-			log.Printf("ECR auto login mode for %v", s.uri)
-			auths, err := GetECRLogin(s.region)
-			if err != nil {
-				return nil, err
-			}
-			if len(auths) == 0 {
-				return nil, fmt.Errorf("empty ECR login auth token list")
-			}
-			auth0 := auths[0]
-			ctx.DockerAuthConfig = &types.DockerAuthConfig{
-				Username: auth0.User,
-				Password: auth0.Pass,
-			}
-		}
-	}
-	return ctx, nil
-}
-func Dumps(v interface{}) string {
-	bytes, err := json.MarshalIndent(v, "", "  ")
-	if err != nil {
-		return fmt.Sprintf("dumps error: %s", err.Error())
-	}
-	return string(bytes)
-}
-const (
-	SECRET_ARN  = "SECRET_ARN"
-	SECRET_NAME = "SECRET_NAME"
-	SECRET_TEXT = "SECRET_TEXT"
-)
-func GetCredsType(s string) string {
-	if strings.HasPrefix(s, "arn:aws") {
-		return SECRET_ARN
-	} else if strings.Contains(s, ":") {
-		return SECRET_TEXT
-	} else {
-		return SECRET_NAME
-	}
-}
-func ParseJsonSecret(s string) (secret string, err error) {
-	var jsonData map[string]interface{}
-	jsonErr := json.Unmarshal([]byte(s), &jsonData)
-	if jsonErr != nil {
-		return "", fmt.Errorf("error parsing json secret: %v", jsonErr.Error())
-	}
-	username, ok := jsonData["username"].(string)
-	if !ok {
-		return "", fmt.Errorf("error parsing username from json secret")
-	}
-	password, ok := jsonData["password"].(string)
-	if !ok {
-		return "", fmt.Errorf("error parsing password from json secret")
-	}
-	return fmt.Sprintf("%s:%s", username, password), nil
-}
-func GetSecret(secretId string) (secret string, err error) {
-	cfg, err := config.LoadDefaultConfig(
-		context.TODO(),
-	)
-	log.Printf("get secret id: %s of region: %s", secretId, cfg.Region)
-	if err != nil {
-		return "", fmt.Errorf("api client configuration error: %v", err.Error())
-	}
-	client := secretsmanager.NewFromConfig(cfg)
-	resp, err := client.GetSecretValue(context.TODO(), &secretsmanager.GetSecretValueInput{
-		SecretId: aws.String(secretId),
-	})
-	if err != nil {
-		return "", fmt.Errorf("fetch secret value error: %v", err.Error())
-	}
-	return *resp.SecretString, nil
-}

package/lambda-src/utils_test.go DELETED Viewed

@@ -1,63 +0,0 @@
-// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
-// SPDX-License-Identifier: Apache-2.0
-package main
-import (
-	"encoding/json"
-	"testing"
-	"github.com/stretchr/testify/assert"
-)
-func TestGetECRRegion(t *testing.T) {
-	assert.Equal(t,
-		"us-west-2",
-		GetECRRegion("docker://1234567890.dkr.ecr.us-west-2.amazonaws.com/test:ubuntu"),
-	)
-	assert.Equal(t,
-		"us-east-1",
-		GetECRRegion("docker://1234567890.dkr.ecr.us-east-1.amazonaws.com/test:ubuntu"),
-	)
-	assert.Equal(t,
-		"cn-north-1",
-		GetECRRegion("docker://1234567890.dkr.ecr.cn-north-1.amazonaws.com/test:ubuntu"),
-	)
-}
-func TestGetCredsType(t *testing.T) {
-	assert.Equal(t, SECRET_ARN, GetCredsType("arn:aws:secretsmanager:us-west-2:00000:secret:fake-secret"))
-	assert.Equal(t, SECRET_ARN, GetCredsType("arn:aws-cn:secretsmanager:cn-north-1:00000:secret:fake-secret"))
-	assert.Equal(t, SECRET_NAME, GetCredsType("fake-secret"))
-	assert.Equal(t, SECRET_TEXT, GetCredsType("username:password"))
-	assert.Equal(t, SECRET_NAME, GetCredsType(""))
-}
-func TestParseJsonSecret(t *testing.T) {
-	secretPlainText := "user_val:pass_val"
-	isValid := json.Valid([]byte(secretPlainText))
-	assert.False(t, isValid)
-	secretJson := "{\"username\":\"user_val\",\"password\":\"pass_val\"}"
-	isValid = json.Valid([]byte(secretJson))
-	assert.True(t, isValid)
-	successCase, noError := ParseJsonSecret(secretJson)
-	assert.NoError(t, noError)
-	assert.Equal(t, secretPlainText, successCase)
-	failParseCase, jsonParseError := ParseJsonSecret("{\"user}")
-	assert.Equal(t, "", failParseCase)
-	assert.Error(t, jsonParseError)
-	assert.Contains(t, "error parsing json secret: unexpected end of JSON input", jsonParseError.Error())
-	noUsernameCase, usernameError := ParseJsonSecret("{\"password\":\"pass_val\"}")
-	assert.Equal(t, "", noUsernameCase)
-	assert.Error(t, usernameError)
-	assert.Contains(t, "error parsing username from json secret", usernameError.Error())
-	noPasswordCase, passwordError := ParseJsonSecret("{\"username\":\"user_val\"}")
-	assert.Equal(t, "", noPasswordCase)
-	assert.Error(t, passwordError)
-	assert.Contains(t, "error parsing password from json secret", passwordError.Error())
-}

package/lib/config.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export declare function shouldUsePrebuiltLambda(): boolean;

package/lib/config.js DELETED Viewed

@@ -1,12 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.shouldUsePrebuiltLambda = shouldUsePrebuiltLambda;
-const TRUTHY = ['true', true, 1, '1'];
-function shouldUsePrebuiltLambda() {
-    const { CI, NO_PREBUILT_LAMBDA, FORCE_PREBUILT_LAMBDA } = process.env;
-    const isCI = CI && TRUTHY.includes(CI);
-    const isNoPrebuilt = NO_PREBUILT_LAMBDA && TRUTHY.includes(NO_PREBUILT_LAMBDA);
-    const isForcePrebuilt = FORCE_PREBUILT_LAMBDA && TRUTHY.includes(FORCE_PREBUILT_LAMBDA);
-    return isForcePrebuilt || (!(isCI || isNoPrebuilt));
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2NvbmZpZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUVBLDBEQU9DO0FBVEQsTUFBTSxNQUFNLEdBQUcsQ0FBQyxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQUMsRUFBRSxHQUFHLENBQUMsQ0FBQztBQUV0QyxTQUFnQix1QkFBdUI7SUFDckMsTUFBTSxFQUFFLEVBQUUsRUFBRSxrQkFBa0IsRUFBRSxxQkFBcUIsRUFBRSxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUM7SUFDdEUsTUFBTSxJQUFJLEdBQUcsRUFBRSxJQUFJLE1BQU0sQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDdkMsTUFBTSxZQUFZLEdBQUcsa0JBQWtCLElBQUksTUFBTSxDQUFDLFFBQVEsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBQy9FLE1BQU0sZUFBZSxHQUFHLHFCQUFxQixJQUFJLE1BQU0sQ0FBQyxRQUFRLENBQUMscUJBQXFCLENBQUMsQ0FBQztJQUV4RixPQUFPLGVBQWUsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLElBQUksWUFBWSxDQUFDLENBQUMsQ0FBQztBQUN0RCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiY29uc3QgVFJVVEhZID0gWyd0cnVlJywgdHJ1ZSwgMSwgJzEnXTtcblxuZXhwb3J0IGZ1bmN0aW9uIHNob3VsZFVzZVByZWJ1aWx0TGFtYmRhKCk6IGJvb2xlYW4ge1xuICBjb25zdCB7IENJLCBOT19QUkVCVUlMVF9MQU1CREEsIEZPUkNFX1BSRUJVSUxUX0xBTUJEQSB9ID0gcHJvY2Vzcy5lbnY7XG4gIGNvbnN0IGlzQ0kgPSBDSSAmJiBUUlVUSFkuaW5jbHVkZXMoQ0kpO1xuICBjb25zdCBpc05vUHJlYnVpbHQgPSBOT19QUkVCVUlMVF9MQU1CREEgJiYgVFJVVEhZLmluY2x1ZGVzKE5PX1BSRUJVSUxUX0xBTUJEQSk7XG4gIGNvbnN0IGlzRm9yY2VQcmVidWlsdCA9IEZPUkNFX1BSRUJVSUxUX0xBTUJEQSAmJiBUUlVUSFkuaW5jbHVkZXMoRk9SQ0VfUFJFQlVJTFRfTEFNQkRBKTtcblxuICByZXR1cm4gaXNGb3JjZVByZWJ1aWx0IHx8ICghKGlzQ0kgfHwgaXNOb1ByZWJ1aWx0KSk7XG59Il19