npm - pepr - Versions diffs - 0.1.8 → 0.1.9 - Mend

pepr 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/pepr-cli.js +362 -30
package/dist/pepr-cli.js.map +1 -1
package/package.json +12 -6
package/src/lib/k8s/tls.ts +57 -0
package/src/lib/k8s/types.ts +0 -5
package/src/lib/k8s/webhook.ts +282 -227
package/src/lib/module.ts +11 -18
package/src/lib/types.ts +8 -9
package/tsconfig.json +2 -1
package/dist/pepr-20e17cf6-a2e4-46b2-b626-75d88d96c88b.js +0 -393
package/src/lib/k8s/stub-tls.ts +0 -88

package/src/lib/types.ts CHANGED Viewed

@@ -80,16 +80,18 @@ export type ModuleSigning = {
   authorizedKeys?: string[];
 };
-export type ModulePackageCfg = {
+/** Global configuration for the Pepr runtime. */
+export type ModuleConfig = {
+  /** The user-defined name for the module */
+  name: string;
+  /** The version of Pepr that the module was originally generated with */
+  version: string;
   /** A unique identifier for this Pepr module. This is automatically generated by Pepr. */
   uuid: string;
   /** A description of the Pepr module and what it does. */
-  description: string;
+  description?: string;
   /** Reject K8s resource AdmissionRequests on error. */
-  onError: ErrorBehavior;
-};
-export type ModuleAdditionalCfg = {
+  onError: ErrorBehavior | string;
   /** Configure global exclusions that will never be processed by Pepr. */
   alwaysIgnore: WebhookIgnore;
   /**
@@ -101,9 +103,6 @@ export type ModuleAdditionalCfg = {
   signing?: ModuleSigning;
 };
-/** Global configuration for the Pepr runtime. */
-export type ModuleConfig = ModulePackageCfg & ModuleAdditionalCfg;
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 export type GenericClass = abstract new () => any;

package/tsconfig.json CHANGED Viewed

@@ -7,5 +7,6 @@
     "resolveJsonModule": true,
     "strict": false,
     "target": "ES2020"
-  }
+  },
+  "include": ["src/**/*.ts"]
 }

package/dist/pepr-20e17cf6-a2e4-46b2-b626-75d88d96c88b.js DELETED Viewed

@@ -1,393 +0,0 @@
-'use strict';
-require('@kubernetes/client-node/dist');
-var R = require('ramda');
-var fastJsonPatch = require('fast-json-patch');
-function _interopNamespaceDefault(e) {
-    var n = Object.create(null);
-    if (e) {
-        Object.keys(e).forEach(function (k) {
-            if (k !== 'default') {
-                var d = Object.getOwnPropertyDescriptor(e, k);
-                Object.defineProperty(n, k, d.get ? d : {
-                    enumerable: true,
-                    get: function () { return e[k]; }
-                });
-            }
-        });
-    }
-    n.default = e;
-    return Object.freeze(n);
-}
-var R__namespace = /*#__PURE__*/_interopNamespaceDefault(R);
-var LogLevel;
-(function (LogLevel) {
-    LogLevel[LogLevel["debug"] = 0] = "debug";
-    LogLevel[LogLevel["info"] = 1] = "info";
-    LogLevel[LogLevel["warn"] = 2] = "warn";
-    LogLevel[LogLevel["error"] = 3] = "error";
-})(LogLevel || (LogLevel = {}));
-var ConsoleColors;
-(function (ConsoleColors) {
-    ConsoleColors["Reset"] = "\u001B[0m";
-    ConsoleColors["Bright"] = "\u001B[1m";
-    ConsoleColors["Dim"] = "\u001B[2m";
-    ConsoleColors["Underscore"] = "\u001B[4m";
-    ConsoleColors["Blink"] = "\u001B[5m";
-    ConsoleColors["Reverse"] = "\u001B[7m";
-    ConsoleColors["Hidden"] = "\u001B[8m";
-    ConsoleColors["FgBlack"] = "\u001B[30m";
-    ConsoleColors["FgRed"] = "\u001B[31m";
-    ConsoleColors["FgGreen"] = "\u001B[32m";
-    ConsoleColors["FgYellow"] = "\u001B[33m";
-    ConsoleColors["FgBlue"] = "\u001B[34m";
-    ConsoleColors["FgMagenta"] = "\u001B[35m";
-    ConsoleColors["FgCyan"] = "\u001B[36m";
-    ConsoleColors["FgWhite"] = "\u001B[37m";
-    ConsoleColors["BgBlack"] = "\u001B[40m";
-    ConsoleColors["BgRed"] = "\u001B[41m";
-    ConsoleColors["BgGreen"] = "\u001B[42m";
-    ConsoleColors["BgYellow"] = "\u001B[43m";
-    ConsoleColors["BgBlue"] = "\u001B[44m";
-    ConsoleColors["BgMagenta"] = "\u001B[45m";
-    ConsoleColors["BgCyan"] = "\u001B[46m";
-    ConsoleColors["BgWhite"] = "\u001B[47m";
-})(ConsoleColors || (ConsoleColors = {}));
-class Logger {
-    constructor(logLevel) {
-        this._logLevel = logLevel;
-    }
-    SetLogLevel(logLevel) {
-        this._logLevel = LogLevel[logLevel];
-        this.debug(`Log level set to ${logLevel}`);
-    }
-    debug(message, prefix) {
-        this.log(LogLevel.debug, message, prefix);
-    }
-    info(message, prefix) {
-        this.log(LogLevel.info, message, prefix);
-    }
-    warn(message, prefix) {
-        this.log(LogLevel.warn, message, prefix);
-    }
-    error(message, prefix) {
-        this.log(LogLevel.error, message, prefix);
-    }
-    log(logLevel, message, callerPrefix = "") {
-        const color = {
-            [LogLevel.debug]: ConsoleColors.FgBlack,
-            [LogLevel.info]: ConsoleColors.FgCyan,
-            [LogLevel.warn]: ConsoleColors.FgYellow,
-            [LogLevel.error]: ConsoleColors.FgRed,
-        };
-        if (logLevel >= this._logLevel) {
-            let prefix = "[" + LogLevel[logLevel] + "]\t" + callerPrefix;
-            prefix = this.colorize(prefix, color[logLevel]);
-            if (typeof message !== "string") {
-                console.log(prefix);
-                console.debug("%o", message);
-            }
-            else {
-                console.log(prefix + "\t" + message);
-            }
-        }
-    }
-    colorize(text, color) {
-        return color + text + ConsoleColors.Reset;
-    }
-}
-var logger = new Logger(LogLevel.info);
-var Operation;
-(function (Operation) {
-    Operation["CREATE"] = "CREATE";
-    Operation["UPDATE"] = "UPDATE";
-    Operation["DELETE"] = "DELETE";
-    Operation["CONNECT"] = "CONNECT";
-})(Operation || (Operation = {}));
-var ErrorBehavior;
-(function (ErrorBehavior) {
-    ErrorBehavior["ignore"] = "ignore";
-    ErrorBehavior["audit"] = "audit";
-    ErrorBehavior["reject"] = "reject";
-})(ErrorBehavior || (ErrorBehavior = {}));
-var HookPhase;
-(function (HookPhase) {
-    HookPhase["mutate"] = "mutate";
-    HookPhase["valdiate"] = "validate";
-})(HookPhase || (HookPhase = {}));
-var Event;
-(function (Event) {
-    Event["Create"] = "create";
-    Event["Update"] = "update";
-    Event["Delete"] = "delete";
-    Event["CreateOrUpdate"] = "createOrUpdate";
-})(Event || (Event = {}));
-class RequestWrapper {
-    get PermitSideEffects() {
-        return !this._input.dryRun;
-    }
-    get IsDryRun() {
-        return this._input.dryRun;
-    }
-    get OldResource() {
-        return this._input.oldObject;
-    }
-    get Request() {
-        return this._input;
-    }
-    constructor(input) {
-        this.Raw = R__namespace.clone(input.object);
-        this._input = input;
-    }
-    Merge(obj) {
-        this.Raw = R__namespace.mergeDeepRight(this.Raw, obj);
-    }
-    SetLabel(key, value) {
-        const ref = this.Raw;
-        ref.metadata = ref.metadata ?? {};
-        ref.metadata.labels = ref.metadata.labels ?? {};
-        ref.metadata.labels[key] = value;
-        return this;
-    }
-    SetAnnotation(key, value) {
-        const ref = this.Raw;
-        ref.metadata = ref.metadata ?? {};
-        ref.metadata.annotations = ref.metadata.annotations ?? {};
-        ref.metadata.annotations[key] = value;
-        return this;
-    }
-    RemoveLabel(key) {
-        if (this.Raw.metadata?.labels?.[key]) {
-            delete this.Raw.metadata.labels[key];
-        }
-        return this;
-    }
-    RemoveAnnotation(key) {
-        if (this.Raw.metadata?.annotations?.[key]) {
-            delete this.Raw.metadata.annotations[key];
-        }
-        return this;
-    }
-    HasLabel(key) {
-        return this.Raw?.metadata?.labels?.[key] !== undefined;
-    }
-    HasAnnotation(key) {
-        return this.Raw?.metadata?.annotations?.[key] !== undefined;
-    }
-}
-function shouldSkipRequest(binding, req) {
-    const { group, kind, version } = binding.kind;
-    const { namespaces, labels, annotations } = binding.filters;
-    const { metadata } = req.object;
-    if (kind !== req.kind.kind) {
-        logger.debug(`${req.kind.kind} does not match ${kind}`);
-        return true;
-    }
-    if (group && group !== req.kind.group) {
-        logger.debug(`${req.kind.group} does not match ${group}`);
-        return true;
-    }
-    if (version && version !== req.kind.version) {
-        logger.debug(`${req.kind.version} does not match ${version}`);
-        return true;
-    }
-    if (namespaces.length && !namespaces.includes(req.namespace || "")) {
-        logger.debug(`${req.namespace} is not in ${namespaces}`);
-        return true;
-    }
-    for (const [key, value] of Object.entries(labels)) {
-        if (metadata?.labels?.[key] !== value) {
-            logger.debug(`${metadata?.labels?.[key]} does not match ${value}`);
-            return true;
-        }
-    }
-    for (const [key, value] of Object.entries(annotations)) {
-        if (metadata?.annotations?.[key] !== value) {
-            logger.debug(`${metadata?.annotations?.[key]} does not match ${value}`);
-            return true;
-        }
-    }
-    return false;
-}
-function processor(config, capabilities, req) {
-    const wrapped = new RequestWrapper(req);
-    const response = {
-        uid: req.uid,
-        patchType: "JSONPatch",
-        warnings: [],
-        allowed: false,
-    };
-    logger.info(`Processing '${req.uid}' for '${req.kind.kind}' '${req.name}'`);
-    for (const { name, bindings } of capabilities) {
-        const prefix = `${req.uid} ${req.name}: ${name}`;
-        logger.info(`Processing capability ${name}`, prefix);
-        for (const action of bindings) {
-            if (shouldSkipRequest(action, req)) {
-                continue;
-            }
-            logger.info(`Processing matched action ${action.kind.kind}`, prefix);
-            const { metadata } = wrapped.Raw;
-            const identifier = `pepr.dev/${config.uuid}/${name}`;
-            metadata.annotations = metadata.annotations || {};
-            metadata.annotations[identifier] = "started";
-            try {
-                action.callback(wrapped);
-                metadata.annotations[identifier] = "succeeded";
-            }
-            catch (e) {
-                response.warnings.push(`Action failed: ${e}`);
-                if (config.onError) {
-                    logger.error(`Action failed: ${e}`, prefix);
-                    response.result = "Pepr module configured to reject on error";
-                    return response;
-                }
-                else {
-                    logger.warn(`Action failed: ${e}`, prefix);
-                    metadata.annotations[identifier] = "warning";
-                }
-            }
-        }
-    }
-    response.allowed = true;
-    const patches = fastJsonPatch.compare(req.object, wrapped.Raw);
-    if (patches.length > 0) {
-        response.patch = JSON.stringify(patches);
-    }
-    if (response.warnings.length < 1) {
-        delete response.warnings;
-    }
-    logger.debug(patches);
-    return response;
-}
-class PeprModule {
-    get kinds() {
-        return this._kinds;
-    }
-    get UUID() {
-        return this._config.uuid;
-    }
-    constructor({ description, pepr }, additionalCfg) {
-        this._state = [];
-        this._kinds = [];
-        this.Register = (capability) => {
-            logger.info(`Registering capability ${capability.name}`);
-            this._kinds = capability.bindings.map(({ kind }) => kind);
-            this._state.push(capability);
-        };
-        this.ProcessRequest = (req) => {
-            return processor(this._config, this._state, req);
-        };
-        this._config = {
-            alwaysIgnore: {
-                namespaces: ["kube-system", "pepr-system"],
-                labels: [{ "pepr.dev": "ignore" }],
-            },
-            ...pepr,
-            ...additionalCfg,
-            description,
-        };
-    }
-}
-var name = "pepr";
-var version = "0.1.4";
-var description = "Kubernetes application engine";
-var author = "Defense Unicorns";
-var homepage = "https://github.com/defenseunicorns/pepr";
-var license = "Apache-2.0";
-var bin = "dist/pepr-cli.js";
-var repository = "defenseunicorns/pepr";
-var engines = {
-	node: ">=18.0.0"
-};
-var pepr = {
-	name: "Development Module",
-	uuid: "20e17cf6-a2e4-46b2-b626-75d88d96c88b",
-	description: "Development module for pepr",
-	version: "dev",
-	onError: "ignore"
-};
-var scripts = {
-	webhook: "node dist/default.js",
-	build: "rollup -c",
-	start: "rollup -c -w --watch.onEnd 'sleep 1 && node dist/pepr-test.js'",
-	test: "ava",
-	lint: "npx eslint src",
-	"lint:fix": "npm run lint -- --fix",
-	prettier: "npx prettier src --check",
-	"prettier:fix": "npm run prettier -- --write",
-	prepublishOnly: "npm run lint:fix && npm run prettier:fix && npm run test && npm run build"
-};
-var dependencies = {
-	"@kubernetes/client-node": "^0.18.1",
-	"@rollup/plugin-json": "^6.0.0",
-	"@rollup/plugin-node-resolve": "^15.0.1",
-	"@rollup/plugin-typescript": "^11.0.0",
-	"@types/ramda": "^0.28.23",
-	chokidar: "^3.5.3",
-	commander: "^10.0.0",
-	express: "^4.18.2",
-	"fast-json-patch": "^3.1.1",
-	prompts: "^2.4.2",
-	ramda: "^0.28.0",
-	rollup: "^3.20.2",
-	uuid: "^9.0.0",
-	tslib: "^2.5.0",
-	typescript: "^5.0.2"
-};
-var devDependencies = {
-	"@types/prompts": "^2.4.4",
-	"@types/uuid": "^9.0.1",
-	"@typescript-eslint/eslint-plugin": "^5.57.0",
-	"@typescript-eslint/parser": "^5.57.0",
-	ava: "^5.2.0",
-	eslint: "^8.37.0",
-	prettier: "^2.8.7",
-	"rollup-plugin-visualizer": "^5.9.0",
-	"ts-node": "^10.9.1",
-	"tsconfig-paths": "^4.1.2"
-};
-var ava = {
-	extensions: [
-		"ts"
-	],
-	require: [
-		"ts-node/register",
-		"tsconfig-paths/register"
-	]
-};
-var cfg = {
-	name: name,
-	version: version,
-	description: description,
-	author: author,
-	homepage: homepage,
-	license: license,
-	bin: bin,
-	repository: repository,
-	engines: engines,
-	pepr: pepr,
-	scripts: scripts,
-	dependencies: dependencies,
-	devDependencies: devDependencies,
-	ava: ava
-};
-const { Register, ProcessRequest } = new PeprModule(cfg, {
-    alwaysIgnore: {
-        namespaces: [],
-        labels: [],
-    },
-});
-exports.ProcessRequest = ProcessRequest;
-exports.Register = Register;

package/src/lib/k8s/stub-tls.ts DELETED Viewed

@@ -1,88 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2023-Present The Pepr Authors
-// @todo: quick and dirty temp tls chain for testing, to be replaced at runtime
-// Don't freak out, this is a self-signed cert for testing purposes only.
-export function tlsCert() {
-  return Buffer.from(
-    `-----BEGIN CERTIFICATE-----
-  MIIDgzCCAmugAwIBAgIRALguxABI0Iy914FcdkM7B7EwDQYJKoZIhvcNAQELBQAw
-  NzEXMBUGA1UEChMOWmFyZiBDb21tdW5pdHkxHDAaBgNVBAMTE2NhLnByaXZhdGUu
-  emFyZi5kZXYwHhcNMjMwMzMxMjMyMTUxWhcNMjQwNDA5MjMyMTUxWjA8MRUwEwYD
-  VQQKEwxaYXJmIENsdXN0ZXIxIzAhBgNVBAMTGmNvbnRyb2xsZXIucGVwci1zeXN0
-  ZW0uc3ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6s7JQyXdZrj
-  uobjqbZEdh2VRnWaVhdYnWGOB3jguWXrBTTRmPhPuKx9X+ORFrDftG5cGkDp3okC
-  YGimun932Vi/nmwIc2Q1EAvmaj7LbPDPR4J8RUAO3pqsJijUULmXhrkLgdUxAIY5
-  srFtuLdaEh0VSc8YUDtbBP3dagDIe+v9eHVS1/ayiv/Tfscm7Mk3NQzvmQfJ5Vt5
-  K9At+9k7gfV//vBd7SoTJ4uowL+XgyIgF0jIHjHRAX9eR3ew8yly9Sp1K6gEt/oQ
-  8pQ8wS37/Dhb3FOQQ5owB1hem1hvdK9qtbwClyzUU/o4RODPcrl/k4MADrGi3wcq
-  n+FpiwlLLQIDAQABo4GEMIGBMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggr
-  BgEFBQcDATAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFIARVhDhiMNYF+0KwIgA
-  AhO2gLlRMCsGA1UdEQQkMCKCGmNvbnRyb2xsZXIucGVwci1zeXN0ZW0uc3ZjhwR/
-  AAABMA0GCSqGSIb3DQEBCwUAA4IBAQBsJN3H67/YTl8jQHgsU5sY65u0KlDcxL/v
-  vDDx807P4ohTa6dLl/mXZD6swN7W0O1oDCgVtTWjAB10UrcLlvs6yos8V4ENzqhM
-  DaUMwsQSXKCIH/VKaJecpt23SCGYoPZuYBh4PkYwdzBYIQPykV5NdMf02t5DONN+
-  08Cj+sE8ESpM3SyTpAAqaJfI+CFzNho8yq3e/zjrswG0FbjZCmG6fitNCCj6G4p1
-  lOmt+yadVUqov483l09JKUHTut+UsIf91XLCEfon+ajU/IObWDk9sqW8tCFBxhiq
-  5Ub2jDZ/hw/3RQHZfP69c1rFRIHMy/ci8cfk6PMg+d4rsNll6kYI
-  -----END CERTIFICATE-----`
-  ).toString("base64");
-}
-export function tlsKey() {
-  return Buffer.from(
-    `-----BEGIN RSA PRIVATE KEY-----
-    MIIEpQIBAAKCAQEAt6s7JQyXdZrjuobjqbZEdh2VRnWaVhdYnWGOB3jguWXrBTTR
-    mPhPuKx9X+ORFrDftG5cGkDp3okCYGimun932Vi/nmwIc2Q1EAvmaj7LbPDPR4J8
-    RUAO3pqsJijUULmXhrkLgdUxAIY5srFtuLdaEh0VSc8YUDtbBP3dagDIe+v9eHVS
-    1/ayiv/Tfscm7Mk3NQzvmQfJ5Vt5K9At+9k7gfV//vBd7SoTJ4uowL+XgyIgF0jI
-    HjHRAX9eR3ew8yly9Sp1K6gEt/oQ8pQ8wS37/Dhb3FOQQ5owB1hem1hvdK9qtbwC
-    lyzUU/o4RODPcrl/k4MADrGi3wcqn+FpiwlLLQIDAQABAoIBAAxt3wPD1WAVCkIu
-    LKvodLuVhuuMu9QFom6MEoN476Q8PGpOx7xVWXfC3H0ntkLV112rdjokmG8B0JJb
-    oqTOSXsA4X7ECtJcPqcGVyJre3K03SIWt3gsPJVd3DZ83tlTpehtD1VK6xUBAFiS
-    Xz130vWU2EL1a8zKJ3+v+lLZGLgiA8smdUSa3eOCC6nNbPQb8v2d8qRy0f/VaQE8
-    PtjKaMRK+3pSz2wuWXnGC0rerjyANs1zpDP/ZbQ3gqZ/NGi91E5JueCyZeIA/Rw3
-    XtEwxoN66OFrdONortUvTgPvpITLKQiL/kK7BX5jX0xAQQtKyd6uL2fWMHcg/AQz
-    D7T4+dUCgYEA6FJfBPu1505UZxsOvgpCN8qCt+NKF8QW+m90Bvfx7NQcVH/8iYq9
-    7biR6fBTWWlNjwqlZ+jl1L50HP3gaZ95rjOfJYFQ47XESDVjOoVNfZWBx7c410or
-    kx9wOLUv21GGndxIlcsTUSJZ9S++rBjFZfPPSmfmMA/GTusTfkiJS1MCgYEAymNu
-    ibcSagKpgjesPosVRz+KQqeDt2cWnWgvlfTD8urRY/0eGObZ9Fy0iDamtaJRhMYT
-    UenvIHntBBnc1wBvzyOrveQpnCpkeaWrqt38VUm2RO4w0ANxXqF6LMEQBTDbsVUm
-    JTyzRc+e5RL3O63Gx0jEu5iAvOg4pznK+wQev38CgYEAvm9u9i3CsUVTCGV0kzDj
-    kMoOlt/YR1z0nPqpOGEcTU6dnmJ/RtuUzn1iFkpqeDtKWTuX1HJjmx03HuC4iLwx
-    ySsFhH/ZJ59CsxIYMcs9dvkLtgMps8hXqbS2j7Vt8jCE0XfVg/w/7FzlMoedm4J+
-    pRDS1aIPXUxA+UXW58hbyoMCgYEAv2BEfx7I38uCpCqmykFULpor0Bl82Kk3XkLN
-    dHwN6h8XPvhzRFLO2F3tLDyZaXmCog126WdPAiOo9s7J39h+4Z02YgplOlFvzwPU
-    j273k2JvY0DkkV4gDr6cu8MXtgDcTRRaTK3YS3QnKS/E7v7Ez17FASsU2QyxvZdN
-    lAzyUlsCgYEA6A3UAY/gdxtwGf0kAb/hsHPaZLE8dJk7V6k9AUpgiC+sXEr3hLOe
-    f5FVCDgseP0vWtRLytYbNZSNkW07RIpJV0tE98E7iUVt41NJD1QPRLOSZEAuwkDi
-    yfYC8xiJwEHBEDTCnKYEyvB6be3zXssGzhp1dbtYILkheEkaewfP5ks=
-    -----END RSA PRIVATE KEY-----`
-  ).toString("base64");
-}
-export function tlsCA() {
-  return Buffer.from(
-    `-----BEGIN CERTIFICATE-----
-    MIIDWTCCAkGgAwIBAgIQb32UoSCN8rk1nBF3YcWU6zANBgkqhkiG9w0BAQsFADA3
-    MRcwFQYDVQQKEw5aYXJmIENvbW11bml0eTEcMBoGA1UEAxMTY2EucHJpdmF0ZS56
-    YXJmLmRldjAeFw0yMzAzMzEyMzIxNTBaFw0yNDA0MDkyMzIxNTBaMDcxFzAVBgNV
-    BAoTDlphcmYgQ29tbXVuaXR5MRwwGgYDVQQDExNjYS5wcml2YXRlLnphcmYuZGV2
-    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBDS+q67EPRR0pGFNWxd
-    JaM2qFWlsjmS8RPiSGmLrRrtLkYDhOUK+PlZLT7Gww/kGPrC/Jq+NSbKt7gDdbrr
-    1dBo4tSMFNG0DpcR5JVLGayU1qOBCVoM0kGSJ2U4w9q475rbogb+k+/nnwHCjfTN
-    fN/78c4Tg6ZKGc0ChXbEPduVmku0qrFwV70Cx6rNjsGT7o5E84NJ/SEZEKsv9DXz
-    R6Padsnc7291XmyOqyoV4hOwbP6Xs2ZySefVkBm3JuT5brD6BXp/One9PjzeQHtP
-    Ito1dOnpiCXFS4GTkEJ3slTMFPpxnImgn3+rgr3a8Pq5ICqfheEtCUeLlayKohO2
-    uwIDAQABo2EwXzAOBgNVHQ8BAf8EBAMCAoQwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
-    CCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIARVhDhiMNYF+0K
-    wIgAAhO2gLlRMA0GCSqGSIb3DQEBCwUAA4IBAQBCeISg2fAvgUm+LCxE0An5ZwUw
-    knO+vTjxeEQXxH4xQjz5Hpj3MQaXFvH2XAhbTAYQl8pKNWcN7vyl/5O8u+AjdDVD
-    3TQv5TxQK7gs8YmC1LMc66aFSYHruqCD14PiwaQqD8Rzz8/nGwqvCD3K6vDsyvC4
-    anUV/tzbMU/hwCn6uw+S/LgM4xQIllccGX1cJC7pSZJNiTzmhWEfKpOVrUoTEQqf
-    tyAwSSHdPz5EhuDybxhOhh00lQG5POY6UGYqKKR1uoXXniqGXXjIqUeiA6FjEMYC
-    4V//uhn+NeiPo1VtU7sCZfxT4x/qSy/bSSdB3qADqmgWhRHelJPe2TlBmCDx
-    -----END CERTIFICATE-----`
-  ).toString("base64");
-}