token-injectable-docker-builder 1.2.2 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/.jsii +4 -4
  2. package/README.md +133 -86
  3. package/lib/index.js +1 -1
  4. package/package.json +2 -2
package/.jsii CHANGED
@@ -3860,7 +3860,7 @@
3860
3860
  "stability": "stable"
3861
3861
  },
3862
3862
  "homepage": "https://github.com/AlexTech314/TokenInjectableDockerBuilder.git",
3863
- "jsiiVersion": "5.5.11 (build 0ecde04)",
3863
+ "jsiiVersion": "5.5.12 (build 8b85294)",
3864
3864
  "keywords": [
3865
3865
  "aws",
3866
3866
  "aws-cdk",
@@ -3898,7 +3898,7 @@
3898
3898
  },
3899
3899
  "name": "token-injectable-docker-builder",
3900
3900
  "readme": {
3901
- "markdown": "# TokenInjectableDockerBuilder\n\nThe `TokenInjectableDockerBuilder` is a flexible AWS CDK construct that enables the usage of AWS CDK tokens in the building, pushing, and deployment of Docker images to Amazon Elastic Container Registry (ECR). It leverages AWS CodeBuild and Lambda custom resources.\n\n---\n\n## Why?\n\nAWS CDK already provides mechanisms for creating deployable assets using Docker, such as [DockerImageAsset](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerImageAsset.html) and [DockerImageCode](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.DockerImageCode.html), but these constructs are limited because they cannot accept CDK tokens as build-args. The `TokenInjectableDockerBuilder` allows injecting CDK tokens as build-time arguments into Docker-based assets, enabling more dynamic dependency relationships.\n\nFor example, a Next.js frontend Docker image may require an API Gateway URL as an argument to create a reference from the UI to the associated API in a given deployment. With this construct, you can deploy the API Gateway first, then pass its URL as a build-time argument to the Next.js Docker image. As a result, your Next.js frontend can dynamically fetch data from the API Gateway without hardcoding the URL, or needing mutliple sepereate Stacks.\n\n---\n\n## Features\n\n- **Build and Push Docker Images**: Automatically builds and pushes Docker images to ECR.\n- **Token Support**: Supports custom build arguments for Docker builds, including CDK tokens resolved at deployment time.\n- **Custom Install and Pre-Build Commands**: Allows specifying custom commands to run during the `install` and `pre_build` phases of the CodeBuild build process.\n- **VPC Configuration**: Supports deploying the CodeBuild project within a VPC, with customizable security groups and subnet selection.\n- **Docker Login**: Supports Docker login using credentials stored in AWS Secrets Manager.\n- **ECR Repository Management**: Creates an ECR repository with lifecycle rules and encryption.\n- **Integration with ECS and Lambda**: Provides outputs for use in AWS ECS and AWS Lambda.\n\n---\n\n## Installation\n\n### For NPM\n\nInstall the construct using NPM:\n\n```bash\nnpm install token-injectable-docker-builder\n```\n\n### For Python\n\nInstall the construct using pip:\n\n```bash\npip install token-injectable-docker-builder\n```\n\n---\n\n## Constructor\n\n### `TokenInjectableDockerBuilder`\n\n#### Parameters\n\n- **`scope`**: The construct's parent scope.\n- **`id`**: The construct ID.\n- **`props`**: Configuration properties.\n\n#### Properties in `TokenInjectableDockerBuilderProps`\n\n| Property | Type | Required | Description |\n|--------------------------|-----------------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `path` | `string` | Yes | The file path to the Dockerfile or source code directory. |\n| `buildArgs` | `{ [key: string]: string }` | No | Build arguments to pass to the Docker build process. These are transformed into `--build-arg` flags. To use in Dockerfile, leverage the `ARG` keyword. For more details, please see the [official Docker docs](https://docs.docker.com/build/building/variables/). |\n| `dockerLoginSecretArn` | `string` | No | ARN of an AWS Secrets Manager secret for Docker credentials. Skips login if not provided. |\n| `vpc` | `IVpc` | No | The VPC in which the CodeBuild project will be deployed. If provided, the CodeBuild project will be launched within the specified VPC. |\n| `securityGroups` | `ISecurityGroup[]` | No | The security groups to attach to the CodeBuild project. These should define the network access rules for the CodeBuild project. |\n| `subnetSelection` | `SubnetSelection` | No | The subnet selection to specify which subnets to use within the VPC. Allows the user to select private, public, or isolated subnets. |\n| `installCommands` | `string[]` | No | Custom commands to run during the `install` phase of the CodeBuild build process. Will be executed before Docker image is built. Useful for installing necessary dependencies for running pre-build scripts. |\n| `preBuildCommands` | `string[]` | No | Custom commands to run during the `pre_build` phase of the CodeBuild build process. Will be executed before Docker image is built. Useful for running pre-build scripts, such as to fetch configs. |\n\n---\n\n## Usage Examples\n\n### Simple Usage Example\n\nThis example demonstrates the most basic usage of the `TokenInjectableDockerBuilder`, where you specify the path to your Docker context and provide simple build arguments.\n\n#### TypeScript/NPM Example\n\n```typescript\nimport * as cdk from 'aws-cdk-lib';\nimport { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder';\nimport * as ecs from 'aws-cdk-lib/aws-ecs';\nimport * as lambda from 'aws-cdk-lib/aws-lambda';\n\nexport class SimpleStack extends cdk.Stack {\n constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {\n super(scope, id, props);\n\n const dockerBuilder = new TokenInjectableDockerBuilder(this, 'SimpleDockerBuilder', {\n path: './docker', // Path to your Dockerfile or Docker context\n buildArgs: {\n ENV: 'production', // Simple build argument\n },\n });\n\n // Use in ECS\n new ecs.ContainerDefinition(this, 'SimpleContainer', {\n image: dockerBuilder.containerImage,\n // ... other container properties ...\n });\n\n // Use in Lambda\n new lambda.Function(this, 'SimpleDockerLambdaFunction', {\n runtime: lambda.Runtime.FROM_IMAGE,\n code: dockerBuilder.dockerImageCode,\n handler: lambda.Handler.FROM_IMAGE,\n });\n }\n}\n```\n\n#### Python Example\n\n```python\nfrom aws_cdk import (\n aws_ecs as ecs,\n aws_lambda as lambda_,\n core as cdk,\n)\nfrom token_injectable_docker_builder import TokenInjectableDockerBuilder\n\nclass SimpleStack(cdk.Stack):\n\n def __init__(self, scope: cdk.App, id: str, **kwargs):\n super().__init__(scope, id, **kwargs)\n\n docker_builder = TokenInjectableDockerBuilder(self, \"SimpleDockerBuilder\",\n path=\"./docker\", # Path to your Dockerfile or Docker context\n build_args={\n \"ENV\": \"production\", # Simple build argument\n },\n )\n\n # Use in ECS\n ecs.ContainerDefinition(self, \"SimpleContainer\",\n image=docker_builder.container_image,\n # ... other container properties ...\n )\n\n # Use in Lambda\n lambda_.Function(self, \"SimpleDockerLambdaFunction\",\n runtime=lambda_.Runtime.FROM_IMAGE,\n code=docker_builder.docker_image_code,\n handler=lambda_.Handler.FROM_IMAGE\n )\n```\n\n---\n\n### Advanced Usage Example\n\nThis example demonstrates more advanced usage, including using CDK tokens as build arguments, specifying custom install and pre-build commands, and configuring VPC settings.\n\n#### TypeScript/NPM Example\n\n```typescript\nimport * as cdk from 'aws-cdk-lib';\nimport { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder';\nimport * as ecs from 'aws-cdk-lib/aws-ecs';\nimport * as lambda from 'aws-cdk-lib/aws-lambda';\nimport * as ec2 from 'aws-cdk-lib/aws-ec2';\n\nexport class MyStack extends cdk.Stack {\n constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {\n super(scope, id, props);\n\n // Example VPC and security group (optional)\n const vpc = new ec2.Vpc(this, 'MyVpc');\n const securityGroup = new ec2.SecurityGroup(this, 'MySecurityGroup', {\n vpc,\n });\n\n // Example of using CDK tokens as build arguments\n const myApiGateway = /* ... create or import your API Gateway ... */;\n\n const dockerBuilder = new TokenInjectableDockerBuilder(this, 'MyDockerBuilder', {\n path: './docker',\n buildArgs: {\n API_URL: myApiGateway.url, // Using CDK token\n ENV: 'production',\n },\n dockerLoginSecretArn: 'arn:aws:secretsmanager:us-east-1:123456789012:secret:DockerLoginSecret',\n vpc,\n securityGroups: [securityGroup],\n subnetSelection: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS },\n installCommands: [\n 'echo \"Updating package lists...\"',\n 'apt-get update -y',\n 'echo \"Installing required packages...\"',\n 'apt-get install -y curl dnsutils',\n ],\n preBuildCommands: [\n 'echo \"Fetching configuration from private API...\"',\n 'curl -o config.json https://api.example.com/config',\n ],\n });\n\n // Use in ECS\n new ecs.ContainerDefinition(this, 'MyContainer', {\n image: dockerBuilder.containerImage,\n // ... other container properties ...\n });\n\n // Use in Lambda\n new lambda.Function(this, 'DockerLambdaFunction', {\n runtime: lambda.Runtime.FROM_IMAGE,\n code: dockerBuilder.dockerImageCode,\n handler: lambda.Handler.FROM_IMAGE,\n });\n }\n}\n```\n\n#### Python Example\n\n```python\nfrom aws_cdk import (\n aws_ec2 as ec2,\n aws_ecs as ecs,\n aws_lambda as lambda_,\n core as cdk,\n)\nfrom token_injectable_docker_builder import TokenInjectableDockerBuilder\n\nclass MyStack(cdk.Stack):\n\n def __init__(self, scope: cdk.App, id: str, **kwargs):\n super().__init__(scope, id, **kwargs)\n\n # Example VPC and security group (optional)\n vpc = ec2.Vpc(self, \"MyVpc\")\n security_group = ec2.SecurityGroup(self, \"MySecurityGroup\", vpc=vpc)\n\n # Example of using CDK tokens as build arguments\n my_api_gateway = # ... create or import your API Gateway ...\n\n docker_builder = TokenInjectableDockerBuilder(self, \"MyDockerBuilder\",\n path=\"./docker\",\n build_args={\n \"API_URL\": my_api_gateway.url, # Using CDK token\n \"ENV\": \"production\"\n },\n docker_login_secret_arn=\"arn:aws:secretsmanager:us-east-1:123456789012:secret:DockerLoginSecret\",\n vpc=vpc,\n security_groups=[security_group],\n subnet_selection=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS),\n install_commands=[\n 'echo \"Updating package lists...\"',\n 'apt-get update -y',\n 'echo \"Installing required packages...\"',\n 'apt-get install -y curl dnsutils',\n ],\n pre_build_commands=[\n 'echo \"Fetching configuration from private API...\"',\n 'curl -o config.json https://api.example.com/config',\n ],\n )\n\n # Use in ECS\n ecs.ContainerDefinition(self, \"MyContainer\",\n image=docker_builder.container_image,\n # ... other container properties ...\n )\n\n # Use in Lambda\n lambda_.Function(self, \"DockerLambdaFunction\",\n runtime=lambda_.Runtime.FROM_IMAGE,\n code=docker_builder.docker_image_code,\n handler=lambda_.Handler.FROM_IMAGE\n )\n```\n\n---\n\n## How It Works\n\n1. **Docker Source**: Packages the source code or Dockerfile specified in the `path` property as an S3 asset.\n2. **CodeBuild Project**:\n - Uses the packaged asset and `buildArgs` to build the Docker image.\n - Executes any custom `installCommands` and `preBuildCommands` during the build process.\n - Pushes the image to an ECR repository.\n3. **Custom Resource**:\n - Triggers the build process using a Lambda function (`onEvent`).\n - Monitors the build status using another Lambda function (`isComplete`).\n4. **Outputs**:\n - `.containerImage`: Returns the Docker image for ECS.\n - `.dockerImageCode`: Returns the Docker image code for Lambda.\n\n---\n\n## IAM Permissions\n\nThe construct automatically grants permissions for:\n\n- **CodeBuild**:\n - Pull and push images to ECR.\n - Access to AWS Secrets Manager if `dockerLoginSecretArn` is provided.\n - Access to the KMS key for encryption.\n- **Lambda Functions**:\n - Start and monitor CodeBuild builds.\n - Access CloudWatch Logs.\n - Access to the KMS key for encryption.\n - Pull and push images to ECR.\n\n---\n\n## Notes\n\n- **Build Arguments**: Pass custom arguments via `buildArgs` as `--build-arg` flags. CDK tokens can be used to inject dynamic values resolved at deployment time.\n- **Custom Commands**: Use `installCommands` and `preBuildCommands` to run custom shell commands during the build process. This can be useful for installing dependencies or fetching configuration files.\n- **VPC Configuration**: If your build process requires access to resources within a VPC, you can specify the VPC, security groups, and subnet selection.\n- **Docker Login**: If you need to log in to a private Docker registry before building the image, provide the ARN of a secret in AWS Secrets Manager containing the Docker credentials.\n- **ECR Repository**: Automatically creates an ECR repository with lifecycle rules to manage image retention, encryption with a KMS key, and image scanning on push.\n\n---\n\n## Troubleshooting\n\n1. **Build Errors**: Check the CodeBuild logs in CloudWatch Logs for detailed error messages.\n2. **Lambda Errors**: Check the `onEvent` and `isComplete` Lambda function logs in CloudWatch Logs.\n3. **Permissions**: Ensure IAM roles have the required permissions for CodeBuild, ECR, Secrets Manager, and KMS if applicable.\n4. **Network Access**: If the build requires network access (e.g., to download dependencies), ensure that the VPC configuration allows outbound internet access, or use a NAT gateway if in private subnets.\n\n---\n\n## Support\n\nFor issues or feature requests, please open an issue on [GitHub](https://github.com/AlexTech314/TokenInjectableDockerBuilder).\n\n---\n\n## Reference Links\n\n[![View on Construct Hub](https://constructs.dev/badge?package=token-injectable-docker-builder)](https://constructs.dev/packages/token-injectable-docker-builder)\n\n---\n\n# License\n\nThis project is licensed under the terms of the MIT license.\n\n---\n\n# Acknowledgements\n\n- Inspired by the need for more dynamic Docker asset management in AWS CDK.\n- Thanks to the AWS CDK community for their continuous support and contributions.\n\n---\n\nFeel free to reach out if you have any questions or need further assistance!\n"
3901
+ "markdown": "# TokenInjectableDockerBuilder\n\nThe `TokenInjectableDockerBuilder` is a flexible AWS CDK construct that enables the usage of AWS CDK tokens in the building, pushing, and deployment of Docker images to Amazon Elastic Container Registry (ECR). It leverages AWS CodeBuild and Lambda custom resources.\n\n---\n\n## Why?\n\nAWS CDK already provides mechanisms for creating deployable assets using Docker, such as [DockerImageAsset](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerImageAsset.html) and [DockerImageCode](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.DockerImageCode.html), but these constructs are limited because they cannot accept CDK tokens as build-args. The `TokenInjectableDockerBuilder` allows injecting CDK tokens as build-time arguments into Docker-based assets, enabling more dynamic dependency relationships.\n\nFor example, a Next.js frontend Docker image may require an API Gateway URL as an argument to create a reference from the UI to the associated API in a given deployment. With this construct, you can deploy the API Gateway first, then pass its URL as a build-time argument to the Next.js Docker image. As a result, your Next.js frontend can dynamically fetch data from the API Gateway without hardcoding the URL or needing multiple separate stacks.\n\n---\n\n## Features\n\n- **Build and Push Docker Images**: Automatically builds and pushes Docker images to ECR.\n- **Token Support**: Supports custom build arguments for Docker builds, including CDK tokens resolved at deployment time.\n- **Custom Install and Pre-Build Commands**: Allows specifying custom commands to run during the `install` and `pre_build` phases of the CodeBuild build process.\n- **VPC Configuration**: Supports deploying the CodeBuild project within a VPC, with customizable security groups and subnet selection.\n- **Docker Login**: Supports Docker login using credentials stored in AWS Secrets Manager.\n- **ECR Repository Management**: Creates an ECR repository with lifecycle rules and encryption.\n- **Integration with ECS and Lambda**: Provides outputs for use in AWS ECS and AWS Lambda.\n\n---\n\n## Installation\n\n### For NPM\n\nInstall the construct using NPM:\n\n```bash\nnpm install token-injectable-docker-builder\n```\n\n### For Python\n\nInstall the construct using pip:\n\n```bash\npip install token-injectable-docker-builder\n```\n\n---\n\n## Constructor\n\n### `TokenInjectableDockerBuilder`\n\n#### Parameters\n\n- **`scope`**: The construct's parent scope.\n- **`id`**: The construct ID.\n- **`props`**: Configuration properties.\n\n#### Properties in `TokenInjectableDockerBuilderProps`\n\n| Property | Type | Required | Description |\n|--------------------------|-----------------------------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `path` | `string` | Yes | The file path to the Dockerfile or source code directory. |\n| `buildArgs` | `{ [key: string]: string }` | No | Build arguments to pass to the Docker build process. These are transformed into `--build-arg` flags. To use in Dockerfile, leverage the `ARG` keyword. For more details, please see the [official Docker docs](https://docs.docker.com/build/building/variables/). |\n| `dockerLoginSecretArn` | `string` | No | ARN of an AWS Secrets Manager secret for Docker credentials. Skips login if not provided. |\n| `vpc` | `IVpc` | No | The VPC in which the CodeBuild project will be deployed. If provided, the CodeBuild project will be launched within the specified VPC. |\n| `securityGroups` | `ISecurityGroup[]` | No | The security groups to attach to the CodeBuild project. These should define the network access rules for the CodeBuild project. |\n| `subnetSelection` | `SubnetSelection` | No | The subnet selection to specify which subnets to use within the VPC. Allows the user to select private, public, or isolated subnets. |\n| `installCommands` | `string[]` | No | Custom commands to run during the `install` phase of the CodeBuild build process. Will be executed before the Docker image is built. Useful for installing necessary dependencies for running pre-build scripts. |\n| `preBuildCommands` | `string[]` | No | Custom commands to run during the `pre_build` phase of the CodeBuild build process. Will be executed before the Docker image is built. Useful for running pre-build scripts, such as fetching configs. |\n\n---\n\n## Usage Examples\n\n### Simple Usage Example\n\nThis example demonstrates the basic usage of the `TokenInjectableDockerBuilder`, where a Next.js frontend Docker image requires an API Gateway URL as a build argument to create a reference from the UI to the associated API in a given deployment.\n\n#### TypeScript/NPM Example\n\n```typescript\nimport * as cdk from 'aws-cdk-lib';\nimport { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder';\nimport * as ecs from 'aws-cdk-lib/aws-ecs';\nimport * as ec2 from 'aws-cdk-lib/aws-ec2';\nimport * as apigateway from 'aws-cdk-lib/aws-apigateway';\n\nexport class SimpleStack extends cdk.Stack {\n constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {\n super(scope, id, props);\n\n // Create your API Gateway\n const api = new apigateway.RestApi(this, 'MyApiGateway', {\n restApiName: 'MyService',\n });\n\n // Create the Docker builder\n const dockerBuilder = new TokenInjectableDockerBuilder(this, 'SimpleDockerBuilder', {\n path: './nextjs-app', // Path to your Next.js app Docker context\n buildArgs: {\n API_URL: api.url, // Pass the API Gateway URL as a build argument\n },\n });\n\n // Use in ECS\n const cluster = new ecs.Cluster(this, 'EcsCluster', {\n vpc: new ec2.Vpc(this, 'Vpc'),\n });\n\n new ecs.FargateService(this, 'FargateService', {\n cluster,\n taskDefinition: new ecs.FargateTaskDefinition(this, 'TaskDef', {\n cpu: 512,\n memoryLimitMiB: 1024,\n }).addContainer('Container', {\n image: dockerBuilder.containerImage,\n logging: ecs.LogDriver.awsLogs({ streamPrefix: 'MyApp' }),\n }),\n });\n }\n}\n```\n\n#### Python Example\n\n```python\nfrom aws_cdk import (\n aws_ecs as ecs,\n aws_ec2 as ec2,\n aws_apigateway as apigateway,\n core as cdk,\n)\nfrom token_injectable_docker_builder import TokenInjectableDockerBuilder\n\nclass SimpleStack(cdk.Stack):\n\n def __init__(self, scope: cdk.App, id: str, **kwargs):\n super().__init__(scope, id, **kwargs)\n\n # Create your API Gateway\n api = apigateway.RestApi(self, \"MyApiGateway\",\n rest_api_name=\"MyService\",\n )\n\n # Create the Docker builder\n docker_builder = TokenInjectableDockerBuilder(self, \"SimpleDockerBuilder\",\n path=\"./nextjs-app\", # Path to your Next.js app Docker context\n build_args={\n \"API_URL\": api.url, # Pass the API Gateway URL as a build argument\n },\n )\n\n # Use in ECS\n vpc = ec2.Vpc(self, \"Vpc\")\n cluster = ecs.Cluster(self, \"EcsCluster\", vpc=vpc)\n\n task_definition = ecs.FargateTaskDefinition(self, \"TaskDef\",\n cpu=512,\n memory_limit_mib=1024,\n )\n\n task_definition.add_container(\"Container\",\n image=docker_builder.container_image,\n logging=ecs.LogDriver.aws_logs(stream_prefix=\"MyApp\"),\n )\n\n ecs.FargateService(self, \"FargateService\",\n cluster=cluster,\n task_definition=task_definition,\n )\n```\n\n---\n\n### Advanced Usage Example\n\nBuilding on the previous example, this advanced usage demonstrates how to include additional configurations, such as fetching private API endpoints and configuration files during the build process.\n\n#### TypeScript/NPM Example\n\n```typescript\nimport * as cdk from 'aws-cdk-lib';\nimport { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder';\nimport * as ecs from 'aws-cdk-lib/aws-ecs';\nimport * as ec2 from 'aws-cdk-lib/aws-ec2';\nimport * as apigateway from 'aws-cdk-lib/aws-apigateway';\n\nexport class AdvancedStack extends cdk.Stack {\n constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {\n super(scope, id, props);\n\n // Create your API Gateway\n const api = new apigateway.RestApi(this, 'MyApiGateway', {\n restApiName: 'MyService',\n });\n\n // VPC and Security Group for CodeBuild\n const vpc = new ec2.Vpc(this, 'MyVpc');\n const securityGroup = new ec2.SecurityGroup(this, 'MySecurityGroup', {\n vpc,\n });\n\n // Create the Docker builder with additional pre-build commands\n const dockerBuilder = new TokenInjectableDockerBuilder(this, 'AdvancedDockerBuilder', {\n path: './nextjs-app',\n buildArgs: {\n API_URL: api.url,\n },\n vpc,\n securityGroups: [securityGroup],\n subnetSelection: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS },\n installCommands: [\n 'echo \"Updating package lists...\"',\n 'apt-get update -y',\n 'echo \"Installing necessary packages...\"',\n 'apt-get install -y curl',\n ],\n preBuildCommands: [\n 'echo \"Fetching private API configuration...\"',\n // Replace with your actual command to fetch configs\n 'curl -o config.json https://internal-api.example.com/config',\n ],\n });\n\n // Ensure the CodeBuild project has access to the internal API endpoint\n // You may need to adjust your VPC and security group settings accordingly\n\n // Use in ECS\n const cluster = new ecs.Cluster(this, 'EcsCluster', { vpc });\n\n new ecs.FargateService(this, 'FargateService', {\n cluster,\n taskDefinition: new ecs.FargateTaskDefinition(this, 'TaskDef', {\n cpu: 512,\n memoryLimitMiB: 1024,\n }).addContainer('Container', {\n image: dockerBuilder.containerImage,\n logging: ecs.LogDriver.awsLogs({ streamPrefix: 'MyApp' }),\n }),\n });\n }\n}\n```\n\n#### Python Example\n\n```python\nfrom aws_cdk import (\n aws_ecs as ecs,\n aws_ec2 as ec2,\n aws_apigateway as apigateway,\n core as cdk,\n)\nfrom token_injectable_docker_builder import TokenInjectableDockerBuilder\n\nclass AdvancedStack(cdk.Stack):\n\n def __init__(self, scope: cdk.App, id: str, **kwargs):\n super().__init__(scope, id, **kwargs)\n\n # Create your API Gateway\n api = apigateway.RestApi(self, \"MyApiGateway\",\n rest_api_name=\"MyService\",\n )\n\n # VPC and Security Group for CodeBuild\n vpc = ec2.Vpc(self, \"MyVpc\")\n security_group = ec2.SecurityGroup(self, \"MySecurityGroup\", vpc=vpc)\n\n # Create the Docker builder with additional pre-build commands\n docker_builder = TokenInjectableDockerBuilder(self, \"AdvancedDockerBuilder\",\n path=\"./nextjs-app\",\n build_args={\n \"API_URL\": api.url,\n },\n vpc=vpc,\n security_groups=[security_group],\n subnet_selection=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS),\n install_commands=[\n 'echo \"Updating package lists...\"',\n 'apt-get update -y',\n 'echo \"Installing necessary packages...\"',\n 'apt-get install -y curl',\n ],\n pre_build_commands=[\n 'echo \"Fetching private API configuration...\"',\n # Replace with your actual command to fetch configs\n 'curl -o config.json https://internal-api.example.com/config',\n ],\n )\n\n # Ensure the CodeBuild project has access to the internal API endpoint\n # You may need to adjust your VPC and security group settings accordingly\n\n # Use in ECS\n cluster = ecs.Cluster(self, \"EcsCluster\", vpc=vpc)\n\n task_definition = ecs.FargateTaskDefinition(self, \"TaskDef\",\n cpu=512,\n memory_limit_mib=1024,\n )\n\n task_definition.add_container(\"Container\",\n image=docker_builder.container_image,\n logging=ecs.LogDriver.aws_logs(stream_prefix=\"MyApp\"),\n )\n\n ecs.FargateService(self, \"FargateService\",\n cluster=cluster,\n task_definition=task_definition,\n )\n```\n\nIn this advanced example:\n\n- **VPC Configuration**: The CodeBuild project is configured to run inside a VPC with specified security groups and subnet selection, allowing it to access internal resources such as a private API endpoint.\n- **Custom Install and Pre-Build Commands**: The `installCommands` and `preBuildCommands` properties are used to install necessary packages and fetch configuration files from a private API before building the Docker image.\n- **Access to Internal APIs**: By running inside a VPC and configuring the security groups appropriately, the CodeBuild project can access private endpoints not accessible over the public internet.\n\n---\n\n## How It Works\n\n1. **Docker Source**: Packages the source code or Dockerfile specified in the `path` property as an S3 asset.\n2. **CodeBuild Project**:\n - Uses the packaged asset and `buildArgs` to build the Docker image.\n - Executes any custom `installCommands` and `preBuildCommands` during the build process.\n - Pushes the image to an ECR repository.\n3. **Custom Resource**:\n - Triggers the build process using a Lambda function (`onEvent`).\n - Monitors the build status using another Lambda function (`isComplete`).\n4. **Outputs**:\n - `.containerImage`: Returns the Docker image for ECS.\n - `.dockerImageCode`: Returns the Docker image code for Lambda.\n\n---\n\n## IAM Permissions\n\nThe construct automatically grants permissions for:\n\n- **CodeBuild**:\n - Pull and push images to ECR.\n - Access to AWS Secrets Manager if `dockerLoginSecretArn` is provided.\n - Access to the KMS key for encryption.\n- **Lambda Functions**:\n - Start and monitor CodeBuild builds.\n - Access CloudWatch Logs.\n - Access to the KMS key for encryption.\n - Pull and push images to ECR.\n\n---\n\n## Notes\n\n- **Build Arguments**: Pass custom arguments via `buildArgs` as `--build-arg` flags. CDK tokens can be used to inject dynamic values resolved at deployment time.\n- **Custom Commands**: Use `installCommands` and `preBuildCommands` to run custom shell commands during the build process. This can be useful for installing dependencies or fetching configuration files.\n- **VPC Configuration**: If your build process requires access to resources within a VPC, you can specify the VPC, security groups, and subnet selection.\n- **Docker Login**: If you need to log in to a private Docker registry before building the image, provide the ARN of a secret in AWS Secrets Manager containing the Docker credentials.\n- **ECR Repository**: Automatically creates an ECR repository with lifecycle rules to manage image retention, encryption with a KMS key, and image scanning on push.\n\n---\n\n## Troubleshooting\n\n1. **Build Errors**: Check the CodeBuild logs in CloudWatch Logs for detailed error messages.\n2. **Lambda Errors**: Check the `onEvent` and `isComplete` Lambda function logs in CloudWatch Logs.\n3. **Permissions**: Ensure IAM roles have the required permissions for CodeBuild, ECR, Secrets Manager, and KMS if applicable.\n4. **Network Access**: If the build requires network access (e.g., to download dependencies or access internal APIs), ensure that the VPC configuration allows necessary network connectivity, and adjust security group rules accordingly.\n\n---\n\n## Support\n\nFor issues or feature requests, please open an issue on [GitHub](https://github.com/AlexTech314/TokenInjectableDockerBuilder).\n\n---\n\n## Reference Links\n\n[![View on Construct Hub](https://constructs.dev/badge?package=token-injectable-docker-builder)](https://constructs.dev/packages/token-injectable-docker-builder)\n\n---\n\n## License\n\nThis project is licensed under the terms of the MIT license.\n\n---\n\n## Acknowledgements\n\n- Inspired by the need for more dynamic Docker asset management in AWS CDK.\n- Thanks to the AWS CDK community for their continuous support and contributions.\n\n---\n\nFeel free to reach out if you have any questions or need further assistance!\n\n---"
3902
3902
  },
3903
3903
  "repository": {
3904
3904
  "type": "git",
@@ -4178,6 +4178,6 @@
4178
4178
  "symbolId": "src/index:TokenInjectableDockerBuilderProps"
4179
4179
  }
4180
4180
  },
4181
- "version": "1.2.2",
4182
- "fingerprint": "jmw9tBVYvTJi0uyifLJ3vbe5bgJvkBu0Cy0FBCy29Co="
4181
+ "version": "1.2.4",
4182
+ "fingerprint": "+FGIzrM5+F+435a0RrTZ9TZ3lsLuC+Y7lhdioQRksCU="
4183
4183
  }
package/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # TokenInjectableDockerBuilder
2
2
 
3
- The `TokenInjectableDockerBuilder` is a flexible AWS CDK construct that enables the usage of AWS CDK tokens in the building, pushing, and deployment of Docker images to Amazon Elastic Container Registry (ECR). It leverages AWS CodeBuild and Lambda custom resources.
3
+ The `TokenInjectableDockerBuilder` is a flexible AWS CDK construct that enables the usage of AWS CDK tokens in the building, pushing, and deployment of Docker images to Amazon Elastic Container Registry (ECR). It leverages AWS CodeBuild and Lambda custom resources.
4
4
 
5
5
  ---
6
6
 
@@ -8,7 +8,7 @@ The `TokenInjectableDockerBuilder` is a flexible AWS CDK construct that enables
8
8
 
9
9
  AWS CDK already provides mechanisms for creating deployable assets using Docker, such as [DockerImageAsset](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerImageAsset.html) and [DockerImageCode](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.DockerImageCode.html), but these constructs are limited because they cannot accept CDK tokens as build-args. The `TokenInjectableDockerBuilder` allows injecting CDK tokens as build-time arguments into Docker-based assets, enabling more dynamic dependency relationships.
10
10
 
11
- For example, a Next.js frontend Docker image may require an API Gateway URL as an argument to create a reference from the UI to the associated API in a given deployment. With this construct, you can deploy the API Gateway first, then pass its URL as a build-time argument to the Next.js Docker image. As a result, your Next.js frontend can dynamically fetch data from the API Gateway without hardcoding the URL, or needing mutliple sepereate Stacks.
11
+ For example, a Next.js frontend Docker image may require an API Gateway URL as an argument to create a reference from the UI to the associated API in a given deployment. With this construct, you can deploy the API Gateway first, then pass its URL as a build-time argument to the Next.js Docker image. As a result, your Next.js frontend can dynamically fetch data from the API Gateway without hardcoding the URL or needing multiple separate stacks.
12
12
 
13
13
  ---
14
14
 
@@ -56,16 +56,16 @@ pip install token-injectable-docker-builder
56
56
 
57
57
  #### Properties in `TokenInjectableDockerBuilderProps`
58
58
 
59
- | Property | Type | Required | Description |
60
- |--------------------------|-----------------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
61
- | `path` | `string` | Yes | The file path to the Dockerfile or source code directory. |
62
- | `buildArgs` | `{ [key: string]: string }` | No | Build arguments to pass to the Docker build process. These are transformed into `--build-arg` flags. To use in Dockerfile, leverage the `ARG` keyword. For more details, please see the [official Docker docs](https://docs.docker.com/build/building/variables/). |
63
- | `dockerLoginSecretArn` | `string` | No | ARN of an AWS Secrets Manager secret for Docker credentials. Skips login if not provided. |
64
- | `vpc` | `IVpc` | No | The VPC in which the CodeBuild project will be deployed. If provided, the CodeBuild project will be launched within the specified VPC. |
65
- | `securityGroups` | `ISecurityGroup[]` | No | The security groups to attach to the CodeBuild project. These should define the network access rules for the CodeBuild project. |
66
- | `subnetSelection` | `SubnetSelection` | No | The subnet selection to specify which subnets to use within the VPC. Allows the user to select private, public, or isolated subnets. |
67
- | `installCommands` | `string[]` | No | Custom commands to run during the `install` phase of the CodeBuild build process. Will be executed before Docker image is built. Useful for installing necessary dependencies for running pre-build scripts. |
68
- | `preBuildCommands` | `string[]` | No | Custom commands to run during the `pre_build` phase of the CodeBuild build process. Will be executed before Docker image is built. Useful for running pre-build scripts, such as to fetch configs. |
59
+ | Property | Type | Required | Description |
60
+ |--------------------------|-----------------------------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
61
+ | `path` | `string` | Yes | The file path to the Dockerfile or source code directory. |
62
+ | `buildArgs` | `{ [key: string]: string }` | No | Build arguments to pass to the Docker build process. These are transformed into `--build-arg` flags. To use in Dockerfile, leverage the `ARG` keyword. For more details, please see the [official Docker docs](https://docs.docker.com/build/building/variables/). |
63
+ | `dockerLoginSecretArn` | `string` | No | ARN of an AWS Secrets Manager secret for Docker credentials. Skips login if not provided. |
64
+ | `vpc` | `IVpc` | No | The VPC in which the CodeBuild project will be deployed. If provided, the CodeBuild project will be launched within the specified VPC. |
65
+ | `securityGroups` | `ISecurityGroup[]` | No | The security groups to attach to the CodeBuild project. These should define the network access rules for the CodeBuild project. |
66
+ | `subnetSelection` | `SubnetSelection` | No | The subnet selection to specify which subnets to use within the VPC. Allows the user to select private, public, or isolated subnets. |
67
+ | `installCommands` | `string[]` | No | Custom commands to run during the `install` phase of the CodeBuild build process. Will be executed before the Docker image is built. Useful for installing necessary dependencies for running pre-build scripts. |
68
+ | `preBuildCommands` | `string[]` | No | Custom commands to run during the `pre_build` phase of the CodeBuild build process. Will be executed before the Docker image is built. Useful for running pre-build scripts, such as fetching configs. |
69
69
 
70
70
  ---
71
71
 
@@ -73,7 +73,7 @@ pip install token-injectable-docker-builder
73
73
 
74
74
  ### Simple Usage Example
75
75
 
76
- This example demonstrates the most basic usage of the `TokenInjectableDockerBuilder`, where you specify the path to your Docker context and provide simple build arguments.
76
+ This example demonstrates the basic usage of the `TokenInjectableDockerBuilder`, where a Next.js frontend Docker image requires an API Gateway URL as a build argument to create a reference from the UI to the associated API in a given deployment.
77
77
 
78
78
  #### TypeScript/NPM Example
79
79
 
@@ -81,30 +81,40 @@ This example demonstrates the most basic usage of the `TokenInjectableDockerBuil
81
81
  import * as cdk from 'aws-cdk-lib';
82
82
  import { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder';
83
83
  import * as ecs from 'aws-cdk-lib/aws-ecs';
84
- import * as lambda from 'aws-cdk-lib/aws-lambda';
84
+ import * as ec2 from 'aws-cdk-lib/aws-ec2';
85
+ import * as apigateway from 'aws-cdk-lib/aws-apigateway';
85
86
 
86
87
  export class SimpleStack extends cdk.Stack {
87
88
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
88
89
  super(scope, id, props);
89
90
 
91
+ // Create your API Gateway
92
+ const api = new apigateway.RestApi(this, 'MyApiGateway', {
93
+ restApiName: 'MyService',
94
+ });
95
+
96
+ // Create the Docker builder
90
97
  const dockerBuilder = new TokenInjectableDockerBuilder(this, 'SimpleDockerBuilder', {
91
- path: './docker', // Path to your Dockerfile or Docker context
98
+ path: './nextjs-app', // Path to your Next.js app Docker context
92
99
  buildArgs: {
93
- ENV: 'production', // Simple build argument
100
+ API_URL: api.url, // Pass the API Gateway URL as a build argument
94
101
  },
95
102
  });
96
103
 
97
104
  // Use in ECS
98
- new ecs.ContainerDefinition(this, 'SimpleContainer', {
99
- image: dockerBuilder.containerImage,
100
- // ... other container properties ...
105
+ const cluster = new ecs.Cluster(this, 'EcsCluster', {
106
+ vpc: new ec2.Vpc(this, 'Vpc'),
101
107
  });
102
108
 
103
- // Use in Lambda
104
- new lambda.Function(this, 'SimpleDockerLambdaFunction', {
105
- runtime: lambda.Runtime.FROM_IMAGE,
106
- code: dockerBuilder.dockerImageCode,
107
- handler: lambda.Handler.FROM_IMAGE,
109
+ new ecs.FargateService(this, 'FargateService', {
110
+ cluster,
111
+ taskDefinition: new ecs.FargateTaskDefinition(this, 'TaskDef', {
112
+ cpu: 512,
113
+ memoryLimitMiB: 1024,
114
+ }).addContainer('Container', {
115
+ image: dockerBuilder.containerImage,
116
+ logging: ecs.LogDriver.awsLogs({ streamPrefix: 'MyApp' }),
117
+ }),
108
118
  });
109
119
  }
110
120
  }
@@ -115,7 +125,8 @@ export class SimpleStack extends cdk.Stack {
115
125
  ```python
116
126
  from aws_cdk import (
117
127
  aws_ecs as ecs,
118
- aws_lambda as lambda_,
128
+ aws_ec2 as ec2,
129
+ aws_apigateway as apigateway,
119
130
  core as cdk,
120
131
  )
121
132
  from token_injectable_docker_builder import TokenInjectableDockerBuilder
@@ -125,24 +136,36 @@ class SimpleStack(cdk.Stack):
125
136
  def __init__(self, scope: cdk.App, id: str, **kwargs):
126
137
  super().__init__(scope, id, **kwargs)
127
138
 
139
+ # Create your API Gateway
140
+ api = apigateway.RestApi(self, "MyApiGateway",
141
+ rest_api_name="MyService",
142
+ )
143
+
144
+ # Create the Docker builder
128
145
  docker_builder = TokenInjectableDockerBuilder(self, "SimpleDockerBuilder",
129
- path="./docker", # Path to your Dockerfile or Docker context
146
+ path="./nextjs-app", # Path to your Next.js app Docker context
130
147
  build_args={
131
- "ENV": "production", # Simple build argument
148
+ "API_URL": api.url, # Pass the API Gateway URL as a build argument
132
149
  },
133
150
  )
134
151
 
135
152
  # Use in ECS
136
- ecs.ContainerDefinition(self, "SimpleContainer",
153
+ vpc = ec2.Vpc(self, "Vpc")
154
+ cluster = ecs.Cluster(self, "EcsCluster", vpc=vpc)
155
+
156
+ task_definition = ecs.FargateTaskDefinition(self, "TaskDef",
157
+ cpu=512,
158
+ memory_limit_mib=1024,
159
+ )
160
+
161
+ task_definition.add_container("Container",
137
162
  image=docker_builder.container_image,
138
- # ... other container properties ...
163
+ logging=ecs.LogDriver.aws_logs(stream_prefix="MyApp"),
139
164
  )
140
165
 
141
- # Use in Lambda
142
- lambda_.Function(self, "SimpleDockerLambdaFunction",
143
- runtime=lambda_.Runtime.FROM_IMAGE,
144
- code=docker_builder.docker_image_code,
145
- handler=lambda_.Handler.FROM_IMAGE
166
+ ecs.FargateService(self, "FargateService",
167
+ cluster=cluster,
168
+ task_definition=task_definition,
146
169
  )
147
170
  ```
148
171
 
@@ -150,7 +173,7 @@ class SimpleStack(cdk.Stack):
150
173
 
151
174
  ### Advanced Usage Example
152
175
 
153
- This example demonstrates more advanced usage, including using CDK tokens as build arguments, specifying custom install and pre-build commands, and configuring VPC settings.
176
+ Building on the previous example, this advanced usage demonstrates how to include additional configurations, such as fetching private API endpoints and configuration files during the build process.
154
177
 
155
178
  #### TypeScript/NPM Example
156
179
 
@@ -158,55 +181,61 @@ This example demonstrates more advanced usage, including using CDK tokens as bui
158
181
  import * as cdk from 'aws-cdk-lib';
159
182
  import { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder';
160
183
  import * as ecs from 'aws-cdk-lib/aws-ecs';
161
- import * as lambda from 'aws-cdk-lib/aws-lambda';
162
184
  import * as ec2 from 'aws-cdk-lib/aws-ec2';
185
+ import * as apigateway from 'aws-cdk-lib/aws-apigateway';
163
186
 
164
- export class MyStack extends cdk.Stack {
187
+ export class AdvancedStack extends cdk.Stack {
165
188
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
166
189
  super(scope, id, props);
167
190
 
168
- // Example VPC and security group (optional)
191
+ // Create your API Gateway
192
+ const api = new apigateway.RestApi(this, 'MyApiGateway', {
193
+ restApiName: 'MyService',
194
+ });
195
+
196
+ // VPC and Security Group for CodeBuild
169
197
  const vpc = new ec2.Vpc(this, 'MyVpc');
170
198
  const securityGroup = new ec2.SecurityGroup(this, 'MySecurityGroup', {
171
199
  vpc,
172
200
  });
173
201
 
174
- // Example of using CDK tokens as build arguments
175
- const myApiGateway = /* ... create or import your API Gateway ... */;
176
-
177
- const dockerBuilder = new TokenInjectableDockerBuilder(this, 'MyDockerBuilder', {
178
- path: './docker',
202
+ // Create the Docker builder with additional pre-build commands
203
+ const dockerBuilder = new TokenInjectableDockerBuilder(this, 'AdvancedDockerBuilder', {
204
+ path: './nextjs-app',
179
205
  buildArgs: {
180
- API_URL: myApiGateway.url, // Using CDK token
181
- ENV: 'production',
206
+ API_URL: api.url,
182
207
  },
183
- dockerLoginSecretArn: 'arn:aws:secretsmanager:us-east-1:123456789012:secret:DockerLoginSecret',
184
208
  vpc,
185
209
  securityGroups: [securityGroup],
186
210
  subnetSelection: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS },
187
211
  installCommands: [
188
212
  'echo "Updating package lists..."',
189
213
  'apt-get update -y',
190
- 'echo "Installing required packages..."',
191
- 'apt-get install -y curl dnsutils',
214
+ 'echo "Installing necessary packages..."',
215
+ 'apt-get install -y curl',
192
216
  ],
193
217
  preBuildCommands: [
194
- 'echo "Fetching configuration from private API..."',
195
- 'curl -o config.json https://api.example.com/config',
218
+ 'echo "Fetching private API configuration..."',
219
+ // Replace with your actual command to fetch configs
220
+ 'curl -o config.json https://internal-api.example.com/config',
196
221
  ],
197
222
  });
198
223
 
199
- // Use in ECS
200
- new ecs.ContainerDefinition(this, 'MyContainer', {
201
- image: dockerBuilder.containerImage,
202
- // ... other container properties ...
203
- });
224
+ // Ensure the CodeBuild project has access to the internal API endpoint
225
+ // You may need to adjust your VPC and security group settings accordingly
204
226
 
205
- // Use in Lambda
206
- new lambda.Function(this, 'DockerLambdaFunction', {
207
- runtime: lambda.Runtime.FROM_IMAGE,
208
- code: dockerBuilder.dockerImageCode,
209
- handler: lambda.Handler.FROM_IMAGE,
227
+ // Use in ECS
228
+ const cluster = new ecs.Cluster(this, 'EcsCluster', { vpc });
229
+
230
+ new ecs.FargateService(this, 'FargateService', {
231
+ cluster,
232
+ taskDefinition: new ecs.FargateTaskDefinition(this, 'TaskDef', {
233
+ cpu: 512,
234
+ memoryLimitMiB: 1024,
235
+ }).addContainer('Container', {
236
+ image: dockerBuilder.containerImage,
237
+ logging: ecs.LogDriver.awsLogs({ streamPrefix: 'MyApp' }),
238
+ }),
210
239
  });
211
240
  }
212
241
  }
@@ -216,61 +245,77 @@ export class MyStack extends cdk.Stack {
216
245
 
217
246
  ```python
218
247
  from aws_cdk import (
219
- aws_ec2 as ec2,
220
248
  aws_ecs as ecs,
221
- aws_lambda as lambda_,
249
+ aws_ec2 as ec2,
250
+ aws_apigateway as apigateway,
222
251
  core as cdk,
223
252
  )
224
253
  from token_injectable_docker_builder import TokenInjectableDockerBuilder
225
254
 
226
- class MyStack(cdk.Stack):
255
+ class AdvancedStack(cdk.Stack):
227
256
 
228
257
  def __init__(self, scope: cdk.App, id: str, **kwargs):
229
258
  super().__init__(scope, id, **kwargs)
230
259
 
231
- # Example VPC and security group (optional)
260
+ # Create your API Gateway
261
+ api = apigateway.RestApi(self, "MyApiGateway",
262
+ rest_api_name="MyService",
263
+ )
264
+
265
+ # VPC and Security Group for CodeBuild
232
266
  vpc = ec2.Vpc(self, "MyVpc")
233
267
  security_group = ec2.SecurityGroup(self, "MySecurityGroup", vpc=vpc)
234
268
 
235
- # Example of using CDK tokens as build arguments
236
- my_api_gateway = # ... create or import your API Gateway ...
237
-
238
- docker_builder = TokenInjectableDockerBuilder(self, "MyDockerBuilder",
239
- path="./docker",
269
+ # Create the Docker builder with additional pre-build commands
270
+ docker_builder = TokenInjectableDockerBuilder(self, "AdvancedDockerBuilder",
271
+ path="./nextjs-app",
240
272
  build_args={
241
- "API_URL": my_api_gateway.url, # Using CDK token
242
- "ENV": "production"
273
+ "API_URL": api.url,
243
274
  },
244
- docker_login_secret_arn="arn:aws:secretsmanager:us-east-1:123456789012:secret:DockerLoginSecret",
245
275
  vpc=vpc,
246
276
  security_groups=[security_group],
247
277
  subnet_selection=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS),
248
278
  install_commands=[
249
279
  'echo "Updating package lists..."',
250
280
  'apt-get update -y',
251
- 'echo "Installing required packages..."',
252
- 'apt-get install -y curl dnsutils',
281
+ 'echo "Installing necessary packages..."',
282
+ 'apt-get install -y curl',
253
283
  ],
254
284
  pre_build_commands=[
255
- 'echo "Fetching configuration from private API..."',
256
- 'curl -o config.json https://api.example.com/config',
285
+ 'echo "Fetching private API configuration..."',
286
+ # Replace with your actual command to fetch configs
287
+ 'curl -o config.json https://internal-api.example.com/config',
257
288
  ],
258
289
  )
259
290
 
291
+ # Ensure the CodeBuild project has access to the internal API endpoint
292
+ # You may need to adjust your VPC and security group settings accordingly
293
+
260
294
  # Use in ECS
261
- ecs.ContainerDefinition(self, "MyContainer",
295
+ cluster = ecs.Cluster(self, "EcsCluster", vpc=vpc)
296
+
297
+ task_definition = ecs.FargateTaskDefinition(self, "TaskDef",
298
+ cpu=512,
299
+ memory_limit_mib=1024,
300
+ )
301
+
302
+ task_definition.add_container("Container",
262
303
  image=docker_builder.container_image,
263
- # ... other container properties ...
304
+ logging=ecs.LogDriver.aws_logs(stream_prefix="MyApp"),
264
305
  )
265
306
 
266
- # Use in Lambda
267
- lambda_.Function(self, "DockerLambdaFunction",
268
- runtime=lambda_.Runtime.FROM_IMAGE,
269
- code=docker_builder.docker_image_code,
270
- handler=lambda_.Handler.FROM_IMAGE
307
+ ecs.FargateService(self, "FargateService",
308
+ cluster=cluster,
309
+ task_definition=task_definition,
271
310
  )
272
311
  ```
273
312
 
313
+ In this advanced example:
314
+
315
+ - **VPC Configuration**: The CodeBuild project is configured to run inside a VPC with specified security groups and subnet selection, allowing it to access internal resources such as a private API endpoint.
316
+ - **Custom Install and Pre-Build Commands**: The `installCommands` and `preBuildCommands` properties are used to install necessary packages and fetch configuration files from a private API before building the Docker image.
317
+ - **Access to Internal APIs**: By running inside a VPC and configuring the security groups appropriately, the CodeBuild project can access private endpoints not accessible over the public internet.
318
+
274
319
  ---
275
320
 
276
321
  ## How It Works
@@ -320,7 +365,7 @@ The construct automatically grants permissions for:
320
365
  1. **Build Errors**: Check the CodeBuild logs in CloudWatch Logs for detailed error messages.
321
366
  2. **Lambda Errors**: Check the `onEvent` and `isComplete` Lambda function logs in CloudWatch Logs.
322
367
  3. **Permissions**: Ensure IAM roles have the required permissions for CodeBuild, ECR, Secrets Manager, and KMS if applicable.
323
- 4. **Network Access**: If the build requires network access (e.g., to download dependencies), ensure that the VPC configuration allows outbound internet access, or use a NAT gateway if in private subnets.
368
+ 4. **Network Access**: If the build requires network access (e.g., to download dependencies or access internal APIs), ensure that the VPC configuration allows necessary network connectivity, and adjust security group rules accordingly.
324
369
 
325
370
  ---
326
371
 
@@ -336,13 +381,13 @@ For issues or feature requests, please open an issue on [GitHub](https://github.
336
381
 
337
382
  ---
338
383
 
339
- # License
384
+ ## License
340
385
 
341
386
  This project is licensed under the terms of the MIT license.
342
387
 
343
388
  ---
344
389
 
345
- # Acknowledgements
390
+ ## Acknowledgements
346
391
 
347
392
  - Inspired by the need for more dynamic Docker asset management in AWS CDK.
348
393
  - Thanks to the AWS CDK community for their continuous support and contributions.
@@ -350,3 +395,5 @@ This project is licensed under the terms of the MIT license.
350
395
  ---
351
396
 
352
397
  Feel free to reach out if you have any questions or need further assistance!
398
+
399
+ ---
package/lib/index.js CHANGED
@@ -185,5 +185,5 @@ class TokenInjectableDockerBuilder extends constructs_1.Construct {
185
185
  }
186
186
  exports.TokenInjectableDockerBuilder = TokenInjectableDockerBuilder;
187
187
  _a = JSII_RTTI_SYMBOL_1;
188
- TokenInjectableDockerBuilder[_a] = { fqn: "token-injectable-docker-builder.TokenInjectableDockerBuilder", version: "1.2.2" };
188
+ TokenInjectableDockerBuilder[_a] = { fqn: "token-injectable-docker-builder.TokenInjectableDockerBuilder", version: "1.2.4" };
189
189
  //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxpQ0FBaUM7QUFDakMsNkJBQTZCO0FBQzdCLDZDQUF1RDtBQUN2RCw2REFBd0Y7QUFFeEYsaURBQWtGO0FBQ2xGLGlEQUFxRDtBQUNyRCxpREFBc0Q7QUFDdEQsaURBQTBDO0FBQzFDLHVEQUFrRjtBQUNsRiw2REFBa0Q7QUFDbEQsbUVBQXdEO0FBQ3hELDJDQUF1QztBQXNHdkM7O0dBRUc7QUFDSCxNQUFhLDRCQUE2QixTQUFRLHNCQUFTO0lBS3pELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBd0M7UUFDaEYsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLEVBQ0osSUFBSSxFQUFFLFVBQVUsRUFDaEIsU0FBUyxFQUNULG9CQUFvQixFQUNwQixHQUFHLEVBQ0gsY0FBYyxFQUNkLGVBQWUsRUFDZixlQUFlLEVBQ2YsZ0JBQWdCLEdBQ2pCLEdBQUcsS0FBSyxDQUFDO1FBRVYsc0NBQXNDO1FBQ3RDLE1BQU0sYUFBYSxHQUFHLElBQUksYUFBRyxDQUFDLElBQUksRUFBRSxrQkFBa0IsRUFBRTtZQUN0RCxpQkFBaUIsRUFBRSxJQUFJO1NBQ3hCLENBQUMsQ0FBQztRQUVILHdGQUF3RjtRQUN4RixJQUFJLENBQUMsYUFBYSxHQUFHLElBQUksb0JBQVUsQ0FBQyxJQUFJLEVBQUUsZUFBZSxFQUFFO1lBQ3pELGNBQWMsRUFBRTtnQkFDZDtvQkFDRSxZQUFZLEVBQUUsQ0FBQztvQkFDZixXQUFXLEVBQUUsb0NBQW9DO29CQUNqRCxTQUFTLEVBQUUsbUJBQVMsQ0FBQyxRQUFRO29CQUM3QixXQUFXLEVBQUUsc0JBQVEsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO2lCQUM5QjthQUNGO1lBQ0QsVUFBVSxFQUFFLDhCQUFvQixDQUFDLEdBQUc7WUFDcEMsYUFBYSxFQUFFLGFBQWE7WUFDNUIsZUFBZSxFQUFFLElBQUk7U0FDdEIsQ0FBQyxDQUFDO1FBRUgsc0NBQXNDO1FBQ3RDLE1BQU0sV0FBVyxHQUFHLElBQUkscUJBQUssQ0FBQyxJQUFJLEVBQUUsYUFBYSxFQUFFO1lBQ2pELElBQUksRUFBRSxVQUFVO1NBQ2pCLENBQUMsQ0FBQztRQUVILDZEQUE2RDtRQUM3RCxNQUFNLGVBQWUsR0FBRyxTQUFTO1lBQy9CLENBQUMsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQztpQkFDeEIsR0FBRyxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsS0FBSyxDQUFDLEVBQUUsRUFBRSxDQUFDLGVBQWUsR0FBRyxJQUFJLEtBQUssRUFBRSxDQUFDO2lCQUNwRCxJQUFJLENBQUMsR0FBRyxDQUFDO1lBQ1osQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUVQLHVDQUF1QztRQUN2QyxNQUFNLG1CQUFtQixHQUFHLG9CQUFvQjtZQUM5QyxDQUFDLENBQUM7Z0JBQ0EsOERBQThEO2dCQUM5RCxxRUFBcUUsb0JBQW9CLHdEQUF3RDtnQkFDakoscUVBQXFFLG9CQUFvQix3REFBd0Q7Z0JBQ2pKLGdDQUFnQztnQkFDaEMsbUZBQW1GO2FBQ3BGO1lBQ0QsQ0FBQyxDQUFDLENBQUMsNkRBQTZELENBQUMsQ0FBQztRQUVwRSw2QkFBNkI7UUFDN0IsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLHVCQUFPLENBQUMsSUFBSSxFQUFFLG9CQUFvQixFQUFFO1lBQy9ELE1BQU0sRUFBRSxzQkFBTSxDQUFDLEVBQUUsQ0FBQztnQkFDaEIsTUFBTSxFQUFFLFdBQVcsQ0FBQyxNQUFNO2dCQUMxQixJQUFJLEVBQUUsV0FBVyxDQUFDLFdBQVc7YUFDOUIsQ0FBQztZQUNGLFdBQVcsRUFBRTtnQkFDWCxVQUFVLEVBQUUsK0JBQWUsQ0FBQyxZQUFZO2dCQUN4QyxVQUFVLEVBQUUsSUFBSTthQUNqQjtZQUNELG9CQUFvQixFQUFFO2dCQUNwQixZQUFZLEVBQUUsRUFBRSxLQUFLLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxhQUFhLEVBQUU7Z0JBQ3pELFVBQVUsRUFBRSxFQUFFLEtBQUssRUFBRSxlQUFlLEVBQUU7Z0JBQ3RDLDZEQUE2RDtnQkFDN0QsR0FBRyxDQUFDLFNBQVM7b0JBQ1gsTUFBTSxDQUFDLFdBQVcsQ0FDaEIsTUFBTSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEdBQUcsRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDLENBQ2xFLENBQUM7YUFDTDtZQUNELEdBQUc7WUFDSCxjQUFjO1lBQ2QsZUFBZTtZQUNmLFNBQVMsRUFBRSx5QkFBUyxDQUFDLFVBQVUsQ0FBQztnQkFDOUIsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsTUFBTSxFQUFFO29CQUNOLE9BQU8sRUFBRTt3QkFDUCxRQUFRLEVBQUU7NEJBQ1IsbUNBQW1DOzRCQUNuQyxHQUFHLENBQUMsZUFBZSxJQUFJLEVBQUUsQ0FBQzt5QkFDM0I7cUJBQ0Y7b0JBQ0QsU0FBUyxFQUFFO3dCQUNULFFBQVEsRUFBRTs0QkFDUixHQUFHLENBQUMsZ0JBQWdCLElBQUksRUFBRSxDQUFDOzRCQUMzQixHQUFHLG1CQUFtQjs0QkFDdEIscUNBQXFDOzRCQUNyQyxnRkFBZ0Y7NEJBQ2hGLG9DQUFvQzs0QkFDcEMsOEpBQThKO3lCQUMvSjtxQkFDRjtvQkFDRCxLQUFLLEVBQUU7d0JBQ0wsUUFBUSxFQUFFOzRCQUNSLGdEQUFnRDs0QkFDaEQscUVBQXFFO3lCQUN0RTtxQkFDRjtvQkFDRCxVQUFVLEVBQUU7d0JBQ1YsUUFBUSxFQUFFOzRCQUNSLG9EQUFvRDs0QkFDcEQsa0NBQWtDO3lCQUNuQztxQkFDRjtpQkFDRjthQUNGLENBQUM7U0FDSCxDQUFDLENBQUM7UUFFSCxpQ0FBaUM7UUFDakMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxhQUFhLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUVuRCxnQkFBZ0IsQ0FBQyxJQUFLLENBQUMsb0JBQW9CLENBQ3pDLElBQUkseUJBQWUsQ0FBQztZQUNsQixPQUFPLEVBQUU7Z0JBQ1AsMkJBQTJCO2dCQUMzQiw0QkFBNEI7Z0JBQzVCLGlDQUFpQzthQUNsQztZQUNELFNBQVMsRUFBRSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDO1NBQzlDLENBQUMsQ0FDSCxDQUFDO1FBRUYsSUFBSSxvQkFBb0IsRUFBRSxDQUFDO1lBQ3pCLGdCQUFnQixDQUFDLElBQUssQ0FBQyxvQkFBb0IsQ0FDekMsSUFBSSx5QkFBZSxDQUFDO2dCQUNsQixPQUFPLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQztnQkFDMUMsU0FBUyxFQUFFLENBQUMsb0JBQW9CLENBQUM7YUFDbEMsQ0FBQyxDQUNILENBQUM7UUFDSixDQUFDO1FBRUQsd0NBQXdDO1FBQ3hDLGFBQWEsQ0FBQyxtQkFBbUIsQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFLLENBQUMsQ0FBQztRQUUxRCw4REFBOEQ7UUFDOUQsTUFBTSxzQkFBc0IsR0FBRyxJQUFJLHFCQUFRLENBQUMsSUFBSSxFQUFFLHdCQUF3QixFQUFFO1lBQzFFLE9BQU8sRUFBRSxvQkFBTyxDQUFDLFdBQVc7WUFDNUIsSUFBSSxFQUFFLGlCQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsU0FBUyxFQUFFLFlBQVksQ0FBQyxDQUFDO1lBQzNELE9BQU8sRUFBRSxpQkFBaUI7WUFDMUIsT0FBTyxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztTQUM5QixDQUFDLENBQUM7UUFFSCxzQkFBc0IsQ0FBQyxlQUFlLENBQ3BDLElBQUkseUJBQWUsQ0FBQztZQUNsQixPQUFPLEVBQUUsQ0FBQyxzQkFBc0IsQ0FBQztZQUNqQyxTQUFTLEVBQUUsQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFVLENBQUMsRUFBRSwrQkFBK0I7U0FDMUUsQ0FBQyxDQUNILENBQUM7UUFFRixNQUFNLHlCQUF5QixHQUFHLElBQUkscUJBQVEsQ0FBQyxJQUFJLEVBQUUsMkJBQTJCLEVBQUU7WUFDaEYsT0FBTyxFQUFFLG9CQUFPLENBQUMsV0FBVztZQUM1QixJQUFJLEVBQUUsaUJBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxTQUFTLEVBQUUsZUFBZSxDQUFDLENBQUM7WUFDOUQsT0FBTyxFQUFFLG9CQUFvQjtZQUM3QixPQUFPLEVBQUUsc0JBQVEsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1NBQzlCLENBQUMsQ0FBQztRQUVILHlCQUF5QixDQUFDLGVBQWUsQ0FDdkMsSUFBSSx5QkFBZSxDQUFDO1lBQ2xCLE9BQU8sRUFBRTtnQkFDUCwwQkFBMEI7Z0JBQzFCLGdDQUFnQztnQkFDaEMsbUJBQW1CO2dCQUNuQix5QkFBeUI7Z0JBQ3pCLHdCQUF3QjthQUN6QjtZQUNELFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQztTQUNqQixDQUFDLENBQ0gsQ0FBQztRQUVGLG1EQUFtRDtRQUNuRCxhQUFhLENBQUMsbUJBQW1CLENBQUMsc0JBQXNCLENBQUMsQ0FBQztRQUMxRCxhQUFhLENBQUMsbUJBQW1CLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUM3RCxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO1FBQ3pELElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFFNUQsb0NBQW9DO1FBQ3BDLE1BQU0sUUFBUSxHQUFHLElBQUksMkJBQVEsQ0FBQyxJQUFJLEVBQUUsd0JBQXdCLEVBQUU7WUFDNUQsY0FBYyxFQUFFLHNCQUFzQjtZQUN0QyxpQkFBaUIsRUFBRSx5QkFBeUI7WUFDNUMsYUFBYSxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztTQUNwQyxDQUFDLENBQUM7UUFFSCw2QkFBNkI7UUFDN0IsTUFBTSxvQkFBb0IsR0FBRyxJQUFJLDRCQUFjLENBQUMsSUFBSSxFQUFFLHNCQUFzQixFQUFFO1lBQzVFLFlBQVksRUFBRSxRQUFRLENBQUMsWUFBWTtZQUNuQyxVQUFVLEVBQUU7Z0JBQ1YsV0FBVyxFQUFFLGdCQUFnQixDQUFDLFdBQVc7Z0JBQ3pDLE9BQU8sRUFBRSxNQUFNLENBQUMsVUFBVSxFQUFFO2FBQzdCO1NBQ0YsQ0FBQyxDQUFDO1FBRUgsb0JBQW9CLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQzFELElBQUksQ0FBQyxjQUFjLEdBQUcsd0JBQWMsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDM0UsSUFBSSxDQUFDLGVBQWUsR0FBRyw0QkFBZSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7SUFDckUsQ0FBQzs7QUE3TUgsb0VBOE1DIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY3J5cHRvIGZyb20gJ2NyeXB0byc7XG5pbXBvcnQgKiBhcyBwYXRoIGZyb20gJ3BhdGgnO1xuaW1wb3J0IHsgQ3VzdG9tUmVzb3VyY2UsIER1cmF0aW9uIH0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0IHsgUHJvamVjdCwgU291cmNlLCBMaW51eEJ1aWxkSW1hZ2UsIEJ1aWxkU3BlYyB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1jb2RlYnVpbGQnO1xuaW1wb3J0IHsgSVZwYywgSVNlY3VyaXR5R3JvdXAsIFN1Ym5ldFNlbGVjdGlvbiB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1lYzInO1xuaW1wb3J0IHsgUmVwb3NpdG9yeSwgUmVwb3NpdG9yeUVuY3J5cHRpb24sIFRhZ1N0YXR1cyB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1lY3InO1xuaW1wb3J0IHsgQ29udGFpbmVySW1hZ2UgfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtZWNzJztcbmltcG9ydCB7IFBvbGljeVN0YXRlbWVudCB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1pYW0nO1xuaW1wb3J0IHsgS2V5IH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWttcyc7XG5pbXBvcnQgeyBSdW50aW1lLCBDb2RlLCBEb2NrZXJJbWFnZUNvZGUsIEZ1bmN0aW9uIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBBc3NldCB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1zMy1hc3NldHMnO1xuaW1wb3J0IHsgUHJvdmlkZXIgfSBmcm9tICdhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzJztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuXG4vKipcbiAqIFByb3BlcnRpZXMgZm9yIHRoZSBgVG9rZW5JbmplY3RhYmxlRG9ja2VyQnVpbGRlcmAgY29uc3RydWN0LlxuICovXG5leHBvcnQgaW50ZXJmYWNlIFRva2VuSW5qZWN0YWJsZURvY2tlckJ1aWxkZXJQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgcGF0aCB0byB0aGUgZGlyZWN0b3J5IGNvbnRhaW5pbmcgdGhlIERvY2tlcmZpbGUgb3Igc291cmNlIGNvZGUuXG4gICAqL1xuICByZWFkb25seSBwYXRoOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEJ1aWxkIGFyZ3VtZW50cyB0byBwYXNzIHRvIHRoZSBEb2NrZXIgYnVpbGQgcHJvY2Vzcy5cbiAgICogVGhlc2UgYXJlIHRyYW5zZm9ybWVkIGludG8gYC0tYnVpbGQtYXJnYCBmbGFncy5cbiAgICogQGV4YW1wbGVcbiAgICoge1xuICAgKiAgIFRPS0VOOiAnbXktc2VjcmV0LXRva2VuJyxcbiAgICogICBFTlY6ICdwcm9kdWN0aW9uJ1xuICAgKiB9XG4gICAqL1xuICByZWFkb25seSBidWlsZEFyZ3M/OiB7IFtrZXk6IHN0cmluZ106IHN0cmluZyB9O1xuXG4gIC8qKlxuICAgKiBUaGUgQVJOIG9mIHRoZSBBV1MgU2VjcmV0cyBNYW5hZ2VyIHNlY3JldCBjb250YWluaW5nIERvY2tlciBsb2dpbiBjcmVkZW50aWFscy5cbiAgICogVGhpcyBzZWNyZXQgc2hvdWxkIHN0b3JlIGEgSlNPTiBvYmplY3Qgd2l0aCB0aGUgZm9sbG93aW5nIHN0cnVjdHVyZTpcbiAgICogYGBganNvblxuICAgKiB7XG4gICAqICAgXCJ1c2VybmFtZVwiOiBcIm15LWRvY2tlci11c2VybmFtZVwiLFxuICAgKiAgIFwicGFzc3dvcmRcIjogXCJteS1kb2NrZXItcGFzc3dvcmRcIlxuICAgKiB9XG4gICAqIGBgYFxuICAgKiBJZiBub3QgcHJvdmlkZWQsIHRoZSBjb25zdHJ1Y3Qgd2lsbCBza2lwIERvY2tlciBsb2dpbiBkdXJpbmcgdGhlIGJ1aWxkIHByb2Nlc3MuXG4gICAqXG4gICAqIEBleGFtcGxlICdhcm46YXdzOnNlY3JldHNtYW5hZ2VyOnVzLWVhc3QtMToxMjM0NTY3ODkwMTI6c2VjcmV0OkRvY2tlckxvZ2luU2VjcmV0J1xuICAgKi9cbiAgcmVhZG9ubHkgZG9ja2VyTG9naW5TZWNyZXRBcm4/OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFRoZSBWUEMgaW4gd2hpY2ggdGhlIENvZGVCdWlsZCBwcm9qZWN0IHdpbGwgYmUgZGVwbG95ZWQuXG4gICAqIElmIHByb3ZpZGVkLCB0aGUgQ29kZUJ1aWxkIHByb2plY3Qgd2lsbCBiZSBsYXVuY2hlZCB3aXRoaW4gdGhlIHNwZWNpZmllZCBWUEMuXG4gICAqIEBkZWZhdWx0IE5vIFZQQyBpcyBhdHRhY2hlZCwgYW5kIHRoZSBDb2RlQnVpbGQgcHJvamVjdCB3aWxsIHVzZSBwdWJsaWMgaW50ZXJuZXQuXG4gICAqL1xuICByZWFkb25seSB2cGM/OiBJVnBjO1xuXG4gIC8qKlxuICAgKiBUaGUgc2VjdXJpdHkgZ3JvdXBzIHRvIGF0dGFjaCB0byB0aGUgQ29kZUJ1aWxkIHByb2plY3QuXG4gICAqIFRoZXNlIHNob3VsZCBkZWZpbmUgdGhlIG5ldHdvcmsgYWNjZXNzIHJ1bGVzIGZvciB0aGUgQ29kZUJ1aWxkIHByb2plY3QuXG4gICAqIEBkZWZhdWx0IE5vIHNlY3VyaXR5IGdyb3VwcyBhcmUgYXR0YWNoZWQuXG4gICAqL1xuICByZWFkb25seSBzZWN1cml0eUdyb3Vwcz86IElTZWN1cml0eUdyb3VwW107XG5cbiAgLyoqXG4gICAqIFRoZSBzdWJuZXQgc2VsZWN0aW9uIHRvIHNwZWNpZnkgd2hpY2ggc3VibmV0cyB0byB1c2Ugd2l0aGluIHRoZSBWUEMuXG4gICAqIEFsbG93cyB0aGUgdXNlciB0byBzZWxlY3QgcHJpdmF0ZSwgcHVibGljLCBvciBpc29sYXRlZCBzdWJuZXRzLlxuICAgKiBAZGVmYXVsdCBBbGwgc3VibmV0cyBpbiB0aGUgVlBDIGFyZSB1c2VkLlxuICAgKi9cbiAgcmVhZG9ubHkgc3VibmV0U2VsZWN0aW9uPzogU3VibmV0U2VsZWN0aW9uO1xuXG4gIC8qKlxuICAgKiBDdXN0b20gY29tbWFuZHMgdG8gcnVuIGR1cmluZyB0aGUgaW5zdGFsbCBwaGFzZS5cbiAgICpcbiAgICogKipFeGFtcGxlIFVzYWdlOioqXG4gICAqIGBgYHR5cGVzY3JpcHRcbiAgICogbmV3IFRva2VuSW5qZWN0YWJsZURvY2tlckJ1aWxkZXIodGhpcywgJ015RG9ja2VyQnVpbGRlcicsIHtcbiAgICogICBwYXRoOiBwYXRoLnJlc29sdmUoX19kaXJuYW1lLCAnLi4vYXBwJyksXG4gICAqICAgaW5zdGFsbENvbW1hbmRzOiBbXG4gICAqICAgICAnZWNobyBcIlVwZGF0aW5nIHBhY2thZ2UgbGlzdHMuLi5cIicsXG4gICAqICAgICAnYXB0LWdldCB1cGRhdGUgLXknLFxuICAgKiAgICAgJ2VjaG8gXCJJbnN0YWxsaW5nIHJlcXVpcmVkIHBhY2thZ2VzLi4uXCInLFxuICAgKiAgICAgJ2FwdC1nZXQgaW5zdGFsbCAteSBjdXJsIGRuc3V0aWxzJyxcbiAgICogICBdLFxuICAgKiAgIC8vIC4uLiBvdGhlciBwcm9wZXJ0aWVzIC4uLlxuICAgKiB9KTtcbiAgICogYGBgXG4gICAqICpUaGlzIGV4YW1wbGUgZGVtb25zdHJhdGVzIGhvdyB0byBpbnN0YWxsIHRoZSBgY3VybGAgYW5kIGBkbnN1dGlsc2AgcGFja2FnZXMgZHVyaW5nIHRoZSBpbnN0YWxsIHBoYXNlIHVzaW5nIGBhcHQtZ2V0YCwgdGhlIHBhY2thZ2UgbWFuYWdlciBmb3IgVWJ1bnR1LWJhc2VkIENvZGVCdWlsZCBlbnZpcm9ubWVudHMuKlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIE5vIGFkZGl0aW9uYWwgaW5zdGFsbCBjb21tYW5kcy5cbiAgICovXG4gIHJlYWRvbmx5IGluc3RhbGxDb21tYW5kcz86IHN0cmluZ1tdO1xuXG5cbiAgLyoqXG4gICAqIEN1c3RvbSBjb21tYW5kcyB0byBydW4gZHVyaW5nIHRoZSBwcmVfYnVpbGQgcGhhc2UuXG4gICAqXG4gICAqICoqRXhhbXBsZSBVc2FnZToqKlxuICAgKiBgYGB0eXBlc2NyaXB0XG4gICAqIG5ldyBUb2tlbkluamVjdGFibGVEb2NrZXJCdWlsZGVyKHRoaXMsICdNeURvY2tlckJ1aWxkZXInLCB7XG4gICAqICAgcGF0aDogcGF0aC5yZXNvbHZlKF9fZGlybmFtZSwgJy4uL2FwcCcpLFxuICAgKiAgIHByZUJ1aWxkQ29tbWFuZHM6IFtcbiAgICogICAgICdlY2hvIFwiRmV0Y2hpbmcgY29uZmlndXJhdGlvbiBmcm9tIHByaXZhdGUgQVBJLi4uXCInLFxuICAgKiAgICAgJ2N1cmwgLW8gY29uZmlnLmpzb24gaHR0cHM6Ly9hcGkuZXhhbXBsZS5jb20vY29uZmlnJyxcbiAgICogICBdLFxuICAgKiAgIC8vIC4uLiBvdGhlciBwcm9wZXJ0aWVzIC4uLlxuICAgKiB9KTtcbiAgICogYGBgXG4gICAqICpJbiB0aGlzIGV4YW1wbGUsIHRoZSBidWlsZGVyIGZldGNoZXMgYSBjb25maWd1cmF0aW9uIGZpbGUgZnJvbSBhIHByaXZhdGUgQVBJIGJlZm9yZSBzdGFydGluZyB0aGUgRG9ja2VyIGJ1aWxkLiBUaGlzIGNvbmZpZyBmaWxlIHdpbGwgYmUgYXZhaWxhYmxlIGluIHRoZSBzYW1lIGRpcmVjdG9yeSBhcyB5b3VyIERvY2tlcmZpbGUgZHVyaW5nIENESyBkZXBsb3ltZW50LipcbiAgICpcbiAgICogQGRlZmF1bHQgLSBObyBhZGRpdGlvbmFsIHByZS1idWlsZCBjb21tYW5kcy5cbiAgICovXG4gIHJlYWRvbmx5IHByZUJ1aWxkQ29tbWFuZHM/OiBzdHJpbmdbXTtcbn1cblxuLyoqXG4gKiBBIENESyBjb25zdHJ1Y3QgdG8gYnVpbGQgYW5kIHB1c2ggRG9ja2VyIGltYWdlcyB0byBhbiBFQ1IgcmVwb3NpdG9yeSB1c2luZyBDb2RlQnVpbGQgYW5kIExhbWJkYSBjdXN0b20gcmVzb3VyY2VzLlxuICovXG5leHBvcnQgY2xhc3MgVG9rZW5JbmplY3RhYmxlRG9ja2VyQnVpbGRlciBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHByaXZhdGUgcmVhZG9ubHkgZWNyUmVwb3NpdG9yeTogUmVwb3NpdG9yeTtcbiAgcHVibGljIHJlYWRvbmx5IGNvbnRhaW5lckltYWdlOiBDb250YWluZXJJbWFnZTtcbiAgcHVibGljIHJlYWRvbmx5IGRvY2tlckltYWdlQ29kZTogRG9ja2VySW1hZ2VDb2RlO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBUb2tlbkluamVjdGFibGVEb2NrZXJCdWlsZGVyUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3Qge1xuICAgICAgcGF0aDogc291cmNlUGF0aCxcbiAgICAgIGJ1aWxkQXJncyxcbiAgICAgIGRvY2tlckxvZ2luU2VjcmV0QXJuLFxuICAgICAgdnBjLFxuICAgICAgc2VjdXJpdHlHcm91cHMsXG4gICAgICBzdWJuZXRTZWxlY3Rpb24sXG4gICAgICBpbnN0YWxsQ29tbWFuZHMsXG4gICAgICBwcmVCdWlsZENvbW1hbmRzLFxuICAgIH0gPSBwcm9wcztcblxuICAgIC8vIERlZmluZSBhIEtNUyBrZXkgZm9yIEVDUiBlbmNyeXB0aW9uXG4gICAgY29uc3QgZW5jcnlwdGlvbktleSA9IG5ldyBLZXkodGhpcywgJ0VjckVuY3J5cHRpb25LZXknLCB7XG4gICAgICBlbmFibGVLZXlSb3RhdGlvbjogdHJ1ZSxcbiAgICB9KTtcblxuICAgIC8vIENyZWF0ZSBhbiBFQ1IgcmVwb3NpdG9yeSB3aXRoIGxpZmVjeWNsZSBydWxlcywgZW5jcnlwdGlvbiwgYW5kIGltYWdlIHNjYW5uaW5nIGVuYWJsZWRcbiAgICB0aGlzLmVjclJlcG9zaXRvcnkgPSBuZXcgUmVwb3NpdG9yeSh0aGlzLCAnRUNSUmVwb3NpdG9yeScsIHtcbiAgICAgIGxpZmVjeWNsZVJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlUHJpb3JpdHk6IDEsXG4gICAgICAgICAgZGVzY3JpcHRpb246ICdSZW1vdmUgdW50YWdnZWQgaW1hZ2VzIGFmdGVyIDEgZGF5JyxcbiAgICAgICAgICB0YWdTdGF0dXM6IFRhZ1N0YXR1cy5VTlRBR0dFRCxcbiAgICAgICAgICBtYXhJbWFnZUFnZTogRHVyYXRpb24uZGF5cygxKSxcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgICBlbmNyeXB0aW9uOiBSZXBvc2l0b3J5RW5jcnlwdGlvbi5LTVMsXG4gICAgICBlbmNyeXB0aW9uS2V5OiBlbmNyeXB0aW9uS2V5LFxuICAgICAgaW1hZ2VTY2FuT25QdXNoOiB0cnVlLFxuICAgIH0pO1xuXG4gICAgLy8gUGFja2FnZSB0aGUgc291cmNlIGNvZGUgYXMgYW4gYXNzZXRcbiAgICBjb25zdCBzb3VyY2VBc3NldCA9IG5ldyBBc3NldCh0aGlzLCAnU291cmNlQXNzZXQnLCB7XG4gICAgICBwYXRoOiBzb3VyY2VQYXRoLFxuICAgIH0pO1xuXG4gICAgLy8gVHJhbnNmb3JtIGJ1aWxkQXJncyBpbnRvIGEgc3RyaW5nIG9mIC0tYnVpbGQtYXJnIEtFWT1WQUxVRVxuICAgIGNvbnN0IGJ1aWxkQXJnc1N0cmluZyA9IGJ1aWxkQXJnc1xuICAgICAgPyBPYmplY3QuZW50cmllcyhidWlsZEFyZ3MpXG4gICAgICAgIC5tYXAoKFtrZXksIHZhbHVlXSkgPT4gYC0tYnVpbGQtYXJnICR7a2V5fT0ke3ZhbHVlfWApXG4gICAgICAgIC5qb2luKCcgJylcbiAgICAgIDogJyc7XG5cbiAgICAvLyBDb25kaXRpb25hbCBEb2NrZXJodWIgbG9naW4gY29tbWFuZHNcbiAgICBjb25zdCBkb2NrZXJMb2dpbkNvbW1hbmRzID0gZG9ja2VyTG9naW5TZWNyZXRBcm5cbiAgICAgID8gW1xuICAgICAgICAnZWNobyBcIlJldHJpZXZpbmcgRG9ja2VyIGNyZWRlbnRpYWxzIGZyb20gU2VjcmV0cyBNYW5hZ2VyLi4uXCInLFxuICAgICAgICBgRE9DS0VSX1VTRVJOQU1FPSQoYXdzIHNlY3JldHNtYW5hZ2VyIGdldC1zZWNyZXQtdmFsdWUgLS1zZWNyZXQtaWQgJHtkb2NrZXJMb2dpblNlY3JldEFybn0gLS1xdWVyeSBTZWNyZXRTdHJpbmcgLS1vdXRwdXQgdGV4dCB8IGpxIC1yIC51c2VybmFtZSlgLFxuICAgICAgICBgRE9DS0VSX1BBU1NXT1JEPSQoYXdzIHNlY3JldHNtYW5hZ2VyIGdldC1zZWNyZXQtdmFsdWUgLS1zZWNyZXQtaWQgJHtkb2NrZXJMb2dpblNlY3JldEFybn0gLS1xdWVyeSBTZWNyZXRTdHJpbmcgLS1vdXRwdXQgdGV4dCB8IGpxIC1yIC5wYXNzd29yZClgLFxuICAgICAgICAnZWNobyBcIkxvZ2dpbmcgaW4gdG8gRG9ja2VyLi4uXCInLFxuICAgICAgICAnZWNobyAkRE9DS0VSX1BBU1NXT1JEIHwgZG9ja2VyIGxvZ2luIC0tdXNlcm5hbWUgJERPQ0tFUl9VU0VSTkFNRSAtLXBhc3N3b3JkLXN0ZGluJyxcbiAgICAgIF1cbiAgICAgIDogWydlY2hvIFwiTm8gRG9ja2VyIGNyZWRlbnRpYWxzIHByb3ZpZGVkLiBTa2lwcGluZyBsb2dpbiBzdGVwLlwiJ107XG5cbiAgICAvLyBDcmVhdGUgYSBDb2RlQnVpbGQgcHJvamVjdFxuICAgIGNvbnN0IGNvZGVCdWlsZFByb2plY3QgPSBuZXcgUHJvamVjdCh0aGlzLCAnVUlDb2RlQnVpbGRQcm9qZWN0Jywge1xuICAgICAgc291cmNlOiBTb3VyY2UuczMoe1xuICAgICAgICBidWNrZXQ6IHNvdXJjZUFzc2V0LmJ1Y2tldCxcbiAgICAgICAgcGF0aDogc291cmNlQXNzZXQuczNPYmplY3RLZXksXG4gICAgICB9KSxcbiAgICAgIGVudmlyb25tZW50OiB7XG4gICAgICAgIGJ1aWxkSW1hZ2U6IExpbnV4QnVpbGRJbWFnZS5TVEFOREFSRF83XzAsXG4gICAgICAgIHByaXZpbGVnZWQ6IHRydWUsXG4gICAgICB9LFxuICAgICAgZW52aXJvbm1lbnRWYXJpYWJsZXM6IHtcbiAgICAgICAgRUNSX1JFUE9fVVJJOiB7IHZhbHVlOiB0aGlzLmVjclJlcG9zaXRvcnkucmVwb3NpdG9yeVVyaSB9LFxuICAgICAgICBCVUlMRF9BUkdTOiB7IHZhbHVlOiBidWlsZEFyZ3NTdHJpbmcgfSxcbiAgICAgICAgLy8gSW5jbHVkZSBidWlsZCBhcmd1bWVudHMgYXMgZW52aXJvbm1lbnQgdmFyaWFibGVzIGlmIG5lZWRlZFxuICAgICAgICAuLi4oYnVpbGRBcmdzICYmXG4gICAgICAgICAgT2JqZWN0LmZyb21FbnRyaWVzKFxuICAgICAgICAgICAgT2JqZWN0LmVudHJpZXMoYnVpbGRBcmdzKS5tYXAoKFtrZXksIHZhbHVlXSkgPT4gW2tleSwgeyB2YWx1ZSB9XSksXG4gICAgICAgICAgKSksXG4gICAgICB9LFxuICAgICAgdnBjLFxuICAgICAgc2VjdXJpdHlHcm91cHMsXG4gICAgICBzdWJuZXRTZWxlY3Rpb24sXG4gICAgICBidWlsZFNwZWM6IEJ1aWxkU3BlYy5mcm9tT2JqZWN0KHtcbiAgICAgICAgdmVyc2lvbjogJzAuMicsXG4gICAgICAgIHBoYXNlczoge1xuICAgICAgICAgIGluc3RhbGw6IHtcbiAgICAgICAgICAgIGNvbW1hbmRzOiBbXG4gICAgICAgICAgICAgICdlY2hvIFwiQmVnaW5uaW5nIGluc3RhbGwgcGhhc2UuLi5cIicsXG4gICAgICAgICAgICAgIC4uLihpbnN0YWxsQ29tbWFuZHMgfHwgW10pLFxuICAgICAgICAgICAgXSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHByZV9idWlsZDoge1xuICAgICAgICAgICAgY29tbWFuZHM6IFtcbiAgICAgICAgICAgICAgLi4uKHByZUJ1aWxkQ29tbWFuZHMgfHwgW10pLFxuICAgICAgICAgICAgICAuLi5kb2NrZXJMb2dpbkNvbW1hbmRzLFxuICAgICAgICAgICAgICAnZWNobyBcIlJldHJpZXZpbmcgQVdTIEFjY291bnQgSUQuLi5cIicsXG4gICAgICAgICAgICAgICdleHBvcnQgQUNDT1VOVF9JRD0kKGF3cyBzdHMgZ2V0LWNhbGxlci1pZGVudGl0eSAtLXF1ZXJ5IEFjY291bnQgLS1vdXRwdXQgdGV4dCknLFxuICAgICAgICAgICAgICAnZWNobyBcIkxvZ2dpbmcgaW4gdG8gQW1hem9uIEVDUi4uLlwiJyxcbiAgICAgICAgICAgICAgJ2F3cyBlY3IgZ2V0LWxvZ2luLXBhc3N3b3JkIC0tcmVnaW9uICRBV1NfREVGQVVMVF9SRUdJT04gfCBkb2NrZXIgbG9naW4gLS11c2VybmFtZSBBV1MgLS1wYXNzd29yZC1zdGRpbiAkQUNDT1VOVF9JRC5ka3IuZWNyLiRBV1NfREVGQVVMVF9SRUdJT04uYW1hem9uYXdzLmNvbScsXG4gICAgICAgICAgICBdLFxuICAgICAgICAgIH0sXG4gICAgICAgICAgYnVpbGQ6IHtcbiAgICAgICAgICAgIGNvbW1hbmRzOiBbXG4gICAgICAgICAgICAgICdlY2hvIEJ1aWxkIHBoYXNlOiBCdWlsZGluZyB0aGUgRG9ja2VyIGltYWdlLi4uJyxcbiAgICAgICAgICAgICAgJ2RvY2tlciBidWlsZCAkQlVJTERfQVJHUyAtdCAkRUNSX1JFUE9fVVJJOmxhdGVzdCAkQ09ERUJVSUxEX1NSQ19ESVInLFxuICAgICAgICAgICAgXSxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHBvc3RfYnVpbGQ6IHtcbiAgICAgICAgICAgIGNvbW1hbmRzOiBbXG4gICAgICAgICAgICAgICdlY2hvIFBvc3QtYnVpbGQgcGhhc2U6IFB1c2hpbmcgdGhlIERvY2tlciBpbWFnZS4uLicsXG4gICAgICAgICAgICAgICdkb2NrZXIgcHVzaCAkRUNSX1JFUE9fVVJJOmxhdGVzdCcsXG4gICAgICAgICAgICBdLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0sXG4gICAgICB9KSxcbiAgICB9KTtcblxuICAgIC8vIEdyYW50IHBlcm1pc3Npb25zIHRvIENvZGVCdWlsZFxuICAgIHRoaXMuZWNyUmVwb3NpdG9yeS5ncmFudFB1bGxQdXNoKGNvZGVCdWlsZFByb2plY3QpO1xuXG4gICAgY29kZUJ1aWxkUHJvamVjdC5yb2xlIS5hZGRUb1ByaW5jaXBhbFBvbGljeShcbiAgICAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICBhY3Rpb25zOiBbXG4gICAgICAgICAgJ2VjcjpHZXRBdXRob3JpemF0aW9uVG9rZW4nLFxuICAgICAgICAgICdlY3I6R2V0RG93bmxvYWRVcmxGb3JMYXllcicsXG4gICAgICAgICAgJ2VjcjpCYXRjaENoZWNrTGF5ZXJBdmFpbGFiaWxpdHknLFxuICAgICAgICBdLFxuICAgICAgICByZXNvdXJjZXM6IFt0aGlzLmVjclJlcG9zaXRvcnkucmVwb3NpdG9yeUFybl0sXG4gICAgICB9KSxcbiAgICApO1xuXG4gICAgaWYgKGRvY2tlckxvZ2luU2VjcmV0QXJuKSB7XG4gICAgICBjb2RlQnVpbGRQcm9qZWN0LnJvbGUhLmFkZFRvUHJpbmNpcGFsUG9saWN5KFxuICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbJ3NlY3JldHNtYW5hZ2VyOkdldFNlY3JldFZhbHVlJ10sXG4gICAgICAgICAgcmVzb3VyY2VzOiBbZG9ja2VyTG9naW5TZWNyZXRBcm5dLFxuICAgICAgICB9KSxcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gR3JhbnQgQ29kZUJ1aWxkIGFjY2VzcyB0byB0aGUgS01TIGtleVxuICAgIGVuY3J5cHRpb25LZXkuZ3JhbnRFbmNyeXB0RGVjcnlwdChjb2RlQnVpbGRQcm9qZWN0LnJvbGUhKTtcblxuICAgIC8vIENyZWF0ZSBMYW1iZGEgZnVuY3Rpb25zIGZvciBvbkV2ZW50IGFuZCBpc0NvbXBsZXRlIGhhbmRsZXJzXG4gICAgY29uc3Qgb25FdmVudEhhbmRsZXJGdW5jdGlvbiA9IG5ldyBGdW5jdGlvbih0aGlzLCAnT25FdmVudEhhbmRsZXJGdW5jdGlvbicsIHtcbiAgICAgIHJ1bnRpbWU6IFJ1bnRpbWUuTk9ERUpTXzE4X1gsXG4gICAgICBjb2RlOiBDb2RlLmZyb21Bc3NldChwYXRoLnJlc29sdmUoX19kaXJuYW1lLCAnLi4vb25FdmVudCcpKSxcbiAgICAgIGhhbmRsZXI6ICdvbkV2ZW50LmhhbmRsZXInLFxuICAgICAgdGltZW91dDogRHVyYXRpb24ubWludXRlcygxNSksXG4gICAgfSk7XG5cbiAgICBvbkV2ZW50SGFuZGxlckZ1bmN0aW9uLmFkZFRvUm9sZVBvbGljeShcbiAgICAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICBhY3Rpb25zOiBbJ2NvZGVidWlsZDpTdGFydEJ1aWxkJ10sXG4gICAgICAgIHJlc291cmNlczogW2NvZGVCdWlsZFByb2plY3QucHJvamVjdEFybl0sIC8vIFJlc3RyaWN0IHRvIHNwZWNpZmljIHByb2plY3RcbiAgICAgIH0pLFxuICAgICk7XG5cbiAgICBjb25zdCBpc0NvbXBsZXRlSGFuZGxlckZ1bmN0aW9uID0gbmV3IEZ1bmN0aW9uKHRoaXMsICdJc0NvbXBsZXRlSGFuZGxlckZ1bmN0aW9uJywge1xuICAgICAgcnVudGltZTogUnVudGltZS5OT0RFSlNfMThfWCxcbiAgICAgIGNvZGU6IENvZGUuZnJvbUFzc2V0KHBhdGgucmVzb2x2ZShfX2Rpcm5hbWUsICcuLi9pc0NvbXBsZXRlJykpLFxuICAgICAgaGFuZGxlcjogJ2lzQ29tcGxldGUuaGFuZGxlcicsXG4gICAgICB0aW1lb3V0OiBEdXJhdGlvbi5taW51dGVzKDE1KSxcbiAgICB9KTtcblxuICAgIGlzQ29tcGxldGVIYW5kbGVyRnVuY3Rpb24uYWRkVG9Sb2xlUG9saWN5KFxuICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIGFjdGlvbnM6IFtcbiAgICAgICAgICAnY29kZWJ1aWxkOkJhdGNoR2V0QnVpbGRzJyxcbiAgICAgICAgICAnY29kZWJ1aWxkOkxpc3RCdWlsZHNGb3JQcm9qZWN0JyxcbiAgICAgICAgICAnbG9nczpHZXRMb2dFdmVudHMnLFxuICAgICAgICAgICdsb2dzOkRlc2NyaWJlTG9nU3RyZWFtcycsXG4gICAgICAgICAgJ2xvZ3M6RGVzY3JpYmVMb2dHcm91cHMnLFxuICAgICAgICBdLFxuICAgICAgICByZXNvdXJjZXM6IFsnKiddLFxuICAgICAgfSksXG4gICAgKTtcblxuICAgIC8vIEdyYW50IExhbWJkYSBmdW5jdGlvbnMgYWNjZXNzIHRvIEtNUyBrZXkgYW5kIEVDUlxuICAgIGVuY3J5cHRpb25LZXkuZ3JhbnRFbmNyeXB0RGVjcnlwdChvbkV2ZW50SGFuZGxlckZ1bmN0aW9uKTtcbiAgICBlbmNyeXB0aW9uS2V5LmdyYW50RW5jcnlwdERlY3J5cHQoaXNDb21wbGV0ZUhhbmRsZXJGdW5jdGlvbik7XG4gICAgdGhpcy5lY3JSZXBvc2l0b3J5LmdyYW50UHVsbFB1c2gob25FdmVudEhhbmRsZXJGdW5jdGlvbik7XG4gICAgdGhpcy5lY3JSZXBvc2l0b3J5LmdyYW50UHVsbFB1c2goaXNDb21wbGV0ZUhhbmRsZXJGdW5jdGlvbik7XG5cbiAgICAvLyBDcmVhdGUgYSBjdXN0b20gcmVzb3VyY2UgcHJvdmlkZXJcbiAgICBjb25zdCBwcm92aWRlciA9IG5ldyBQcm92aWRlcih0aGlzLCAnQ3VzdG9tUmVzb3VyY2VQcm92aWRlcicsIHtcbiAgICAgIG9uRXZlbnRIYW5kbGVyOiBvbkV2ZW50SGFuZGxlckZ1bmN0aW9uLFxuICAgICAgaXNDb21wbGV0ZUhhbmRsZXI6IGlzQ29tcGxldGVIYW5kbGVyRnVuY3Rpb24sXG4gICAgICBxdWVyeUludGVydmFsOiBEdXJhdGlvbi5zZWNvbmRzKDMwKSxcbiAgICB9KTtcblxuICAgIC8vIERlZmluZSB0aGUgY3VzdG9tIHJlc291cmNlXG4gICAgY29uc3QgYnVpbGRUcmlnZ2VyUmVzb3VyY2UgPSBuZXcgQ3VzdG9tUmVzb3VyY2UodGhpcywgJ0J1aWxkVHJpZ2dlclJlc291cmNlJywge1xuICAgICAgc2VydmljZVRva2VuOiBwcm92aWRlci5zZXJ2aWNlVG9rZW4sXG4gICAgICBwcm9wZXJ0aWVzOiB7XG4gICAgICAgIFByb2plY3ROYW1lOiBjb2RlQnVpbGRQcm9qZWN0LnByb2plY3ROYW1lLFxuICAgICAgICBUcmlnZ2VyOiBjcnlwdG8ucmFuZG9tVVVJRCgpLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIGJ1aWxkVHJpZ2dlclJlc291cmNlLm5vZGUuYWRkRGVwZW5kZW5jeShjb2RlQnVpbGRQcm9qZWN0KTtcbiAgICB0aGlzLmNvbnRhaW5lckltYWdlID0gQ29udGFpbmVySW1hZ2UuZnJvbUVjclJlcG9zaXRvcnkodGhpcy5lY3JSZXBvc2l0b3J5KTtcbiAgICB0aGlzLmRvY2tlckltYWdlQ29kZSA9IERvY2tlckltYWdlQ29kZS5mcm9tRWNyKHRoaXMuZWNyUmVwb3NpdG9yeSk7XG4gIH1cbn1cbiJdfQ==
package/package.json CHANGED
@@ -56,7 +56,7 @@
56
56
  "jsii-docgen": "^10.5.0",
57
57
  "jsii-pacmak": "^1.105.0",
58
58
  "jsii-rosetta": "~5.5.0",
59
- "projen": "^0.90.5",
59
+ "projen": "^0.90.6",
60
60
  "ts-jest": "^29.2.5",
61
61
  "ts-node": "^10.9.2",
62
62
  "typescript": "^5.7.2"
@@ -96,7 +96,7 @@
96
96
  "publishConfig": {
97
97
  "access": "public"
98
98
  },
99
- "version": "1.2.2",
99
+ "version": "1.2.4",
100
100
  "jest": {
101
101
  "coverageProvider": "v8",
102
102
  "testMatch": [