UNPKG

@aws-cdk/aws-codebuild/lib/untrusted-code-boundary-policy.js

Version:

9.39 kBJavaScriptView Raw

1"use strict";
2var _a;
3Object.defineProperty(exports, "__esModule", { value: true });
4exports.UntrustedCodeBoundaryPolicy = void 0;
5const jsiiDeprecationWarnings = require("../.warnings.jsii.js");
6const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
7const iam = require("@aws-cdk/aws-iam");
8/**
* Permissions Boundary for a CodeBuild Project running untrusted code
*
* This class is a Policy, intended to be used as a Permissions Boundary
* for a CodeBuild project. It allows most of the actions necessary to run
* the CodeBuild project, but disallows reading from Parameter Store
* and Secrets Manager.
*
* Use this when your CodeBuild project is running untrusted code (for
* example, if you are using one to automatically build Pull Requests
* that anyone can submit), and you want to prevent your future self
* from accidentally exposing Secrets to this build.
*
* (The reason you might want to do this is because otherwise anyone
* who can submit a Pull Request to your project can write a script
* to email those secrets to themselves).
*
* @example
*
* declare const project: codebuild.Project;
* iam.PermissionsBoundary.of(project).apply(new codebuild.UntrustedCodeBoundaryPolicy(this, 'Boundary'));
*/
30class UntrustedCodeBoundaryPolicy extends iam.ManagedPolicy {
  constructor(scope, id, props = {}) {
      super(scope, id, {
          managedPolicyName: props.managedPolicyName,
          description: 'Permissions Boundary Policy for CodeBuild Projects running untrusted code',
          statements: [
              new iam.PolicyStatement({
                  actions: [
                      // For logging
                      'logs:CreateLogGroup',
                      'logs:CreateLogStream',
                      'logs:PutLogEvents',
                      // For test reports
                      'codebuild:CreateReportGroup',
                      'codebuild:CreateReport',
                      'codebuild:UpdateReport',
                      'codebuild:BatchPutTestCases',
                      'codebuild:BatchPutCodeCoverages',
                      // For batch builds
                      'codebuild:StartBuild',
                      'codebuild:StopBuild',
                      'codebuild:RetryBuild',
                      // For pulling ECR images
                      'ecr:GetDownloadUrlForLayer',
                      'ecr:BatchGetImage',
                      'ecr:BatchCheckLayerAvailability',
                      // For running in a VPC
                      'ec2:CreateNetworkInterfacePermission',
                      'ec2:CreateNetworkInterface',
                      'ec2:DescribeNetworkInterfaces',
                      'ec2:DeleteNetworkInterface',
                      'ec2:DescribeSubnets',
                      'ec2:DescribeSecurityGroups',
                      'ec2:DescribeDhcpOptions',
                      'ec2:DescribeVpcs',
                  ],
                  resources: ['*'],
              }),
              ...props.additionalStatements ?? [],
          ],
      });
      try {
          jsiiDeprecationWarnings._aws_cdk_aws_codebuild_UntrustedCodeBoundaryPolicyProps(props);
      }
      catch (error) {
          if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {
              Error.captureStackTrace(error, UntrustedCodeBoundaryPolicy);
          }
          throw error;
      }
  }
81}
82exports.UntrustedCodeBoundaryPolicy = UntrustedCodeBoundaryPolicy;
83_a = JSII_RTTI_SYMBOL_1;
84UntrustedCodeBoundaryPolicy[_a] = { fqn: "@aws-cdk/aws-codebuild.UntrustedCodeBoundaryPolicy", version: "1.181.1" };
85//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidW50cnVzdGVkLWNvZGUtYm91bmRhcnktcG9saWN5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsidW50cnVzdGVkLWNvZGUtYm91bmRhcnktcG9saWN5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7OztBQUFBLHdDQUF3QztBQXNCeEM7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQXFCRztBQUNILE1BQWEsMkJBQTRCLFNBQVEsR0FBRyxDQUFDLGFBQWE7SUFDaEUsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxRQUEwQyxFQUFFO1FBQ3BGLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtZQUMxQyxXQUFXLEVBQUUsMkVBQTJFO1lBQ3hGLFVBQVUsRUFBRTtnQkFDVixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7b0JBQ3RCLE9BQU8sRUFBRTt3QkFDUCxjQUFjO3dCQUNkLHFCQUFxQjt3QkFDckIsc0JBQXNCO3dCQUN0QixtQkFBbUI7d0JBRW5CLG1CQUFtQjt3QkFDbkIsNkJBQTZCO3dCQUM3Qix3QkFBd0I7d0JBQ3hCLHdCQUF3Qjt3QkFDeEIsNkJBQTZCO3dCQUM3QixpQ0FBaUM7d0JBRWpDLG1CQUFtQjt3QkFDbkIsc0JBQXNCO3dCQUN0QixxQkFBcUI7d0JBQ3JCLHNCQUFzQjt3QkFFdEIseUJBQXlCO3dCQUN6Qiw0QkFBNEI7d0JBQzVCLG1CQUFtQjt3QkFDbkIsaUNBQWlDO3dCQUVqQyx1QkFBdUI7d0JBQ3ZCLHNDQUFzQzt3QkFDdEMsNEJBQTRCO3dCQUM1QiwrQkFBK0I7d0JBQy9CLDRCQUE0Qjt3QkFDNUIscUJBQXFCO3dCQUNyQiw0QkFBNEI7d0JBQzVCLHlCQUF5Qjt3QkFDekIsa0JBQWtCO3FCQUtuQjtvQkFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7aUJBQ2pCLENBQUM7Z0JBQ0YsR0FBRyxLQUFLLENBQUMsb0JBQW9CLElBQUksRUFBRTthQUNwQztTQUNGLENBQUMsQ0FBQzs7Ozs7OytDQWhETSwyQkFBMkI7Ozs7S0FpRHJDOztBQWpESCxrRUFrREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyBpYW0gZnJvbSAnQGF3cy1jZGsvYXdzLWlhbSc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcblxuLyoqXG4gKiBDb25zdHJ1Y3Rpb24gcHJvcGVydGllcyBmb3IgVW50cnVzdGVkQ29kZUJvdW5kYXJ5UG9saWN5XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgVW50cnVzdGVkQ29kZUJvdW5kYXJ5UG9saWN5UHJvcHMge1xuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIG1hbmFnZWQgcG9saWN5LlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIEEgbmFtZSBpcyBhdXRvbWF0aWNhbGx5IGdlbmVyYXRlZC5cbiAgICovXG4gIHJlYWRvbmx5IG1hbmFnZWRQb2xpY3lOYW1lPzogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBBZGRpdGlvbmFsIHN0YXRlbWVudHMgdG8gYWRkIHRvIHRoZSBkZWZhdWx0IHNldCBvZiBzdGF0ZW1lbnRzXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTm8gYWRkaXRpb25hbCBzdGF0ZW1lbnRzXG4gICAqL1xuICByZWFkb25seSBhZGRpdGlvbmFsU3RhdGVtZW50cz86IGlhbS5Qb2xpY3lTdGF0ZW1lbnRbXTtcbn1cblxuLyoqXG4gKiBQZXJtaXNzaW9ucyBCb3VuZGFyeSBmb3IgYSBDb2RlQnVpbGQgUHJvamVjdCBydW5uaW5nIHVudHJ1c3RlZCBjb2RlXG4gKlxuICogVGhpcyBjbGFzcyBpcyBhIFBvbGljeSwgaW50ZW5kZWQgdG8gYmUgdXNlZCBhcyBhIFBlcm1pc3Npb25zIEJvdW5kYXJ5XG4gKiBmb3IgYSBDb2RlQnVpbGQgcHJvamVjdC4gSXQgYWxsb3dzIG1vc3Qgb2YgdGhlIGFjdGlvbnMgbmVjZXNzYXJ5IHRvIHJ1blxuICogdGhlIENvZGVCdWlsZCBwcm9qZWN0LCBidXQgZGlzYWxsb3dzIHJlYWRpbmcgZnJvbSBQYXJhbWV0ZXIgU3RvcmVcbiAqIGFuZCBTZWNyZXRzIE1hbmFnZXIuXG4gKlxuICogVXNlIHRoaXMgd2hlbiB5b3VyIENvZGVCdWlsZCBwcm9qZWN0IGlzIHJ1bm5pbmcgdW50cnVzdGVkIGNvZGUgKGZvclxuICogZXhhbXBsZSwgaWYgeW91IGFyZSB1c2luZyBvbmUgdG8gYXV0b21hdGljYWxseSBidWlsZCBQdWxsIFJlcXVlc3RzXG4gKiB0aGF0IGFueW9uZSBjYW4gc3VibWl0KSwgYW5kIHlvdSB3YW50IHRvIHByZXZlbnQgeW91ciBmdXR1cmUgc2VsZlxuICogZnJvbSBhY2NpZGVudGFsbHkgZXhwb3NpbmcgU2VjcmV0cyB0byB0aGlzIGJ1aWxkLlxuICpcbiAqIChUaGUgcmVhc29uIHlvdSBtaWdodCB3YW50IHRvIGRvIHRoaXMgaXMgYmVjYXVzZSBvdGhlcndpc2UgYW55b25lXG4gKiB3aG8gY2FuIHN1Ym1pdCBhIFB1bGwgUmVxdWVzdCB0byB5b3VyIHByb2plY3QgY2FuIHdyaXRlIGEgc2NyaXB0XG4gKiB0byBlbWFpbCB0aG9zZSBzZWNyZXRzIHRvIHRoZW1zZWx2ZXMpLlxuICpcbiAqIEBleGFtcGxlXG4gKlxuICogZGVjbGFyZSBjb25zdCBwcm9qZWN0OiBjb2RlYnVpbGQuUHJvamVjdDtcbiAqIGlhbS5QZXJtaXNzaW9uc0JvdW5kYXJ5Lm9mKHByb2plY3QpLmFwcGx5KG5ldyBjb2RlYnVpbGQuVW50cnVzdGVkQ29kZUJvdW5kYXJ5UG9saWN5KHRoaXMsICdCb3VuZGFyeScpKTtcbiAqL1xuZXhwb3J0IGNsYXNzIFVudHJ1c3RlZENvZGVCb3VuZGFyeVBvbGljeSBleHRlbmRzIGlhbS5NYW5hZ2VkUG9saWN5IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFVudHJ1c3RlZENvZGVCb3VuZGFyeVBvbGljeVByb3BzID0ge30pIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIG1hbmFnZWRQb2xpY3lOYW1lOiBwcm9wcy5tYW5hZ2VkUG9saWN5TmFtZSxcbiAgICAgIGRlc2NyaXB0aW9uOiAnUGVybWlzc2lvbnMgQm91bmRhcnkgUG9saWN5IGZvciBDb2RlQnVpbGQgUHJvamVjdHMgcnVubmluZyB1bnRydXN0ZWQgY29kZScsXG4gICAgICBzdGF0ZW1lbnRzOiBbXG4gICAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXG4gICAgICAgICAgICAvLyBGb3IgbG9nZ2luZ1xuICAgICAgICAgICAgJ2xvZ3M6Q3JlYXRlTG9nR3JvdXAnLFxuICAgICAgICAgICAgJ2xvZ3M6Q3JlYXRlTG9nU3RyZWFtJyxcbiAgICAgICAgICAgICdsb2dzOlB1dExvZ0V2ZW50cycsXG5cbiAgICAgICAgICAgIC8vIEZvciB0ZXN0IHJlcG9ydHNcbiAgICAgICAgICAgICdjb2RlYnVpbGQ6Q3JlYXRlUmVwb3J0R3JvdXAnLFxuICAgICAgICAgICAgJ2NvZGVidWlsZDpDcmVhdGVSZXBvcnQnLFxuICAgICAgICAgICAgJ2NvZGVidWlsZDpVcGRhdGVSZXBvcnQnLFxuICAgICAgICAgICAgJ2NvZGVidWlsZDpCYXRjaFB1dFRlc3RDYXNlcycsXG4gICAgICAgICAgICAnY29kZWJ1aWxkOkJhdGNoUHV0Q29kZUNvdmVyYWdlcycsXG5cbiAgICAgICAgICAgIC8vIEZvciBiYXRjaCBidWlsZHNcbiAgICAgICAgICAgICdjb2RlYnVpbGQ6U3RhcnRCdWlsZCcsXG4gICAgICAgICAgICAnY29kZWJ1aWxkOlN0b3BCdWlsZCcsXG4gICAgICAgICAgICAnY29kZWJ1aWxkOlJldHJ5QnVpbGQnLFxuXG4gICAgICAgICAgICAvLyBGb3IgcHVsbGluZyBFQ1IgaW1hZ2VzXG4gICAgICAgICAgICAnZWNyOkdldERvd25sb2FkVXJsRm9yTGF5ZXInLFxuICAgICAgICAgICAgJ2VjcjpCYXRjaEdldEltYWdlJyxcbiAgICAgICAgICAgICdlY3I6QmF0Y2hDaGVja0xheWVyQXZhaWxhYmlsaXR5JyxcblxuICAgICAgICAgICAgLy8gRm9yIHJ1bm5pbmcgaW4gYSBWUENcbiAgICAgICAgICAgICdlYzI6Q3JlYXRlTmV0d29ya0ludGVyZmFjZVBlcm1pc3Npb24nLFxuICAgICAgICAgICAgJ2VjMjpDcmVhdGVOZXR3b3JrSW50ZXJmYWNlJyxcbiAgICAgICAgICAgICdlYzI6RGVzY3JpYmVOZXR3b3JrSW50ZXJmYWNlcycsXG4gICAgICAgICAgICAnZWMyOkRlbGV0ZU5ldHdvcmtJbnRlcmZhY2UnLFxuICAgICAgICAgICAgJ2VjMjpEZXNjcmliZVN1Ym5ldHMnLFxuICAgICAgICAgICAgJ2VjMjpEZXNjcmliZVNlY3VyaXR5R3JvdXBzJyxcbiAgICAgICAgICAgICdlYzI6RGVzY3JpYmVEaGNwT3B0aW9ucycsXG4gICAgICAgICAgICAnZWMyOkRlc2NyaWJlVnBjcycsXG5cbiAgICAgICAgICAgIC8vIE5PVEFCTFkgTUlTU0lORzpcbiAgICAgICAgICAgIC8vIC0gUmVhZGluZyBzZWNyZXRzXG4gICAgICAgICAgICAvLyAtIFJlYWRpbmcgcGFyYW1ldGVyc3RvcmVcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogWycqJ10sXG4gICAgICAgIH0pLFxuICAgICAgICAuLi5wcm9wcy5hZGRpdGlvbmFsU3RhdGVtZW50cyA/PyBbXSxcbiAgICAgIF0sXG4gICAgfSk7XG4gIH1cbn0iXX0=
\No newline at end of file

1	`"use strict";`
2	`var _a;`
3	`Object.defineProperty(exports, "__esModule", { value: true });`
4	`exports.UntrustedCodeBoundaryPolicy = void 0;`
5	`const jsiiDeprecationWarnings = require("../.warnings.jsii.js");`
6	`const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");`
7	`const iam = require("@aws-cdk/aws-iam");`
8	`/**`
9	`* Permissions Boundary for a CodeBuild Project running untrusted code`
10	`*`
11	`* This class is a Policy, intended to be used as a Permissions Boundary`
12	`* for a CodeBuild project. It allows most of the actions necessary to run`
13	`* the CodeBuild project, but disallows reading from Parameter Store`
14	`* and Secrets Manager.`
15	`*`
16	`* Use this when your CodeBuild project is running untrusted code (for`
17	`* example, if you are using one to automatically build Pull Requests`
18	`* that anyone can submit), and you want to prevent your future self`
19	`* from accidentally exposing Secrets to this build.`
20	`*`
21	`* (The reason you might want to do this is because otherwise anyone`
22	`* who can submit a Pull Request to your project can write a script`
23	`* to email those secrets to themselves).`
24	`*`
25	`* @example`
26	`*`
27	`* declare const project: codebuild.Project;`
28	`* iam.PermissionsBoundary.of(project).apply(new codebuild.UntrustedCodeBoundaryPolicy(this, 'Boundary'));`
29	`*/`
30	`class UntrustedCodeBoundaryPolicy extends iam.ManagedPolicy {`
31	`constructor(scope, id, props = {}) {`
32	`super(scope, id, {`
33	`managedPolicyName: props.managedPolicyName,`
34	`description: 'Permissions Boundary Policy for CodeBuild Projects running untrusted code',`
35	`statements: [`
36	`new iam.PolicyStatement({`
37	`actions: [`
38	`// For logging`
39	`'logs:CreateLogGroup',`
40	`'logs:CreateLogStream',`
41	`'logs:PutLogEvents',`
42	`// For test reports`
43	`'codebuild:CreateReportGroup',`
44	`'codebuild:CreateReport',`
45	`'codebuild:UpdateReport',`
46	`'codebuild:BatchPutTestCases',`
47	`'codebuild:BatchPutCodeCoverages',`
48	`// For batch builds`
49	`'codebuild:StartBuild',`
50	`'codebuild:StopBuild',`
51	`'codebuild:RetryBuild',`
52	`// For pulling ECR images`
53	`'ecr:GetDownloadUrlForLayer',`
54	`'ecr:BatchGetImage',`
55	`'ecr:BatchCheckLayerAvailability',`
56	`// For running in a VPC`
57	`'ec2:CreateNetworkInterfacePermission',`
58	`'ec2:CreateNetworkInterface',`
59	`'ec2:DescribeNetworkInterfaces',`
60	`'ec2:DeleteNetworkInterface',`
61	`'ec2:DescribeSubnets',`
62	`'ec2:DescribeSecurityGroups',`
63	`'ec2:DescribeDhcpOptions',`
64	`'ec2:DescribeVpcs',`
65	`],`
66	`resources: ['*'],`
67	`}),`
68	`...props.additionalStatements ?? [],`
69	`],`
70	`});`
71	`try {`
72	`jsiiDeprecationWarnings._aws_cdk_aws_codebuild_UntrustedCodeBoundaryPolicyProps(props);`
73	`}`
74	`catch (error) {`
75	`if (process.env.JSII_DEBUG !== "1" && error.name === "DeprecationError") {`
76	`Error.captureStackTrace(error, UntrustedCodeBoundaryPolicy);`
77	`}`
78	`throw error;`
79	`}`
80	`}`
81	`}`
82	`exports.UntrustedCodeBoundaryPolicy = UntrustedCodeBoundaryPolicy;`
83	`_a = JSII_RTTI_SYMBOL_1;`
84	`UntrustedCodeBoundaryPolicy[_a] = { fqn: "@aws-cdk/aws-codebuild.UntrustedCodeBoundaryPolicy", version: "1.181.1" };`
85	//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidW50cnVzdGVkLWNvZGUtYm91bmRhcnktcG9saWN5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsidW50cnVzdGVkLWNvZGUtYm91bmRhcnktcG9saWN5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7OztBQUFBLHdDQUF3QztBQXNCeEM7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQXFCRztBQUNILE1BQWEsMkJBQTRCLFNBQVEsR0FBRyxDQUFDLGFBQWE7SUFDaEUsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxRQUEwQyxFQUFFO1FBQ3BGLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtZQUMxQyxXQUFXLEVBQUUsMkVBQTJFO1lBQ3hGLFVBQVUsRUFBRTtnQkFDVixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7b0JBQ3RCLE9BQU8sRUFBRTt3QkFDUCxjQUFjO3dCQUNkLHFCQUFxQjt3QkFDckIsc0JBQXNCO3dCQUN0QixtQkFBbUI7d0JBRW5CLG1CQUFtQjt3QkFDbkIsNkJBQTZCO3dCQUM3Qix3QkFBd0I7d0JBQ3hCLHdCQUF3Qjt3QkFDeEIsNkJBQTZCO3dCQUM3QixpQ0FBaUM7d0JBRWpDLG1CQUFtQjt3QkFDbkIsc0JBQXNCO3dCQUN0QixxQkFBcUI7d0JBQ3JCLHNCQUFzQjt3QkFFdEIseUJBQXlCO3dCQUN6Qiw0QkFBNEI7d0JBQzVCLG1CQUFtQjt3QkFDbkIsaUNBQWlDO3dCQUVqQyx1QkFBdUI7d0JBQ3ZCLHNDQUFzQzt3QkFDdEMsNEJBQTRCO3dCQUM1QiwrQkFBK0I7d0JBQy9CLDRCQUE0Qjt3QkFDNUIscUJBQXFCO3dCQUNyQiw0QkFBNEI7d0JBQzVCLHlCQUF5Qjt3QkFDekIsa0JBQWtCO3FCQUtuQjtvQkFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7aUJBQ2pCLENBQUM7Z0JBQ0YsR0FBRyxLQUFLLENBQUMsb0JBQW9CLElBQUksRUFBRTthQUNwQztTQUNGLENBQUMsQ0FBQzs7Ozs7OytDQWhETSwyQkFBMkI7Ozs7S0FpRHJDOztBQWpESCxrRUFrREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyBpYW0gZnJvbSAnQGF3cy1jZGsvYXdzLWlhbSc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcblxuLyoqXG4gKiBDb25zdHJ1Y3Rpb24gcHJvcGVydGllcyBmb3IgVW50cnVzdGVkQ29kZUJvdW5kYXJ5UG9saWN5XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgVW50cnVzdGVkQ29kZUJvdW5kYXJ5UG9saWN5UHJvcHMge1xuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIG1hbmFnZWQgcG9saWN5LlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIEEgbmFtZSBpcyBhdXRvbWF0aWNhbGx5IGdlbmVyYXRlZC5cbiAgICovXG4gIHJlYWRvbmx5IG1hbmFnZWRQb2xpY3lOYW1lPzogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBBZGRpdGlvbmFsIHN0YXRlbWVudHMgdG8gYWRkIHRvIHRoZSBkZWZhdWx0IHNldCBvZiBzdGF0ZW1lbnRzXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTm8gYWRkaXRpb25hbCBzdGF0ZW1lbnRzXG4gICAqL1xuICByZWFkb25seSBhZGRpdGlvbmFsU3RhdGVtZW50cz86IGlhbS5Qb2xpY3lTdGF0ZW1lbnRbXTtcbn1cblxuLyoqXG4gKiBQZXJtaXNzaW9ucyBCb3VuZGFyeSBmb3IgYSBDb2RlQnVpbGQgUHJvamVjdCBydW5uaW5nIHVudHJ1c3RlZCBjb2RlXG4gKlxuICogVGhpcyBjbGFzcyBpcyBhIFBvbGljeSwgaW50ZW5kZWQgdG8gYmUgdXNlZCBhcyBhIFBlcm1pc3Npb25zIEJvdW5kYXJ5XG4gKiBmb3IgYSBDb2RlQnVpbGQgcHJvamVjdC4gSXQgYWxsb3dzIG1vc3Qgb2YgdGhlIGFjdGlvbnMgbmVjZXNzYXJ5IHRvIHJ1blxuICogdGhlIENvZGVCdWlsZCBwcm9qZWN0LCBidXQgZGlzYWxsb3dzIHJlYWRpbmcgZnJvbSBQYXJhbWV0ZXIgU3RvcmVcbiAqIGFuZCBTZWNyZXRzIE1hbmFnZXIuXG4gKlxuICogVXNlIHRoaXMgd2hlbiB5b3VyIENvZGVCdWlsZCBwcm9qZWN0IGlzIHJ1bm5pbmcgdW50cnVzdGVkIGNvZGUgKGZvclxuICogZXhhbXBsZSwgaWYgeW91IGFyZSB1c2luZyBvbmUgdG8gYXV0b21hdGljYWxseSBidWlsZCBQdWxsIFJlcXVlc3RzXG4gKiB0aGF0IGFueW9uZSBjYW4gc3VibWl0KSwgYW5kIHlvdSB3YW50IHRvIHByZXZlbnQgeW91ciBmdXR1cmUgc2VsZlxuICogZnJvbSBhY2NpZGVudGFsbHkgZXhwb3NpbmcgU2VjcmV0cyB0byB0aGlzIGJ1aWxkLlxuICpcbiAqIChUaGUgcmVhc29uIHlvdSBtaWdodCB3YW50IHRvIGRvIHRoaXMgaXMgYmVjYXVzZSBvdGhlcndpc2UgYW55b25lXG4gKiB3aG8gY2FuIHN1Ym1pdCBhIFB1bGwgUmVxdWVzdCB0byB5b3VyIHByb2plY3QgY2FuIHdyaXRlIGEgc2NyaXB0XG4gKiB0byBlbWFpbCB0aG9zZSBzZWNyZXRzIHRvIHRoZW1zZWx2ZXMpLlxuICpcbiAqIEBleGFtcGxlXG4gKlxuICogZGVjbGFyZSBjb25zdCBwcm9qZWN0OiBjb2RlYnVpbGQuUHJvamVjdDtcbiAqIGlhbS5QZXJtaXNzaW9uc0JvdW5kYXJ5Lm9mKHByb2plY3QpLmFwcGx5KG5ldyBjb2RlYnVpbGQuVW50cnVzdGVkQ29kZUJvdW5kYXJ5UG9saWN5KHRoaXMsICdCb3VuZGFyeScpKTtcbiAqL1xuZXhwb3J0IGNsYXNzIFVudHJ1c3RlZENvZGVCb3VuZGFyeVBvbGljeSBleHRlbmRzIGlhbS5NYW5hZ2VkUG9saWN5IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFVudHJ1c3RlZENvZGVCb3VuZGFyeVBvbGljeVByb3BzID0ge30pIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIG1hbmFnZWRQb2xpY3lOYW1lOiBwcm9wcy5tYW5hZ2VkUG9saWN5TmFtZSxcbiAgICAgIGRlc2NyaXB0aW9uOiAnUGVybWlzc2lvbnMgQm91bmRhcnkgUG9saWN5IGZvciBDb2RlQnVpbGQgUHJvamVjdHMgcnVubmluZyB1bnRydXN0ZWQgY29kZScsXG4gICAgICBzdGF0ZW1lbnRzOiBbXG4gICAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXG4gICAgICAgICAgICAvLyBGb3IgbG9nZ2luZ1xuICAgICAgICAgICAgJ2xvZ3M6Q3JlYXRlTG9nR3JvdXAnLFxuICAgICAgICAgICAgJ2xvZ3M6Q3JlYXRlTG9nU3RyZWFtJyxcbiAgICAgICAgICAgICdsb2dzOlB1dExvZ0V2ZW50cycsXG5cbiAgICAgICAgICAgIC8vIEZvciB0ZXN0IHJlcG9ydHNcbiAgICAgICAgICAgICdjb2RlYnVpbGQ6Q3JlYXRlUmVwb3J0R3JvdXAnLFxuICAgICAgICAgICAgJ2NvZGVidWlsZDpDcmVhdGVSZXBvcnQnLFxuICAgICAgICAgICAgJ2NvZGVidWlsZDpVcGRhdGVSZXBvcnQnLFxuICAgICAgICAgICAgJ2NvZGVidWlsZDpCYXRjaFB1dFRlc3RDYXNlcycsXG4gICAgICAgICAgICAnY29kZWJ1aWxkOkJhdGNoUHV0Q29kZUNvdmVyYWdlcycsXG5cbiAgICAgICAgICAgIC8vIEZvciBiYXRjaCBidWlsZHNcbiAgICAgICAgICAgICdjb2RlYnVpbGQ6U3RhcnRCdWlsZCcsXG4gICAgICAgICAgICAnY29kZWJ1aWxkOlN0b3BCdWlsZCcsXG4gICAgICAgICAgICAnY29kZWJ1aWxkOlJldHJ5QnVpbGQnLFxuXG4gICAgICAgICAgICAvLyBGb3IgcHVsbGluZyBFQ1IgaW1hZ2VzXG4gICAgICAgICAgICAnZWNyOkdldERvd25sb2FkVXJsRm9yTGF5ZXInLFxuICAgICAgICAgICAgJ2VjcjpCYXRjaEdldEltYWdlJyxcbiAgICAgICAgICAgICdlY3I6QmF0Y2hDaGVja0xheWVyQXZhaWxhYmlsaXR5JyxcblxuICAgICAgICAgICAgLy8gRm9yIHJ1bm5pbmcgaW4gYSBWUENcbiAgICAgICAgICAgICdlYzI6Q3JlYXRlTmV0d29ya0ludGVyZmFjZVBlcm1pc3Npb24nLFxuICAgICAgICAgICAgJ2VjMjpDcmVhdGVOZXR3b3JrSW50ZXJmYWNlJyxcbiAgICAgICAgICAgICdlYzI6RGVzY3JpYmVOZXR3b3JrSW50ZXJmYWNlcycsXG4gICAgICAgICAgICAnZWMyOkRlbGV0ZU5ldHdvcmtJbnRlcmZhY2UnLFxuICAgICAgICAgICAgJ2VjMjpEZXNjcmliZVN1Ym5ldHMnLFxuICAgICAgICAgICAgJ2VjMjpEZXNjcmliZVNlY3VyaXR5R3JvdXBzJyxcbiAgICAgICAgICAgICdlYzI6RGVzY3JpYmVEaGNwT3B0aW9ucycsXG4gICAgICAgICAgICAnZWMyOkRlc2NyaWJlVnBjcycsXG5cbiAgICAgICAgICAgIC8vIE5PVEFCTFkgTUlTU0lORzpcbiAgICAgICAgICAgIC8vIC0gUmVhZGluZyBzZWNyZXRzXG4gICAgICAgICAgICAvLyAtIFJlYWRpbmcgcGFyYW1ldGVyc3RvcmVcbiAgICAgICAgICBdLFxuICAgICAgICAgIHJlc291cmNlczogWycqJ10sXG4gICAgICAgIH0pLFxuICAgICAgICAuLi5wcm9wcy5hZGRpdGlvbmFsU3RhdGVtZW50cyA/PyBbXSxcbiAgICAgIF0sXG4gICAgfSk7XG4gIH1cbn0iXX0=
\	No newline at end of file