async getDomainValidationOptions()

in components/base/packages/custom-domains-cfn-resource/lib/dns-validation.js [139:184]

• 31 lines of code
• 10 McCabe index (conditional complexity)

  async getDomainValidationOptions({ DomainName, CertificateArn }, acm) {
    let isKnownToBeRelevant = false;

    // this is a polling affair...
    for (let idx = 0; idx < 30; ++idx) {
      // 30 x 2 seconds: try for 1 minute
      await sleep(2000);
      // call describeCertificate until domainValidationOptions[{obj}] show up and all obj have resourceRecord obj populated
      const result = await acm.describeCertificate({ CertificateArn }).promise();
      logDebug(`getDomainValidationOptions: idx-${idx}: describeCertificate:  result: ${JSON.stringify(result)}`);
      const { Certificate: certificate } = result;
      const { DomainValidationOptions: domainValidationOptions } = certificate;

      // check that given domain name is even relevant to this certificate!
      if (!isKnownToBeRelevant) {
        const san = certificate.SubjectAlternativeNames || [];
        if (!san.includes(DomainName)) {
          fnFail(
            `Certificate with ARN '${CertificateArn}' is not applicable for domain '${DomainName}'; applies to '${JSON.stringify(
              san,
            )}'`,
          );
        }
        logDebug('cert is applicable for domain');
        isKnownToBeRelevant = true;
      }

      if (domainValidationOptions === undefined) continue; // try again
      if (!Array.isArray(domainValidationOptions))
        fnFail(`got domainValidationOptions that is not array: ${JSON.stringify(domainValidationOptions)}`);

      const givenDomainValidationOptions = domainValidationOptions.find(element => element.DomainName === DomainName);
      if (givenDomainValidationOptions === undefined) continue; // try again

      // check that givenDomainValidationOptions have ResourceRecord already
      if (givenDomainValidationOptions.ResourceRecord === undefined) continue; // try again

      // happy case!!!!
      return givenDomainValidationOptions;
    }
    // if gotten here fail
    fnFail('timeout in getting domain validation options');
    // above fnFail throws, so this code is never reached
    // put in here to pacify lint
    return undefined;
  }