policyToRule[name][rule] = struct{}{}
	}

	for _, parsed := range parsedListeners {
		for _, fc := range parsed.filterChains {
			for _, rbacHTTP := range fc.rbacHTTP {
				action := rbacHTTP.GetRules().GetAction()
				for name := range rbacHTTP.GetRules().GetPolicies() {
					nameOfPolicy, indexOfRule := extractName(name)
					addPolicy(action, nameOfPolicy, indexOfRule)
				}

				route.Name = fmt.Sprintf("route/%s", route.Name)
			}
			if filter.Verbose {
				for _, vhosts := range route.GetVirtualHosts() {
					for _, r := range vhosts.Routes {
						if !isPassthrough(r.GetAction()) {
							fmt.Fprintf(w, "%v\t%s\t%s\t%s\t%s\n",
								route.Name,
								vhosts.Name,
								describeRouteDomains(vhosts.GetDomains()),
								describeMatch(r.GetMatch()),

		return ""
	}
	if len(vh.GetRoutes()) != 1 {
		return ""
	}
	r := vh.GetRoutes()[0]
	if r.GetMatch().GetPrefix() != "/" {
		return ""
	}
	a, ok := r.GetAction().(*route.Route_Route)
	if !ok {
		return ""
	}
	cl, ok := a.Route.ClusterSpecifier.(*route.RouteAction_Cluster)
	if !ok {
		return ""
	}
	if strings.Contains(cl.Cluster, "Cluster") {

	"strings"
	"time"
)

const (
	// deadline (in seconds) up to which the go routine leak detection has to be retried.
	leakDetectDeadline = 5
	// pause time (in milliseconds) between each snapshot at the end of the go routine leak detection.
	leakDetectPauseTimeMs = 50
)

// LeakDetect - type with  methods for go routine leak detection.
type LeakDetect struct {
	relevantRoutines map[string]bool
}

	secrets   configTypeURL = "type.googleapis.com/envoy.admin.v3.SecretsConfigDump"
	ecds      configTypeURL = "type.googleapis.com/envoy.admin.v3.EcdsConfigDump"
)

// getSection takes a TypeURL and returns the types.Any from the config dump corresponding to that URL
func (w *Wrapper) getSection(sectionTypeURL configTypeURL) (*anypb.Any, error) {
	var dumpAny *anypb.Any
	for _, conf := range w.Configs {
		if conf.TypeUrl == string(sectionTypeURL) {

      }
    },

    /**
     * Disables cycle detection. This option causes the factory to return unmodified lock
     * implementations provided by the JDK, and is provided to allow applications to easily
     * parameterize when cycle detection is enabled.
     *
     * <p>Note that locks created by a factory with this policy will not participate the
     * cycle detection performed by locks created by other factories.
     */

      matrix:
        # Override automatic language detection by changing the below list
        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
        language: ['java', 'javascript']
        # Learn more...
        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection

    steps:
    - name: Checkout repository

)

// GetEndpointsConfigDump retrieves the listener config dump from the ConfigDump
func (w *Wrapper) GetEndpointsConfigDump() (*admin.EndpointsConfigDump, error) {
	endpointsDumpAny, err := w.getSection(endpoints)
	if err != nil {
		return nil, nil
	}
	endpointsDump := &admin.EndpointsConfigDump{}
	err = endpointsDumpAny.UnmarshalTo(endpointsDump)
	if err != nil {
		return nil, err
	}

)

// GetBootstrapConfigDump retrieves the bootstrap config dump from the ConfigDump
func (w *Wrapper) GetBootstrapConfigDump() (*admin.BootstrapConfigDump, error) {
	bootstrapDumpAny, err := w.getSection(bootstrap)
	if err != nil {
		return nil, err
	}
	bootstrapDump := &admin.BootstrapConfigDump{}
	err = bootstrapDumpAny.UnmarshalTo(bootstrapDump)
	if err != nil {
		return nil, err
	}

)

// GetSecretConfigDump retrieves a secret dump from a config dump wrapper
func (w *Wrapper) GetSecretConfigDump() (*admin.SecretsConfigDump, error) {
	secretDumpAny, err := w.getSection(secrets)
	if err != nil {
		return nil, err
	}
	secretDump := &admin.SecretsConfigDump{}
	err = secretDumpAny.UnmarshalTo(secretDump)
	if err != nil {
		return nil, err
	}
	return secretDump, nil
}