diff --git a/Openshift4/helm/openshift-pipelines/charts/pipelines/templates/pipelines-statefulset.yaml b/Openshift4/helm/openshift-pipelines/charts/pipelines/templates/pipelines-statefulset.yaml index baca7f2..111865a 100644 --- a/Openshift4/helm/openshift-pipelines/charts/pipelines/templates/pipelines-statefulset.yaml +++ b/Openshift4/helm/openshift-pipelines/charts/pipelines/templates/pipelines-statefulset.yaml @@ -348,6 +348,9 @@ spec: image: "{{ .Values.imageRegistry }}/{{ .Values.pipelines.nexec.image.repository }}:{{ default .Chart.AppVersion .Values.pipelines.version }}" imagePullPolicy: {{ .Values.pipelines.nexec.image.pullPolicy }} workingDir: /opt/jfrog/pipelines/app/micro/nexec + securityContext: + allowPrivilegeEscalation: false + runAsUser: 0 env: - name: COMPONENT value: nexec diff --git a/Openshift4/helm/openshift-pipelines/helminstall.sh b/Openshift4/helm/openshift-pipelines/helminstall.sh index eac7c3d..f1ee010 100755 --- a/Openshift4/helm/openshift-pipelines/helminstall.sh +++ b/Openshift4/helm/openshift-pipelines/helminstall.sh @@ -12,26 +12,24 @@ then JOIN_KEY=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE fi -JOIN_KEY=93f1e5d2e8863b3ec14f5cdf136c7896 - helm upgrade --install pipelines . \ - --set pipelines.pipelines.jfrogUrl=http://openshiftartifactoryha-nginx \ - --set pipelines.pipelines.jfrogUrlUI=http://openshiftartifactoryha-nginx \ + --set pipelines.pipelines.jfrogUrl=http://openshiftartifactoryha-artifactory-ha-primary:8082 \ + --set pipelines.pipelines.jfrogUrlUI=https://johnp.jfrog.tech \ --set pipelines.pipelines.masterKey=$MASTER_KEY \ --set pipelines.pipelines.joinKey=$JOIN_KEY \ - --set pipelines.pipelines.accessControlAllowOrigins_0=http://openshiftartifactoryha-nginx \ - --set pipelines.pipelines.accessControlAllowOrigins_1=http://openshiftartifactoryha-nginx \ + --set pipelines.pipelines.accessControlAllowOrigins_0=https://johnp.jfrog.tech \ + --set pipelines.pipelines.accessControlAllowOrigins_1=https://johnp.jfrog.tech \ --set pipelines.pipelines.msg.uiUser=monitor \ --set pipelines.pipelines.msg.uiUserPassword=monitor \ --set pipelines.postgresql.enabled=false \ --set pipelines.global.postgresql.host=postgres-postgresql \ --set pipelines.global.postgresql.port=5432 \ - --set pipelines.global.postgresql.database=pipelinesdb \ + --set pipelines.global.postgresql.database=pipelinedb \ --set pipelines.global.postgresql.user=artifactory \ --set pipelines.global.postgresql.password=password \ --set pipelines.global.postgresql.ssl=false \ --set pipelines.rabbitmq.rabbitmq.username=user \ --set pipelines.rabbitmq.rabbitmq.password=bitnami \ - --set pipelines.rabbitmq.externalUrl=amqps://pipelines-rabbit.jfrog.tech \ - --set pipelines.pipelines.api.externalUrl=http://pipelines-api.jfrog.tech \ - --set pipelines.pipelines.www.externalUrl=http://pipelines-www.jfrog.tech + --set pipelines.rabbitmq.externalUrl=amqp://pipelines-rabbit.jfrog.tech \ + --set pipelines.pipelines.api.externalUrl=http://pipelines-api.jfrog.tech:30000 \ + --set pipelines.pipelines.www.externalUrl=http://pipelines-www.jfrog.tech:30001 diff --git a/Openshift4/helm/openshift-pipelines/values.yaml b/Openshift4/helm/openshift-pipelines/values.yaml index 62ebbe5..afeb2b5 100644 --- a/Openshift4/helm/openshift-pipelines/values.yaml +++ b/Openshift4/helm/openshift-pipelines/values.yaml @@ -122,7 +122,7 @@ pipelines: service: ## Supported service types: ClusterIP, NodePort and LoadBalancer - type: ClusterIP + type: LoadBalancer port: 30000 annotations: @@ -205,7 +205,7 @@ pipelines: service: ## Supported service types: ClusterIP, NodePort and LoadBalancer - type: ClusterIP + type: LoadBalancer port: 30001 annotations: @@ -957,7 +957,7 @@ pipelines: extraPlugins: "" service: - type: ClusterIP + type: LoadBalancer annotations: {} persistence: diff --git a/Openshift4/operator/pipeline-operator/bundle/1.0.0/manifests/pipeline-operator.v1.0.0.clusterserviceversion.yaml b/Openshift4/operator/pipeline-operator/bundle/1.0.0/manifests/pipeline-operator.v1.0.0.clusterserviceversion.yaml index 118f4bf..0486056 100644 --- a/Openshift4/operator/pipeline-operator/bundle/1.0.0/manifests/pipeline-operator.v1.0.0.clusterserviceversion.yaml +++ b/Openshift4/operator/pipeline-operator/bundle/1.0.0/manifests/pipeline-operator.v1.0.0.clusterserviceversion.yaml @@ -167,7 +167,7 @@ metadata: capabilities: Seamless Upgrades categories: Developer Tools,Integration & Delivery certified: 'true' - containerImage: registry.connect.redhat.com/jfrog/pipelines-operator:1.8.1 + containerImage: registry.connect.redhat.com/jfrog/pipelines-operator:1.8-1 createdAt: 2020-10-09 00:00:00+00:00 description: JFrog Pipeline Enterprise deploys Pipeline CI/CD Openshift (Requires Jfrog Artifactory) repository: https://github.com/jfrog/JFrog-Cloud-Installers/tree/openshift4/Openshift4 @@ -349,7 +349,7 @@ spec: value: registry.connect.redhat.com/jfrog/pipelines-vault-init:1.8.0 - name: RELATED_IMAGE_PIPELINE_VAULT_IMAGE_REPOSITORY value: registry.connect.redhat.com/jfrog/pipelines-vault:1.8.0 - image: registry.connect.redhat.com/jfrog/pipelines-operator:1.8.1 + image: registry.connect.redhat.com/jfrog/pipelines-operator:1.8-1 imagePullPolicy: Always name: pipeline-operator resources: {} diff --git a/Openshift4/operator/pipeline-operator/bundle/1.0.1/manifests/openshiftpipeline.charts.helm.k8s.io.crd.yaml b/Openshift4/operator/pipeline-operator/bundle/1.0.1/manifests/openshiftpipeline.charts.helm.k8s.io.crd.yaml new file mode 100644 index 0000000..d0434aa --- /dev/null +++ b/Openshift4/operator/pipeline-operator/bundle/1.0.1/manifests/openshiftpipeline.charts.helm.k8s.io.crd.yaml @@ -0,0 +1,29 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: openshiftpipelines.charts.helm.k8s.io +spec: + group: charts.helm.k8s.io + names: + kind: OpenshiftPipeline + listKind: OpenshiftPipelineList + plural: openshiftpipelines + singular: openshiftpipeline + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: '' + plural: '' + conditions: null + storedVersions: null diff --git a/Openshift4/operator/pipeline-operator/bundle/1.0.1/manifests/pipeline-operator.v1.0.1.clusterserviceversion.yaml b/Openshift4/operator/pipeline-operator/bundle/1.0.1/manifests/pipeline-operator.v1.0.1.clusterserviceversion.yaml new file mode 100644 index 0000000..5401a6b --- /dev/null +++ b/Openshift4/operator/pipeline-operator/bundle/1.0.1/manifests/pipeline-operator.v1.0.1.clusterserviceversion.yaml @@ -0,0 +1,523 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "charts.helm.k8s.io/v1alpha1", + "kind": "OpenshiftPipeline", + "metadata": { + "name": "openshiftpipeline" + }, + "spec": { + "pipelines": { + "global": { + "postgresql": { + "host": "OVERRIDE", + "port": "OVERRIDE", + "database": "OVERRIDE", + "user": "OVERRIDE", + "password": "OVERRIDE", + "ssl": "false" + } + }, + "initContainer": { + "image": "registry.connect.redhat.com/jfrog/pipelines-init:1.8.0", + "pullPolicy": "Always" + }, + "imageRegistry": "registry.connect.redhat.com", + "securityContext": { + "enabled": true, + "uid": "1000721117", + "gid": "1000721117" + }, + "pipelines": { + "version": "1.8.0", + "jfrogUrl": "OVERRIDE", + "jfrogUrlUI": "OVERRIDE", + "accessControlAllowOrigins_0": "OVERRIDE", + "accessControlAllowOrigins_1": "OVERRIDE", + "joinKey": "OVERRIDE", + "masterKey": "OVERRIDE", + "api": { + "image": { + "repository": "jfrog/pipelines-api", + "pullPolicy": "Always" + }, + "externalUrl": "OVERRIDE" + }, + "www": { + "image": { + "repository": "jfrog/pipelines-www", + "pullPolicy": "Always" + }, + "externalUrl": "OVERRIDE" + }, + "router": { + "image": { + "repository": "jfrog/pipelines-router", + "pullPolicy": "Always" + } + }, + "msg": { + "uiUser": "OVERRIDE", + "uiUserPassword": "OVERRIDE" + }, + "pipelineSync": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "runTrigger": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "stepTrigger": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "cron": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "nexec": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "hookHandler": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "marshaller": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "logup": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "extensionSync": { + "image": { + "repository": "jfrog/pipelines-micro", + "pullPolicy": "Always" + } + }, + "pipelinesInit": { + "image": { + "repository": "jfrog/pipelines-installer", + "pullPolicy": "Always" + } + } + }, + "postgresql": { + "enabled": false + }, + "rabbitmq": { + "enabled": true, + "externalUrl": "OVERRIDE", + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/pipelines-rabbitmq", + "tag": "3.8.9" + } + }, + "redis": { + "enabled": true, + "master": { + "command": "container-entrypoint run-redis" + }, + "image": { + "registry": "registry.redhat.io", + "repository": "rhel8/redis-5", + "tag": "1-98" + } + }, + "vault": { + "enabled": true, + "disablemlock": false, + "image": { + "repository": "registry.connect.redhat.com/jfrog/pipelines-vault", + "tag": "1.8.0" + }, + "init": { + "repository": "jfrog/pipelines-vault-init", + "pullPolicy": "Always" + } + } + } + } + } + ] + capabilities: Seamless Upgrades + categories: Developer Tools,Integration & Delivery + certified: 'true' + containerImage: registry.connect.redhat.com/jfrog/pipelines-operator:1.8-1 + createdAt: 2020-10-09 00:00:00+00:00 + description: JFrog Pipeline Enterprise deploys Pipeline CI/CD Openshift (Requires Jfrog Artifactory) + repository: https://github.com/jfrog/JFrog-Cloud-Installers/tree/openshift4/Openshift4 + support: JFrog + creationTimestamp: null + name: pipeline-operator.v1.0.1 + namespace: default +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Represents Pipeline Instances + displayName: Pipeline + kind: OpenshiftPipeline + name: openshiftpipelines.charts.helm.k8s.io + resources: + - kind: Deployment + name: '' + version: v1 + - kind: Service + name: '' + version: v1 + - kind: ReplicaSet + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + - kind: Secret + name: '' + version: v1 + - kind: ConfigMap + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: apps/v1 + version: v1alpha1 + description: '## Overview + + + Openshift Operator to deploy JFrog Pipelines into your Openshift cluster. + + ## Usage + + + An external DB is required. The operator will not deploy a DB but will require + you to specify the configuration values to connect to it. + + + Search for JFrog and click JFrog Pipeline Operator to install. + + + Go to the Installed Operators. + + + Wait for the JFrog Pipeline Operator to complete the installation. + + + Open the Operator and click on the provided API: Xray + + + Click Create New Instance and provide the following parameters for your DB configuration: + + + ``` + + pipelines.global.postgresql.host= + pipelines.global.postgresql.port= + pipelines.global.postgresql.database= + pipelines.global.postgresql.user= + pipelines.global.postgresql.password= + + ``` + + + JFROG_URL is the external ip or DNS of your Artifactory to connect Pipelines to. Artifactory + is required to use this operator. + + You will need to specify your JFROG_URL in the follow locations: + + Use the cluster DNS name of the service for most operator deployments this will be: http://openshiftartifactoryha-nginx + + ``` + pipelines.pipelines.jfrogUrl= + pipelines.pipelines.jfrogUrlUI= + pipelines.pipelines.accessControlAllowOrigins_0= + pipelines.pipelines.accessControlAllowOrigins_1= + ``` + + Setup a unique master key and use the same join key you used when creating Artifactory: + + ``` + pipelines.pipelines.masterKey=$MASTER_KEY + pipelines.pipelines.joinKey=$JOIN_KEY + ``` + + Setup a unique username and password for Rabbitmq user: + + ``` + pipelines.pipelines.msg.uiUser=monitor + pipelines.pipelines.msg.uiUserPassword=monitor + ``` + + Specify external urls that will be your Openshift routes if desired: + + ``` + pipelines.rabbitmq.externalUrl=amqps://pipelines-rabbit.example.com + pipelines.pipelines.api.externalUrl=http://pipelines-api.example.com + pipelines.pipelines.www.externalUrl=http://pipelines-www.example.com + ``` + + Deploy JFrog Pipelines into your cluster. + + ## Build Plane Usage + + To use the pipelines build plane you can either use your Openshift cluster or a 3rd party cloud provider like AWS. + + Setup the Pipelines build plane. + + ## Sync issue fix + + To resolve the known host issue when syncing from a new site for now users can rsh into the pod or open the terminal into the pod in the Openshift web console. + + Once inside the container `pipelinesync` run the follow command: + + ``` + /pipelineSync/clone.sh + ``` + + Type yes to accept the host verification and then re-sync your pipeline. + ' + displayName: JFrog Pipeline Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAZAAAAGQCAYAAACAvzbMAAAKQ2lDQ1BJQ0MgcHJvZmlsZQAAeNqdU3dYk/cWPt/3ZQ9WQtjwsZdsgQAiI6wIyBBZohCSAGGEEBJAxYWIClYUFRGcSFXEgtUKSJ2I4qAouGdBiohai1VcOO4f3Ke1fXrv7e371/u855zn/M55zw+AERImkeaiagA5UoU8Otgfj09IxMm9gAIVSOAEIBDmy8JnBcUAAPADeXh+dLA//AGvbwACAHDVLiQSx+H/g7pQJlcAIJEA4CIS5wsBkFIAyC5UyBQAyBgAsFOzZAoAlAAAbHl8QiIAqg0A7PRJPgUA2KmT3BcA2KIcqQgAjQEAmShHJAJAuwBgVYFSLALAwgCgrEAiLgTArgGAWbYyRwKAvQUAdo5YkA9AYACAmUIszAAgOAIAQx4TzQMgTAOgMNK/4KlfcIW4SAEAwMuVzZdL0jMUuJXQGnfy8ODiIeLCbLFCYRcpEGYJ5CKcl5sjE0jnA0zODAAAGvnRwf44P5Dn5uTh5mbnbO/0xaL+a/BvIj4h8d/+vIwCBAAQTs/v2l/l5dYDcMcBsHW/a6lbANpWAGjf+V0z2wmgWgrQevmLeTj8QB6eoVDIPB0cCgsL7SViob0w44s+/zPhb+CLfvb8QB7+23rwAHGaQJmtwKOD/XFhbnauUo7nywRCMW735yP+x4V//Y4p0eI0sVwsFYrxWIm4UCJNx3m5UpFEIcmV4hLpfzLxH5b9CZN3DQCshk/ATrYHtctswH7uAQKLDljSdgBAfvMtjBoLkQAQZzQyefcAAJO/+Y9AKwEAzZek4wAAvOgYXKiUF0zGCAAARKCBKrBBBwzBFKzADpzBHbzAFwJhBkRADCTAPBBCBuSAHAqhGJZBGVTAOtgEtbADGqARmuEQtMExOA3n4BJcgetwFwZgGJ7CGLyGCQRByAgTYSE6iBFijtgizggXmY4EImFINJKApCDpiBRRIsXIcqQCqUJqkV1II/ItchQ5jVxA+pDbyCAyivyKvEcxlIGyUQPUAnVAuagfGorGoHPRdDQPXYCWomvRGrQePYC2oqfRS+h1dAB9io5jgNExDmaM2WFcjIdFYIlYGibHFmPlWDVWjzVjHVg3dhUbwJ5h7wgkAouAE+wIXoQQwmyCkJBHWExYQ6gl7CO0EroIVwmDhDHCJyKTqE+0JXoS+cR4YjqxkFhGrCbuIR4hniVeJw4TX5NIJA7JkuROCiElkDJJC0lrSNtILaRTpD7SEGmcTCbrkG3J3uQIsoCsIJeRt5APkE+S+8nD5LcUOsWI4kwJoiRSpJQSSjVlP+UEpZ8yQpmgqlHNqZ7UCKqIOp9aSW2gdlAvU4epEzR1miXNmxZDy6Qto9XQmmlnafdoL+l0ugndgx5Fl9CX0mvoB+nn6YP0dwwNhg2Dx0hiKBlrGXsZpxi3GS+ZTKYF05eZyFQw1zIbmWeYD5hvVVgq9ip8FZHKEpU6lVaVfpXnqlRVc1U/1XmqC1SrVQ+rXlZ9pkZVs1DjqQnUFqvVqR1Vu6k2rs5Sd1KPUM9RX6O+X/2C+mMNsoaFRqCGSKNUY7fGGY0hFsYyZfFYQtZyVgPrLGuYTWJbsvnsTHYF+xt2L3tMU0NzqmasZpFmneZxzQEOxrHg8DnZnErOIc4NznstAy0/LbHWaq1mrX6tN9p62r7aYu1y7Rbt69rvdXCdQJ0snfU6bTr3dQm6NrpRuoW623XP6j7TY+t56Qn1yvUO6d3RR/Vt9KP1F+rv1u/RHzcwNAg2kBlsMThj8MyQY+hrmGm40fCE4agRy2i6kcRoo9FJoye4Ju6HZ+M1eBc+ZqxvHGKsNN5l3Gs8YWJpMtukxKTF5L4pzZRrmma60bTTdMzMyCzcrNisyeyOOdWca55hvtm82/yNhaVFnMVKizaLx5balnzLBZZNlvesmFY+VnlW9VbXrEnWXOss623WV2xQG1ebDJs6m8u2qK2brcR2m23fFOIUjynSKfVTbtox7PzsCuya7AbtOfZh9iX2bfbPHcwcEh3WO3Q7fHJ0dcx2bHC866ThNMOpxKnD6VdnG2ehc53zNRemS5DLEpd2lxdTbaeKp26fesuV5RruutK10/Wjm7ub3K3ZbdTdzD3Ffav7TS6bG8ldwz3vQfTw91jicczjnaebp8LzkOcvXnZeWV77vR5Ps5wmntYwbcjbxFvgvct7YDo+PWX6zukDPsY+Ap96n4e+pr4i3z2+I37Wfpl+B/ye+zv6y/2P+L/hefIW8U4FYAHBAeUBvYEagbMDawMfBJkEpQc1BY0FuwYvDD4VQgwJDVkfcpNvwBfyG/ljM9xnLJrRFcoInRVaG/owzCZMHtYRjobPCN8Qfm+m+UzpzLYIiOBHbIi4H2kZmRf5fRQpKjKqLupRtFN0cXT3LNas5Fn7Z72O8Y+pjLk722q2cnZnrGpsUmxj7Ju4gLiquIF4h/hF8ZcSdBMkCe2J5MTYxD2J43MC52yaM5zkmlSWdGOu5dyiuRfm6c7Lnnc8WTVZkHw4hZgSl7I/5YMgQlAvGE/lp25NHRPyhJuFT0W+oo2iUbG3uEo8kuadVpX2ON07fUP6aIZPRnXGMwlPUit5kRmSuSPzTVZE1t6sz9lx2S05lJyUnKNSDWmWtCvXMLcot09mKyuTDeR55m3KG5OHyvfkI/lz89sVbIVM0aO0Uq5QDhZML6greFsYW3i4SL1IWtQz32b+6vkjC4IWfL2QsFC4sLPYuHhZ8eAiv0W7FiOLUxd3LjFdUrpkeGnw0n3LaMuylv1Q4lhSVfJqedzyjlKD0qWlQyuCVzSVqZTJy26u9Fq5YxVhlWRV72qX1VtWfyoXlV+scKyorviwRrjm4ldOX9V89Xlt2treSrfK7etI66Trbqz3Wb+vSr1qQdXQhvANrRvxjeUbX21K3nShemr1js20zcrNAzVhNe1bzLas2/KhNqP2ep1/XctW/a2rt77ZJtrWv913e/MOgx0VO97vlOy8tSt4V2u9RX31btLugt2PGmIbur/mft24R3dPxZ6Pe6V7B/ZF7+tqdG9s3K+/v7IJbVI2jR5IOnDlm4Bv2pvtmne1cFoqDsJB5cEn36Z8e+NQ6KHOw9zDzd+Zf7f1COtIeSvSOr91rC2jbaA9ob3v6IyjnR1eHUe+t/9+7zHjY3XHNY9XnqCdKD3x+eSCk+OnZKeenU4/PdSZ3Hn3TPyZa11RXb1nQ8+ePxd07ky3X/fJ897nj13wvHD0Ivdi2yW3S609rj1HfnD94UivW2/rZffL7Vc8rnT0Tes70e/Tf/pqwNVz1/jXLl2feb3vxuwbt24m3Ry4Jbr1+Hb27Rd3Cu5M3F16j3iv/L7a/eoH+g/qf7T+sWXAbeD4YMBgz8NZD+8OCYee/pT/04fh0kfMR9UjRiONj50fHxsNGr3yZM6T4aeypxPPyn5W/3nrc6vn3/3i+0vPWPzY8Av5i8+/rnmp83Lvq6mvOscjxx+8znk98ab8rc7bfe+477rfx70fmSj8QP5Q89H6Y8en0E/3Pud8/vwv94Tz+4A5JREAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAADJWlUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iQWRvYmUgWE1QIENvcmUgNS42LWMxNDggNzkuMTY0MDM2LCAyMDE5LzA4LzEzLTAxOjA2OjU3ICAgICAgICAiPiA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPiA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIiB4bWxuczpzdFJlZj0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL3NUeXBlL1Jlc291cmNlUmVmIyIgeG1wOkNyZWF0b3JUb29sPSJBZG9iZSBQaG90b3Nob3AgMjEuMCAoTWFjaW50b3NoKSIgeG1wTU06SW5zdGFuY2VJRD0ieG1wLmlpZDpENDgwNUU0NzUzREQxMUVBOUZGODkwMEY5OEQzRjlFMiIgeG1wTU06RG9jdW1lbnRJRD0ieG1wLmRpZDpENDgwNUU0ODUzREQxMUVBOUZGODkwMEY5OEQzRjlFMiI+IDx4bXBNTTpEZXJpdmVkRnJvbSBzdFJlZjppbnN0YW5jZUlEPSJ4bXAuaWlkOkQ0ODA1RTQ1NTNERDExRUE5RkY4OTAwRjk4RDNGOUUyIiBzdFJlZjpkb2N1bWVudElEPSJ4bXAuZGlkOkQ0ODA1RTQ2NTNERDExRUE5RkY4OTAwRjk4RDNGOUUyIi8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+WnMr7QAAIxhJREFUeNrsnc11G0fWQMvf0ZlZgo6AUASkIgC088ZDKAKAERCMgGAEhCIgGIHA8cY7NSMQGIHBCIZYzmz49SNeWy2IIPFTVV0/957TB7JsoxvV3XXrvfr75enpyQAAAGzL/1EEAACAQAAAAIEAAAACAQAABAIAAIBAAAAAgQAAAAIBAAAEAgAACAQAAACBAAAAAgEAAAQCAAAIBAAAEAgAAAACAQAABAIAAAgEAAAQCAAAIBAAAAAEAgAACAQAABAIAAAgEAAAQCAAAAAIBAAAEAgAACAQAABAIAAAgEAAAAAQCAAAuOVdaj/ot/PfuavwzH//9b9R+TH/57//MaE0IAT+vPqDCAQgEoryuC5FMqYoABAIwC6clRIhCgFAIAA70UciAAgEAIkAIBCAZiRSHgcUBQACAdhaIuVRIBEABAKwC0dIBACBACARAAQCgEQAEAhAXBKZlRI5pigAEAjAthxqJIJEABAIwNa0kAgAAgFAIgAIBKAxiXQpCgAEAhnyz3//o9hTIl9LiQwoSQAEAplhKQ11jUQAXuYdRQCRS0Lmbxzr0a59Hlo8jUjEsDEVAAKBuIXRLT+6NWkcejo1EgFAIBBZdNGtHUcNX5JI5LiUyPCFax3oNc7LY1Yej3v2wQAgEIAtpSFRRU+PowAvUXY3PCjlMKj/pUQmGh1d1H6LfDyoVIpKLuV/O+NOAwIBsCONXk0arQguua/prFWJDFQa/dpfH+rRWRHLvUYqM5UK0QogEIBEpbGNREQKV2/8/0d69GtSuVOhiEyK8rseeVIgZH55enpK6gf9dv47dzVcaUh6aqBHK5GfdVMew9XKXvtErvf87vtKJgglDf68+gOBIBDYQhoHNWkcJfozpaLvOpLI6nmmctCPgkBCgImE4CzakL3HzbLj+CpheRizZk8RHfJ7avk80kn/rTzXo+7t3uNpAwQCqYijVx6FVHJmmd9vZfLTjzQ6MC9I5MbB+Vpavl/K8n4qjykyAd/QiQ62xDEoP0bG38S+0FiUx7r5IX0P5z+RozzfQkU2YWQXEIFA8OIoj7lZ5voPMy6K4Wq/hEYE156vo4pMZCFIVhQGBAKII3BOV5c40RFnk4avq6MiGfPEAgIBxBEe52vkUZhw+n/OdEADAAKBRsTR1QlyiOM7N6U8xivldBCYPCpk4uOIWwYIBHyKoy0jfMo/fjVpD8XdRR6DSORRcSH3k1sHCARci+NAW6x/meUIH/jO3SvyCF2yRCFgDYbxwkvykNFDkpohVfUzMhv8pfkWk0giNOaKABEIOIs6JF31BXmslcdLS5ZMIorSWqSxAIGAi6hjbkhXrUMm6PXWyKMf2W9BIGAFUliIQ3L3MbWgm5KHRB7zlbIbRCgPACIQIOrwSPeFWeYij2uKBohAIMeoY1QeZ5TGm5yuWTpd/u5jecikwQM9jvXfdSg2QCCQojyqJTZSm9OxMN+3iJ3XPid7VOg/LVFSUZNK8Yqkj/Vo62cQYmGRRUAgsIs8BmY5PDeFJdar3fqet4Bd7Z+o/eZdv/9ynTw2rKQfzffdBFcFLkdXD9+j3R54EwCBwLbykMow5g5fqfimxs/2rjLLfOSo9V9FSRO9L+2aTHwIhZ0MAYHAxuKIZYb0S9zqtU/XRRgbIP//Nqmjn5YocYn+rsmKUHoqExeDGxAIIBDYSB6hrQq7qTSqfb8fPZ/73qc8XhHKWA+5h4+W71/BmwEIBN6Sx8DE099xr9fahDTq19ANMHq0ef8WdKADAoG3Kh7ZWvUq8MuUUVMTEcce6Smr8mhQXus4tvx9yAMQCLwqD6mUQ+4sl87wUcPRxqrIBgHKwziIiKa8IYBAIEZ53Ik4AkuhVEuUhNqx3CYCAQQCrsUR8kirG7NMU4VYSYcsD8FmCushgFQhIBBAHhuLYxRwpXUauDyM5XtK+goQCAQvD0lVDQOvnE/3mWXu6d7SgQ4IBLKRx72KI/SK6nPo8lDalr9vQBQCtmE5d+SxLwtt0R9HIA+ZZT6M5DbbjkBOdJAFAAJBHkHI47O0lCNp0d80Pcu84QhE6CMRsAkpLOSxC7Gkq3643shud9vR9/Z1heJhoHNfgAgEHDENQB6XkaSrKuQ6u1SWP0pEykUbJABEIBlEHxPT7IZE0oofRDD09QciXvvp2PH3S0NkLtsa+y6j8pzd2j8+xvZMAQKJUR5NzjD/HFHncyq0PJ3ja/l8Xbra/0SfX4l0enqcvPDvn9dF4xlDIGD/5Rs0KA95sXus4Jo8FxoV9Gym+lQcQz1ab4jsTK+BdGNE0AcStjykxXbd0OllQmAbeTTGnefzSXp0vpJe2rfhMxc5bRFNSVqN5w2BgIUXUHLgk4ZOLykNWoLN0kTZVymt8T7PbXkU2vDZJQ13xFBjBAL7h/5T438zKElZfXKZD4eNaXLWuKSTZtsup1L+9/LcfDP7D/bo6542gEBgx8rj0PM5ZZ8OiTpY7iIAdHLmQ4OX8JxO2qQi16hDRlJdWDz/la10GiCQnKKPsfE/XFeG6B4znDI4ehoVNkVLK/LpS3NG5O9qUYeL+UlT5qogENhcHlJhnHk+7Y1ODKS/I7woRIQuaaS7hi9Fht7+kNLSTnLbUcdLAiMiRiCwgTzaxn+neWzrQ+UokbkMaCj/+Mk0m9KSlOo3iZDLY26WneQ+0qwd+kMQCGwQrhu/nebnyCMqkcge8tLIOG04Ijkz/vvnrhzsjwIIJJnoY2T8rnEly6+PKfkoRTLRiOSjaT615ZMJdx+BwM/ykMrgwuMpTyNZfh1eF0mRmUiOtKEFCARUHgeeW1bII12RSGrrIfGfe0EqC4HAd6RF5SufjDzSFoncW6lcLxP/qTzDCAQ0deVryC7yyEMij7qKwAeznNuTIqSyEEj28vCZurpBHtmJZCZzexKORkhlIZCskRaUj9QV8zzyFkkVjaTYN0KjCIFkGX10jZ/U1R3ygNps9tvEftoREwwRSI74mH8h+e8eRQ0qEekbkechtZTWSFdwAASSRfQhLSbXEwarXQRZ2wpWRTIyy+G+qdDy1CADBNK4PKTjfOThVCKPOSUOayQyMct+kUUiP+lEFyEFBJI0Y+N+ratztqCFDSQi/SLdhCQyZtl3BJJy9CGdmH3Hp7llfSvYUiJt43e+iKtzHXqK7gGBNBZ9uESGaQ4oZthSIo8aibiWiHz/B8dRzxlzQxBIitGHvDSudxik0xx2lohOOrxxdIpL3bBsps+oy6G3ROAIhOhjS87ZihYsiEQiWJvDfCUq/qgjv+rnmRh3qwd3dKdEQCBJRB/yMLsctntHvwdYlIhU9rLz4b5pps/lcfzKgA6nUQgd6ggkFUYOv1teclpbYFsisjNm1+zWL1JFHcPXUqoaMX929BNahg51BJJI9OFyvasR8z3AkUSqYb6bVvLSmJG+jvYWw8hHxm2Heps7iUCIPl6G1BW4loh0rkuqSUZPrVtHS/5etgo4WO3r2OT7jdtU1oS76J53FIGT6KPnMPogdQW+o5GePtdd/etHGwM3pENdI3UXoxSlQ72nKTlAIFHhtJOQ1BU0JJPC0bvyzdW7Uh4IxCGksOxHH13jbt7Hw7apAoAIIhxXHeqH7F6IQIg+vjOgeCFBpJJ31aE+ZFgvAokl+miXHyeOvv6OhRIh0SjEZYc6S74jEKIPog9IXCIT426Gep9hvQgkBlxV8jd0nAMNsL2YULwIJFh0OKKr/T5GlDBkEIVIh7qrRR07tWHIYAmG8Ybferok+vDWCKgqmHpFIyvV1jthpZKrlumY6zFjNWSr71HPUWNstHJvAYEEUfG0jZtFE2VkCh2A7mTRVUHIsenEz86a71uoXAo5GPCwl0BcRfLPUQj3BoHkEn1MaNlalXxPpeFipFxL5SLHhQpFKqqpdhDD20KfGLfrx1XvKgJBIEHRc/S9RB92pDEwbpfVXycUEdVJeR3VjGgWwPz5Hkl6cFQeZ55O2aXUEUhIL4Crda8YebXfPRkYd3NydpFJ3yyHk96pSAru0/N9GnuIOlbvBSCQ5KOPEUW7dYU00HI7DPgyJcX1VUUyzHE3SY06xipV39zxptiDYbxhCuSO6GM7cZSHlNd14PJYFck3SW/ltNSG9nXMGpKHwHuFQIIKwV2ExPR9bFj+EYpjFcn9z/VZSv1+SQf214bvFavzIpCko48H9jB4syJql0dR/vFLxOKoI42QLylHI+XvmpQfVw1fxj3vFgJJXSBEH69XRKPy4y/jbsn8pqORIrV1m1Qe/QAuZcgbhEBCeSmOjZv0FS2k16OOi8R/qgw3nunzlcJ9GwYij0tGviGQkBg4+M5bOs9frIS6Ztnx2snkJ0vD5JuOKov5vlVzPJrmho3YEEhodB1854Ri/akSkkr0q8lz/P515BI5DuC+SeQx4E1CICFVam1jf2bzgg6+n8pZhHqdeTHELJFug+eWpWQ+EXkgkFxeDOTxszz6lEQSkYhvZLLgMQ0yBIJAkAd8l0hsc0V8z7KXqOO0FEeXvkQEkpNASF8hj02YRDY6y2clLhtRtVn5GIGEXsG1jf3Ja8jD/D3HA3msRzqkp7FMNtR1vhaOT3NfHh+lo5ytDxBIjtGHUCCP5xz/BY/Xm0jjJaZWtqtnW8R0XkrjmPkdCCR3gWQdgWhahhn4m3OiE/RyFUjVSc4z0zAs5749tnPQ9zmH3pqOkRZ10/MFJBUiKZe5+XHf8+rzoPZ5bLbfCtc2I5mZH8Fy8NI4srkG1iVDcxFIzBw5eMFyZmT87xYoLLTs5Si2lPi0JsC2Wa6JJofPmfItjdq6Id9cGQ1VltGDRdHSXxgQpLC2ay27eFmLzMvzzPNpJdKQoZ4H2vE63ScClApSUikydLT8x/dmORpo4em3dCJJZdms9NvURAgkVqwPocy8A9BnDrsarXPsaqinymSgldyNrwguglFZ05DfQUAgsQok2+01teXsI3VVTS7zNlpHIhoVyQcVl0sklTUK+V5ruduKyroGEEik2A6fs4w+PK7SemsanFwmHdwirvKPnx2f6iyCPUSKQN9BQCDesN1JOsu0HIfG/agrmSPQC2GEW3kN8ntPHZ9mFPg9tyWQQwMIJMJWs4uWzyzDcjwwbneGq1ZhDWqOgEZBH4y7DvZ+4FHI1OIz1KVGQiCxYfvlXGS64NvAYfQhlXM31HXFdM5G16FEgo1C9Fl/sPR1BwYQSGTYbvXknL5yKY+gy1Wvz9Wqur3AR2QVlr6HkVgIJDoOAn2ZokGXI3eVwx5EMCu7kojc+3MHX90ybrZaRiCAQAJ7aOcZlqGrlvdlbMvhax/NbUQRXkhRd5vqCIHkHoEgEDvcRbw2kkQLtvtDDkPdM8Ti8u5HBhBIZBxZfpmKnApP01e2O88XJuyUzVvPwKOj6w+5TGaWnifSWAgkWxYZ/mYX0cco9pFsmnq7i6CsbWGr4YRAEEg0reduiK2wyLBdhg8J7Qdhu9/iMOAWOv0gCAT2JKv9PxxtAzxKpXy0b8B2h3qoUYitiLFrAIFkSm4RiIvoY5JYGY0DL3ObsrQBKSwEkm0FmBu2X/bU5FENqniw+JWdgH+ujd/ZimAZewQCRCAIJM4oJOA1o+Y07BAI7E5ue6DbFMh9wmuITQMu9xCff9JYCAQywOb8jyLVQlIx2tyAKvWRWEQgCCS7FnRWEYiDNMo08SKzKch24mXVMYBAIsBqZ10si/4l3nrNQSDJV7CyNXIEuzEmyzuKACKS7yKEHQZjEqSMVEq8zK7kKH/ng5adCLigkYZAIA1spv+SrxSkH6SsDG2Xf5HBc3aox4mKUz7uakIpeBURCEAOSEc6K87uT0ePCxXKrQplmuluoNahDwRiIpeX3mbKicl235HoRFJef5VCmZXHgMmICAQQCKyHuRIvIxHetTxTpURGFAcCgfShtQi2kTlKFxqR8HwhEKA1DbBTRFIgEQQCYTGnCCAiiYwpBgQCaQqE1mEaFAFfW58oBIHk9MDn1kLMgXbivy/0iY1dXjUEEiyZLb1ge2Z1Dv0gNndvnIf243SW+CLg8qevDYHQwgyksnjk5d5KkLZbv/NAfyp9DQgEYCPuLH5XN/GyyqX1KwK559VAIDlgew2m3DrpbLaCUxdIN/Bn12Zk2rXcuAAEEiSkYcIRyGHi/SAnDirqIJFrKw+RyKkJu08EEAg0SGH5+4YpFpKszWT5K6No3ZcSmZhlv6CI5CGAS2IpeARi9QG3XQEeU3570Ut0rL5tgcwjekYkGpmUh4jkQ3l8blAmjwYQSMDkOFHJZmu4lVoUokO7be8gGGVLWob5lsewJpNL47HDnb1DEIgLbLaGchxnbvulHCYWhYwiKPOmZDIqD3lnfi2PT+Vx4zA6YWQYAnGCzXRAK8Pym1r+vmSiEB0U0Lf8tYvUtnXVNJdsBjXQ6OS9yiTU9xyBgJsHy8GEseBbkg5ajReJzOp3MamuyOCZknfS9v2nAx2BhC8Qk9FsdIdRiDCJPPqQKKoTSVmHiO2yKwwgEAfYbpnkKBAXlX0n1h3lNHV1FZGsQys/61E8HegIJJYIpJtbAWoay0UnpaSyepFVfgcOW7u3IU8gDPgdogMdgTit/GyS64qfrhbRm8QyQ70mD1eDKSaZPEu2BUL0gUCcYrOF0spsWfcKSa24WLZCKuMidInU5OFqb5MHGamUybNE/wcCiYo5UcjekdyjwygkaInodbmURzbRh6NRjIzAQiBOIY1lh7Fxt3hekBLRPhrX8liYfPbZsC2QBx0WDAjEGUXgLwFRyHeJfNMhsk2L46A85Ld+Me4nkI4z6Tx38e4UBhBIZBFIJ+OydBmFVFyVlfe0qb4mXV1XWrVnHk6XU/Th4t1BIAjES8vZ6mzq3Gakr5TlyMOpZH+Nmc+5IiKO8hBxXBt/y9aMcok+6P9AIDFju6XSy7UgywrP17amUonLXJG5Vu7WF2HUVNWwJo5Dj0V5r2WZC7YFkty6YQgkXGaBvwyx4bOf4lArdxHJeN+OdkmNqZBk2Ox/zHJW+WEDZTjI7JmxPUCiMLAT7yiCxh+2I2m9ZtT5uRqFyIgp2TzozONpW3q+s/Lc0ncw1YaBHPOXRuNoP0pbK69jFf9hAEV4mWHruRv4O41AYG2FN9NKx2ZuW9JYk4zLdKh57aMGTi/3sW9qy6mX1xJL0d3JXhk5PSsaNdruV0IgO0IKK4wHrkeRPqdhFhTDxjxk+tzYjj4M/R9EIL6RlMeJxe87yb1ANbKT/pBrHq83EdH2Ykh76oCFgcpu3dBb2e5Yfks9jTjzJJA7HicEEnsE8jxTOaM1jNZJZKJ9DRc8Yq9HrDG0mjXdJM/0W31FndWGlKYRpXKf6/s209/cDf1dzglSWLtVdHNjf3c90ljLsh0Z+9uUpsRpDHtW1BaN3GeggYilr1GprCzwZOj/QCCJYDta6LuYnxCpRAZIZK08JpFc68T4m0S5D/R/IJAkBEIUgkTWIX0eH2KRh46oi6Ff7z7X4fMIpPkKrjD2Rw0NKFkksoKkSruRjRQaRXKdBW8ZAkkpCulkuskUEnkZ6UQ+jkkeGn3Eskgo6SsEkpRAiELWS+Q0s599Xv7uboQplpieXyIQBNJoxeZie9YhJftiWU/Kjw/G/ui30JDFJT/EuDiiRs/9SC53wQZSCCTFKKSl+0jAzxKRlIPMLbhN8OctNOo4jnhm9IjoA4FAswKJLQ3gWyKP5SGj1T4lFI1clkc75iXZI4s+EAgCCaZCmzqoyDq5bjS1Zbkfa+Ub4xpacs0yOOC9TJ5MYDhpbPKb8hYhEKIQopGRWS6zHstIrYdaxDFIIQ8f0byPv+8B/R8IJPXWV58hvVuJRIT7a8ARiQjuU3md7UQijjojGnwIBHavwKQ1c8eLGUZEUh6yJIz0kTTZ2V6lqOQ6ftVoI7mKSwd8dCK77Alvix1YjdfuQ2n7RZIoZES4vZNMpLKe6vpiXbNcJkY+Xe0iKMIoqiOHPSa0bGPr+3hg/w8EEmKFJUuRy8tkewE5iUIGlPDuUYlZpiymWum1zfdtaeU40M9N75v0Ycxrx/MeFplKfmLiWDCxzpi3AoGE/HDa3suCKMSuUKqKf7qmVV1Jpc6MRfd+KieJ6GLbCG1hSF8hkMBbZC42QxIxsVKvH8GQ3nhbHu1IK+IxDQG70Iluv3XrYjjpCfNCICAkenORunI5eu5eh3wDAgm7lePoe3n4IYToQ57vIwdfLX1LEtm8N8uFM2+MvQm6CyJ4BBJLFCIpEBdDejuskQUNy0OevzNHX9/TYdhzGZCiw55FKDK3R4ZCfzbLhSa3jjzMckn8OXfQPvSBuIsWvrqIbsqXeEoeFxqQhwwuuHb09efr+p5eGEVXjZrrmu+j6DovRByF/D8RbQGMQODvh74oH/Q7Y39eSEvlxJLv4FMeB8bd4oO32ywiqUIpDIshBgEpLLdRiAvOtDUI4FMerjrNB5QyAoEXohDjpi9EICwHX8izduTou3ukYxEI+I9CjmRyIcULjqMPkYeryYKX2sgCBAINRCEXpLLAoTykn83VBlF3zMlAILAZLju8JxQvOJDHoPy4cvT19HsgENgiCpHhia42OyKVBbbl0TXuhusKA+ZkIBDYjpFxt0zDBcucgCV5SErU5Z4ln1PcEwWBgOsoRFpcLpeRrva9ANhVHi6H6wqyFhXzlxAI7IgI5MHRd7cM23TCfriUB/0eCAT2jEJkvLvLFliH/hDYMfqQ5+bI4SmGLJOPQGB/iUiUcOfwFBe60Q/ApvKQfo8Lh6e4YT0qBAL2GBi3+x5MmB8CW+Ayan0wrNuGQMBqFDJ3/NI+94fQqQ4bRB9t43ZbWpYqQSDgQCLSoX7v8BSHhtVK4W3aDr/7nH4PBALuGDj+/iNdywhgHV1H33u/zRLtgEBg+yhEWmfnjk/TRyLwCnOHjRdSqAgEHEtEWml3jk/T14XxAHwJxEeEDQgEjPtRWcIV+6nDCw2YwuGzR6MFgYCHl3juqbV2jUTgBVytYHDI84ZAwI9E5CW+8XAqJAKruOzsHlG8CAT8ICH/vYfzIBGoN15kMIerfjiiEAQCnl5kmXAlL9vCw+mQCPiKFMaMyEIg4K816Ktiv2aIL+hzVxh3KdSWIZWFQMDbyyz9IZeeTsc8EagYOox+z9j0DIGAP4lIi+3Wo0QK0gzZP3OPjiOFCc9YeryjCIJlYJbrWR15OFdHziX9IqxfFA66qnK7PKrVleXezFztKS4TW3U7gI6Drz9UQTE/JCF+eXp6SuoH/Xb+e0oVSFsrjZanU0oKo6c5cWjmfksF3tVj3X2X/oqhi5VuPTxzn3LeF/3Pqz+S+j2ksMJOK8y1Ill4OqVUGl9Z+sSrNLrlIS1/udd/lceVWS6x/loF3i+PuYt9XzxsN0AqC4GAR4n4HJlVIUufsKeIG2Eci6C1fCWC+FoeZ2aZ4tlW9oUjibhco02ue8KTgEDAn0Qk5D/1fFppBc/Y3dBKhFEXxrcNo4xtJOJC9C6j0BNGZaUBnejxSERCf/njtcfTSqv4W3nec/Z3eDuyKD+kIpeKsW2WHd8+BkA8S8R872i38VukH8b1/R4aNj1DIOBdIlJRnHk+9ZVWKgNXI4ACEEBV6b9WEbfNj7v4HXiSxFvI/hsjHf69rwRFHB0P13zCG41AwL9Ehpqy6Hs+tVQqM62okolGVIyjQESwDxeSJttlGLY+T6MGGiYQOfSBxCmRgfGzeu8qLY1GCm2xxy6PSfnxJQF5VEx2KANJJc0bkMeCNxmBQH4S+SEaiVge4waiONccbToEWzv3JVq5Mv7mGdWZ8hYjEMhXIlLpSNpkHtuIGr3eVNM1o9dGZUnkqJHX1wYjL4k+RrzBCATCkMh5g5cgI7W+6jDVdiyVbMKPhIh9vEYe8rtnAURew1QHYyAQiFEiUmGcNnwZMqrmL51VHewERI0+Ook/Ev36/B0ZKKAz3S9MM+mqOqcympC3FoFAWBKZBCARQVJDktYaBSqSXJZpGWu6qjDLgQKHAVwT8kAgELhEPpjmR7i0tLUblEg0xZbL/AOJsv4KKNpCHggEIpCI5Li75fEQwOXURTIOoI+kxxPiHWnMfEAeCATikojkwO8DuSQRiaS2pI9k0uCorQFPh1dkQcY2e8wgEIhPIo/lIRK5CezSZASQjNqSeSQDX+ktjX6OeDK8cVk+f10Xe5YAAgF/IpFW92mAlyaVuSwMOfcUlXR5GrwgqdMP+67LBQgEwpHIxCw71x8CvLxWLSqp+kpcLCFP/4d7PpfHMSkrBALpSaTqF7kL+DJlqKn0lXxTmUx0scNcIpBY14eShslHWeiTlBUCgXQlIv0iUpGeR3C5hxqZfCkl8qQz3Qe7jOTS9FgrwN94r632T+Xxqwo+NolUUUfBG5YfLOeep0jGOsFsasKYYLYJJ3qIEKTinZRHsWG6JIToQ8Qg11pUny+01h9FkmY58S+GqGOAOBAI5CmRarvakYlvYUHpgL9SmTyoCAvd+rdJgci1zPXPRe1zvunaT/Ibyt90a8Ke8ChRx4h0Ffzy9PSU1A/67fx37uqWaIpnElE08lorv6gJZa6/78nReapoYmazMtWhzbMA78e9Rh10ku/In1d/EIFActFIEXE0Uqdlfkx11SMCa61v6Sx2fD+qVNbXgMQ8ZmgurEInOvxdaWnF+NGEOdx3F6QFb3stqKmn+yHRzecAylBG7R0jD0AgsFHFVR7t8o+Xhm1H11Xsvhg1KHO59590NvmcOw8IBLapKKXykrTWLaXxQ2vca1Romlm/SyKf9iuDEgAQCLxZgcnoIZnI99GEPQHRF7MG7kFh/KWypJOcCYGAQMBuJaYTEGVNrYeMi6JoqPyHxu3KypKuksUPmRAICAScVWQT7R85NXn2jzQ5fHXg6HvpJAcEAn5FUn6ISHLqaH9osjNZ515c2vw9hk5yQCDQUIX2qK3WKiJJPbU1C6DMR8ZOX9SlRh10kgMCgcZFUk9tpSqSIpDr6O1RxjKi7r2IiE5yQCAQmkwqkXw06Q3/LQIp40eVyDapQ4laZHRVj3QVIBAIXSSFDv99b9LoJ1mEtP6TXkt3g0ikEkeX0VWAQCA2kcw1XSKLA36KOCqZBli21QZhIuj7FWnI371HHOAaFlMEXxWeVMJTXWl2YJZpmE4kl18EWqaSzhrpAYBAIHmRSKU3lkNl0lWZyGeIy8kvQoxAABAIIJNl5fxcQeuS8t3AopMpI5YAEAiEL5TnzZlWopNKKE1FJ2PuDAACgXijk2EplLb53ndy5Okybtl9DwCBQPxCmZtah7Fuw1sdkvpqWT7lwjSzlDoAAgFwLJTC1EZH1fpPjvXYJ0qR+RU9+j4AEAjkIZSq/6QSyoGKRKTS1uOtjnkRx8Qs9/9GHgAIBDIVyqNGKEX972tiWWXOMh8ACARgE7EAwJ6wlAkAACAQAABAIAAAgEAAAACBAAAAIBAAAEAgAACAQAAAAIEAAAACAQAAQCAAAIBAAAAAgQAAAAIBAAAEAgAAgEAAAACBAAAAAgEAAAQCAAAIBAAAAIEAAAACAQAABAIAAAgEAAAQCAAAAAIBAAAEAgAACAQAABAIAAAgEAAAAAQCAAAIBAAAEAgAACAQAABAIAAAAAgEAAAQCAAAIBAAAEAgAAAACAQAABAIAAAgEAAACJ93qf2g//7rf93y4yu3FgAC42N5FEQgAACQPQgEAAAQCAAAIBAAAEAgAACAQAAAABAIAAAgEAAAQCAAAIBAAAAAgQAAACAQAABAIAAAgEAAAACBAAAAAgEAAEAgAACAQAAAAIEAAAACAQAABAIAAPAa7xL8TY/lccetBYAA66ak+OXp6YnbCgAAW0MKCwAAEAgAACAQAABAIAAAgEAAAAAQCAAAIBAAAEAgAACAQAAAAIEAAAAgEAAAQCAAAIBAAAAAgQAAAAIBAABAIAAAgEAAAACBAAAAAgEAAAQCAACAQAAAAIEAAAACAQAABAIAAAgEAAAAgQAAAAIBAAAEAgAACAQAADLl/wUYAABf0oDFt8DSAAAAAElFTkSuQmCC + mediatype: image/png + install: + spec: + deployments: + - name: pipeline-operator + spec: + replicas: 1 + selector: + matchLabels: + name: pipeline-operator + strategy: {} + template: + metadata: + labels: + name: pipeline-operator + spec: + containers: + - env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: pipeline-operator + - name: RELATED_IMAGE_PIPELINE_API_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-api:1.8.0 + - name: RELATED_IMAGE_PIPELINE_ROUTER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-router:1.8.0 + - name: RELATED_IMAGE_PIPELINE_WWW_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-www:1.8.0 + - name: RELATED_IMAGE_PIPELINE_MICRO_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-micro:1.8.0 + - name: RELATED_IMAGE_PIPELINE_INSTALLER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-installer:1.8.0 + - name: RELATED_IMAGE_PIPELINE_RABBITMQ_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-rabbitmq:3.8.9 + - name: RELATED_IMAGE_PIPELINE_REDIS_IMAGE_REPOSITORY + value: registry.redhat.io/rhel8/redis-5:1-98 + - name: RELATED_IMAGE_PIPELINE_VAULT_INIT_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-vault-init:1.8.0 + - name: RELATED_IMAGE_PIPELINE_VAULT_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/pipelines-vault:1.8.0 + image: registry.connect.redhat.com/jfrog/pipelines-operator:1.8-1 + imagePullPolicy: Always + name: pipeline-operator + resources: {} + serviceAccountName: pipeline-operator + permissions: + - rules: + - apiGroups: + - '' + resources: + - pods + - services + - services/finalizers + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - namespaces + verbs: + - get + - apiGroups: + - '' + resourceNames: + - pipeline-operator + resources: + - '*' + verbs: + - '*' + - apiGroups: + - '' + resources: + - events + verbs: + - create + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - apps + resourceNames: + - pipeline-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - apiGroups: + - apps + resources: + - replicasets + - deployments + verbs: + - get + - apiGroups: + - charts.helm.k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.k8s.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - policy + resources: + - '*' + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resourceNames: + - pipeline-operator + resources: + - '*' + verbs: + - '*' + serviceAccountName: pipeline-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - DevOps + - CI/CD + - Developers + - Software + - Productivity + - Artifact Repository + - Repository Manager + - Docker + - Maven + - Git + - Helm + - npm + - go + - golang + - kubernetes + - k8s + - rpm + - yum + links: + - name: JFrog + url: https://www.jfrog.com + - name: JFrog Pipelines + url: https://jfrog.com/pipelines/ + - name: JFrog Pipelines Video + url: https://www.youtube.com/watch?v=5xbMYabN1MQ + maintainers: + - email: partner-support@jfrog.com + name: JFrog + maturity: alpha + provider: + name: JFrog + replaces: pipeline-operator.v1.0.0 + version: 1.0.1 +status: + certsLastUpdated: null + certsRotateAt: null + lastTransitionTime: null + lastUpdateTime: null diff --git a/Openshift4/operator/pipeline-operator/bundle/1.0.1/metadata/annotations.yaml b/Openshift4/operator/pipeline-operator/bundle/1.0.1/metadata/annotations.yaml new file mode 100644 index 0000000..2466bdd --- /dev/null +++ b/Openshift4/operator/pipeline-operator/bundle/1.0.1/metadata/annotations.yaml @@ -0,0 +1,12 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: openshiftpipeline-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v1.0.1 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 \ No newline at end of file diff --git a/Openshift4/operator/pipeline-operator/bundle/1.0.1/metadata/openshiftpipeline-operator.package.yaml b/Openshift4/operator/pipeline-operator/bundle/1.0.1/metadata/openshiftpipeline-operator.package.yaml new file mode 100644 index 0000000..fb70ac2 --- /dev/null +++ b/Openshift4/operator/pipeline-operator/bundle/1.0.1/metadata/openshiftpipeline-operator.package.yaml @@ -0,0 +1,5 @@ +channels: +- currentCSV: pipeline-operator.v1.0.1 + name: alpha +defaultChannel: '' +packageName: openshiftpipeline-operator diff --git a/Openshift4/operator/pipeline-operator/bundle/1.0.1/tests/scorecard/config.yaml b/Openshift4/operator/pipeline-operator/bundle/1.0.1/tests/scorecard/config.yaml new file mode 100644 index 0000000..dc0bae3 --- /dev/null +++ b/Openshift4/operator/pipeline-operator/bundle/1.0.1/tests/scorecard/config.yaml @@ -0,0 +1,21 @@ +kind: Configuration +apiversion: scorecard.operatorframework.io/v1alpha3 +metadata: + name: config +stages: +- parallel: true + tests: + - image: quay.io/operator-framework/scorecard-test:latest + entrypoint: + - scorecard-test + - basic-check-spec + labels: + suite: basic + test: basic-check-spec-test + - image: quay.io/operator-framework/scorecard-test:latest + entrypoint: + - scorecard-test + - olm-bundle-validation + labels: + suite: olm + test: olm-bundle-validation-test diff --git a/Openshift4/operator/pipeline-operator/bundle/bundle-1.0.1.Dockerfile b/Openshift4/operator/pipeline-operator/bundle/bundle-1.0.1.Dockerfile new file mode 100644 index 0000000..c1a3864 --- /dev/null +++ b/Openshift4/operator/pipeline-operator/bundle/bundle-1.0.1.Dockerfile @@ -0,0 +1,19 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=openshiftpipeline-operator +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.0.1 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 + +COPY 1.0.1/manifests /manifests/ +COPY 1.0.1/metadata /metadata/ +LABEL com.redhat.openshift.versions="v4.5,v4.6" +LABEL com.redhat.delivery.operator.bundle=true +LABEL com.redhat.delivery.backport=true diff --git a/Openshift4/operator/pipeline-operator/bundle/openshiftpipeline-operator.package.yaml b/Openshift4/operator/pipeline-operator/bundle/openshiftpipeline-operator.package.yaml index 39830f1..fb70ac2 100644 --- a/Openshift4/operator/pipeline-operator/bundle/openshiftpipeline-operator.package.yaml +++ b/Openshift4/operator/pipeline-operator/bundle/openshiftpipeline-operator.package.yaml @@ -1,5 +1,5 @@ channels: -- currentCSV: pipeline-operator.v1.1.1 +- currentCSV: pipeline-operator.v1.0.1 name: alpha defaultChannel: '' packageName: openshiftpipeline-operator diff --git a/Openshift4/operator/pipeline-operator/watches.yaml b/Openshift4/operator/pipeline-operator/watches.yaml index 0063334..426dd6d 100644 --- a/Openshift4/operator/pipeline-operator/watches.yaml +++ b/Openshift4/operator/pipeline-operator/watches.yaml @@ -1,6 +1,6 @@ --- - version: v1alpha1 group: charts.helm.k8s.io - kind: OpenshiftPipelines + kind: OpenshiftPipeline chart: helm-charts/openshift-pipelines # +kubebuilder:scaffold:watch diff --git a/Openshift4/operator/xray-operator/bundle/1.1.3/manifests/openshiftxrays.charts.helm.k8s.io.crd.yaml b/Openshift4/operator/xray-operator/bundle/1.1.3/manifests/openshiftxrays.charts.helm.k8s.io.crd.yaml new file mode 100644 index 0000000..e956a17 --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.3/manifests/openshiftxrays.charts.helm.k8s.io.crd.yaml @@ -0,0 +1,29 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: openshiftxrays.charts.helm.k8s.io +spec: + group: charts.helm.k8s.io + names: + kind: OpenshiftXray + listKind: OpenshiftXrayList + plural: openshiftxrays + singular: openshiftxray + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: '' + plural: '' + conditions: null + storedVersions: null diff --git a/Openshift4/operator/xray-operator/bundle/1.1.3/manifests/xray-operator.v1.1.3.clusterserviceversion.yaml b/Openshift4/operator/xray-operator/bundle/1.1.3/manifests/xray-operator.v1.1.3.clusterserviceversion.yaml new file mode 100644 index 0000000..6ab930f --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.3/manifests/xray-operator.v1.1.3.clusterserviceversion.yaml @@ -0,0 +1,460 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "charts.helm.k8s.io/v1alpha1", + "kind": "OpenshiftXray", + "metadata": { + "name": "openshiftxray" + }, + "spec": { + "xray": { + "common": { + "xrayUserId": "1000721035", + "xrayGroupId": "1000721035", + "xrayVersion": "3.10.3-1" + }, + "analysis": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-analysis" + }, + "name": "xray-analysis", + "podManagementPolicy": "Parallel", + "preStartCommand": null, + "updateStrategy": "RollingUpdate" + }, + "database": { + "password": "OVERRIDE", + "url": "OVERRIDE", + "user": "OVERRIDE" + }, + "global": { + "postgresqlTlsSecret": null + }, + "indexer": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-indexer" + }, + "name": "xray-indexer", + "podManagementPolicy": "Parallel", + "updateStrategy": "RollingUpdate" + }, + "persist": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-persist" + }, + "name": "xray-persist", + "persistence": { + "size": "10Gi" + }, + "podManagementPolicy": "Parallel", + "preStartCommand": null, + "updateStrategy": "RollingUpdate" + }, + "postgresql": { + "enabled": false + }, + "rabbitmq-ha": { + "enabled": true, + "image": { + "repository": "registry.connect.redhat.com/jfrog/xray-rabbitmq", + "tag": "3.10.3-1" + }, + "rabbitmqUsername": "guest", + "rabbitmqPassword": "guest", + "managementUsername": "guest", + "managementPassword": "guest", + "initContainer": { + "enabled": false + }, + "securityContext": { + "fsGroup": 1000721035, + "runAsUser": 1000721035, + "runAsGroup": 1000721035 + }, + "replicaCount": 1 + }, + "replicaCount": 1, + "unifiedUpgradeAllowed": "true", + "router": { + "image": { + "imagePullPolicy": "IfNotPresent", + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-router", + "tag": "3.10.3-1" + }, + "name": "router" + }, + "server": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-server" + }, + "name": "xray-server", + "podManagementPolicy": "Parallel", + "replicaCount": 1, + "updateStrategy": "RollingUpdate" + }, + "xray": { + "consoleLog": false, + "jfrogUrl": "OVERRIDE", + "joinKey": "OVERRIDE", + "masterKey": "OVERRIDE" + } + } + } + } + ] + capabilities: Seamless Upgrades + categories: Developer Tools,Integration & Delivery + certified: 'true' + containerImage: registry.connect.redhat.com/jfrog/xray-operator:3.10.3 + createdAt: 2020-05-22 00:00:00+00:00 + description: JFrog Xray Enterprise deploys Xray continuous security scanner into + Openshift (Requires Jfrog Artifactory) + repository: https://github.com/jfrog/JFrog-Cloud-Installers/tree/openshift4/Openshift4 + support: JFrog + creationTimestamp: null + name: xray-operator.v1.1.3 + namespace: default +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Represents Xray Instances + displayName: Xray + kind: OpenshiftXray + name: openshiftxrays.charts.helm.k8s.io + resources: + - kind: Deployment + name: '' + version: v1 + - kind: Service + name: '' + version: v1 + - kind: ReplicaSet + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + - kind: Secret + name: '' + version: v1 + - kind: ConfigMap + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: apps/v1 + version: v1alpha1 + description: '## Overview + + Openshift Operator to deploy JFrog Xray Continuous Security scanner into your Openshift cluster. + + + ## Security Context Constraints + + To deploy this helm chart you will need to be a cluster admin w/ access to the anyuid scc and add the operator service account to the anyuid scc. + + + ``` + + oc adm policy add-scc-to-user anyuid -z xray-operator + + ``` + + ## Usage + + + An external DB is required. The operator will not deploy a DB but will require + you to specify the configuration values to connect to it. + + + Search for JFrog and click JFrog Xray Operator to install. + + + Go to the Installed Operators. + + + Wait for the JFrog Xray Operator to complete the installation. + + + Open the Operator and click on the provided API: Xray + + + Click Create New Instance and provide the following parameters for your DB configuration: + + + ``` + + JFROG_URL + + DATABASE_URL + + DATABASE_USER + + DATABASE_PASSWORD + + ``` + + + JFROG_URL is the external ip or DNS of your Artifactory to connect Xray to. Artifactory + is required to use this operator. + + + DATABASE_URL must be a Postgresql URL in the format: + + ``` + + postgres://postgres-postgresql:5432/xraydb?sslmode=disable + + ``` + + DATABASE_USER and DATABASE_PASSWORD must supply a valid user on Postgresql. + + + Click Create for Xray to deploy into OpenShift. + + + Open Artifactory in a web browser to complete the onboarding wizard for Xray! + + + ## Air gap environments + + + To use Xray Operator in an air gap environment you will need to download the images as image streams into your Openshift air gap cluster manually. + + + Use the image overrides to then specify the image stream locations that are local to your cluster. + + + Next you will need to setup the database of index data for xray to use when scanning artifacts. + + + Follow the link below for instructions on setup: + + + https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray#ConfiguringXray-SynchronizingtheDatabase + + + ' + displayName: JFrog Xray Continuous Security Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAMkAAADCCAYAAADjAebGAAAKN2lDQ1BzUkdCIElFQzYxOTY2LTIuMQAAeJydlndUU9kWh8+9N71QkhCKlNBraFICSA29SJEuKjEJEErAkAAiNkRUcERRkaYIMijggKNDkbEiioUBUbHrBBlE1HFwFBuWSWStGd+8ee/Nm98f935rn73P3Wfvfda6AJD8gwXCTFgJgAyhWBTh58WIjYtnYAcBDPAAA2wA4HCzs0IW+EYCmQJ82IxsmRP4F726DiD5+yrTP4zBAP+flLlZIjEAUJiM5/L42VwZF8k4PVecJbdPyZi2NE3OMErOIlmCMlaTc/IsW3z2mWUPOfMyhDwZy3PO4mXw5Nwn4405Er6MkWAZF+cI+LkyviZjg3RJhkDGb+SxGXxONgAoktwu5nNTZGwtY5IoMoIt43kA4EjJX/DSL1jMzxPLD8XOzFouEiSniBkmXFOGjZMTi+HPz03ni8XMMA43jSPiMdiZGVkc4XIAZs/8WRR5bRmyIjvYODk4MG0tbb4o1H9d/JuS93aWXoR/7hlEH/jD9ld+mQ0AsKZltdn6h21pFQBd6wFQu/2HzWAvAIqyvnUOfXEeunxeUsTiLGcrq9zcXEsBn2spL+jv+p8Of0NffM9Svt3v5WF485M4knQxQ143bmZ6pkTEyM7icPkM5p+H+B8H/nUeFhH8JL6IL5RFRMumTCBMlrVbyBOIBZlChkD4n5r4D8P+pNm5lona+BHQllgCpSEaQH4eACgqESAJe2Qr0O99C8ZHA/nNi9GZmJ37z4L+fVe4TP7IFiR/jmNHRDK4ElHO7Jr8WgI0IABFQAPqQBvoAxPABLbAEbgAD+ADAkEoiARxYDHgghSQAUQgFxSAtaAYlIKtYCeoBnWgETSDNnAYdIFj4DQ4By6By2AE3AFSMA6egCnwCsxAEISFyBAVUod0IEPIHLKFWJAb5AMFQxFQHJQIJUNCSAIVQOugUqgcqobqoWboW+godBq6AA1Dt6BRaBL6FXoHIzAJpsFasBFsBbNgTzgIjoQXwcnwMjgfLoK3wJVwA3wQ7oRPw5fgEVgKP4GnEYAQETqiizARFsJGQpF4JAkRIauQEqQCaUDakB6kH7mKSJGnyFsUBkVFMVBMlAvKHxWF4qKWoVahNqOqUQdQnag+1FXUKGoK9RFNRmuizdHO6AB0LDoZnYsuRlegm9Ad6LPoEfQ4+hUGg6FjjDGOGH9MHCYVswKzGbMb0445hRnGjGGmsVisOtYc64oNxXKwYmwxtgp7EHsSewU7jn2DI+J0cLY4X1w8TogrxFXgWnAncFdwE7gZvBLeEO+MD8Xz8MvxZfhGfA9+CD+OnyEoE4wJroRIQiphLaGS0EY4S7hLeEEkEvWITsRwooC4hlhJPEQ8TxwlviVRSGYkNimBJCFtIe0nnSLdIr0gk8lGZA9yPFlM3kJuJp8h3ye/UaAqWCoEKPAUVivUKHQqXFF4pohXNFT0VFysmK9YoXhEcUjxqRJeyUiJrcRRWqVUo3RU6YbStDJV2UY5VDlDebNyi/IF5UcULMWI4kPhUYoo+yhnKGNUhKpPZVO51HXURupZ6jgNQzOmBdBSaaW0b2iDtCkVioqdSrRKnkqNynEVKR2hG9ED6On0Mvph+nX6O1UtVU9Vvuom1TbVK6qv1eaoeajx1UrU2tVG1N6pM9R91NPUt6l3qd/TQGmYaYRr5Grs0Tir8XQObY7LHO6ckjmH59zWhDXNNCM0V2ju0xzQnNbS1vLTytKq0jqj9VSbru2hnaq9Q/uE9qQOVcdNR6CzQ+ekzmOGCsOTkc6oZPQxpnQ1df11Jbr1uoO6M3rGelF6hXrtevf0Cfos/ST9Hfq9+lMGOgYhBgUGrQa3DfGGLMMUw12G/YavjYyNYow2GHUZPTJWMw4wzjduNb5rQjZxN1lm0mByzRRjyjJNM91tetkMNrM3SzGrMRsyh80dzAXmu82HLdAWThZCiwaLG0wS05OZw2xljlrSLYMtCy27LJ9ZGVjFW22z6rf6aG1vnW7daH3HhmITaFNo02Pzq62ZLde2xvbaXPJc37mr53bPfW5nbse322N3055qH2K/wb7X/oODo4PIoc1h0tHAMdGx1vEGi8YKY21mnXdCO3k5rXY65vTW2cFZ7HzY+RcXpkuaS4vLo3nG8/jzGueNueq5clzrXaVuDLdEt71uUnddd457g/sDD30PnkeTx4SnqWeq50HPZ17WXiKvDq/XbGf2SvYpb8Tbz7vEe9CH4hPlU+1z31fPN9m31XfKz95vhd8pf7R/kP82/xsBWgHcgOaAqUDHwJWBfUGkoAVB1UEPgs2CRcE9IXBIYMj2kLvzDecL53eFgtCA0O2h98KMw5aFfR+OCQ8Lrwl/GGETURDRv4C6YMmClgWvIr0iyyLvRJlESaJ6oxWjE6Kbo1/HeMeUx0hjrWJXxl6K04gTxHXHY+Oj45vipxf6LNy5cDzBPqE44foi40V5iy4s1licvvj4EsUlnCVHEtGJMYktie85oZwGzvTSgKW1S6e4bO4u7hOeB28Hb5Lvyi/nTyS5JpUnPUp2Td6ePJninlKR8lTAFlQLnqf6p9alvk4LTduf9ik9Jr09A5eRmHFUSBGmCfsytTPzMoezzLOKs6TLnJftXDYlChI1ZUPZi7K7xTTZz9SAxESyXjKa45ZTk/MmNzr3SJ5ynjBvYLnZ8k3LJ/J9879egVrBXdFboFuwtmB0pefK+lXQqqWrelfrry5aPb7Gb82BtYS1aWt/KLQuLC98uS5mXU+RVtGaorH1futbixWKRcU3NrhsqNuI2ijYOLhp7qaqTR9LeCUXS61LK0rfb+ZuvviVzVeVX33akrRlsMyhbM9WzFbh1uvb3LcdKFcuzy8f2x6yvXMHY0fJjpc7l+y8UGFXUbeLsEuyS1oZXNldZVC1tep9dUr1SI1XTXutZu2m2te7ebuv7PHY01anVVda926vYO/Ner/6zgajhop9mH05+x42Rjf2f836urlJo6m06cN+4X7pgYgDfc2Ozc0tmi1lrXCrpHXyYMLBy994f9Pdxmyrb6e3lx4ChySHHn+b+O31w0GHe4+wjrR9Z/hdbQe1o6QT6lzeOdWV0iXtjusePhp4tLfHpafje8vv9x/TPVZzXOV42QnCiaITn07mn5w+lXXq6enk02O9S3rvnIk9c60vvG/wbNDZ8+d8z53p9+w/ed71/LELzheOXmRd7LrkcKlzwH6g4wf7HzoGHQY7hxyHui87Xe4Znjd84or7ldNXva+euxZw7dLI/JHh61HXb95IuCG9ybv56Fb6ree3c27P3FlzF3235J7SvYr7mvcbfjT9sV3qID0+6j068GDBgztj3LEnP2X/9H686CH5YcWEzkTzI9tHxyZ9Jy8/Xvh4/EnWk5mnxT8r/1z7zOTZd794/DIwFTs1/lz0/NOvm1+ov9j/0u5l73TY9P1XGa9mXpe8UX9z4C3rbf+7mHcTM7nvse8rP5h+6PkY9PHup4xPn34D94Tz+49wZioAAAAJcEhZcwAACxIAAAsSAdLdfvwAACAASURBVHic7V0HfBzF1Z83u3un5iLJGGzAdoyDgWDAgIxtSdd0xZiaxEASWiDARw9gei8hQCghhN5CJ4BDMHGMdbqiU7ExpgZCb4ZgTLFsg2Wr3O18792d7JN0ZfeaTvb9f7/T3u3N7oz25j/z3swrshCCEfg1nJvqG44F4HWMCQlPrwQmWgKt3oB6laqyIorYRiHTnzBBTI6ngLGjIqeBAUSOZpNjpdXrvDLg8DyuqqoYuqYWUcTQIEwSU73jtC0EGYSJjMOjZq/jQL6AH6POU0N5bF8RGaDe49pHkthM/G27u4W6eKmt6ZuhbtNwhIwdXzJX2y+hWSMFfmWqtv8Xj3/IQ7uKyBA4+58uS3BX32cj8A6LxzWz2d740VC2azhCrhtl3QcJsqOWwiiEzZ+1ZNYdy+Ys+yHXDUsEi98+Gxi/HlszDT/2oO60Aph6p9/W1DRUbSpIcDhnwJkq4OIsPJ49FM0pFNQ8UKNUTKk6hgl2NHZo7PusmwnxzKqelZd8MOeD7njXyAByhY46RpcYR/4Sj3/LSot1YrbPsb0RpCX4dkTfOdSdDsUecbDJ63S1NLg9Q9GuAsXYOOd2zXsrCgjYR+oqplQ+xOg5xApOAOeOM0wche9+F+86uWNd72tjqpW1+L5SS0VCCAsbIpIYGduXxRAkBpxzQJGRFUmyBV/ia1S/MwAdQ9OUoYfF7/qFxOEZFtXDBwIATqh1225od/o+Hvid/PY83wazx3UEl9jf8fOYVJXhzeKNUHlBD4j/GBgLsjj/KA4M+wxBkwoWgrHX8Jns2e+cUP89VO0ZSuy70DZ61EiFZpC4BIkCFFk6AI+DSUJ/AvZGr7nRvBdXjH9DFriSVym+zKC9GaHd6vnK6nNdhoy4kQ1caRCsqJDGAAmxAIAfv/kzY6+0tIaeYbahbNXQYNRI+Qg8jE5VTgj4Pt75zcwKuAJfo8xyoNlrPxP73014qjTefdQQPJp2a7MAv63xT1av8yVUTC/Ej7/Gl4Sv7pAQFw9luwoNAVvTIqvfebpgMA9//f91bgzOV6/yBYe6XUMD2FdDoVWre1c2x/ui3/QT3Sz8a73f7paF9CiO1QfEfi8EuwFnnfa025ol+Bvcb+PhWLPPcQMwOIKB+lJLg+eVoW5XocFvdd+Dh3uGuh0FgGRiVh/OT7i6Fe9kq9XzAb/GVmcyKSehTHMkztUGlbEHA7bGRzJpabaBo+W7eLhmqNtRRKFDvJtsHxBnhvuarY1PJ/o+IcOiU/O90VcRRQxbbOgMPl5RrvyekfVIf3QIIe5oaQ1ez6yJr9cyDRVRxLDGioN939csqtmjvLxqDgh1Jyagi4F47/uO1cvfnvd2T6rFjIxJYvU5rAz4efiW9JdynLw+wEb8vadjw1/b57VvyvT+abRnlgB+C74tYaq4trnBvTDfbSgUYMcoKy+tPETt7nK3zG1ZO9TtGUqsOHjFRjw8n861GZHE4nedA8BvY/0EPpiOn6YbqiuOq3XbDo+3OZMrWNyWnUExvgR9m2gcnrd4nUciUf6RrzYUEirKKp9iAIdJpSXN+DGJQFFEMqRNkmiH/BNLrBH9zCArfvMS876BOYHv0q1HD0Ax0LJw7C4zBw4PmBvNS2mJOx9tKBRYmiw/Adl4WOQTWCwe10+Lxo3pIW2SgCLTDreSvBDbiRuMZC5yXrr16AMcFudkJZKZxK+j89OGwgBwQ33sZ8HVvfGw1ZIExWz8f/kswVinYGpTwNb0YbbunTZJenrV9wyKRPsqyW3sAU6Y/Kjt0k+P93WlW5cWYB0lEycoO8dvAvwaH+KDfluTP5dtKCgA2z/2IwcYN1RNySXqmmx7KrJ8Dwt71EY6IzCuWn3O+wKtwbOzsYGaNklI17D6nY9gk05IUXT0xJ3kI/H4WLp1aUF5+XcqY+MTkRbwId6DRNon12QtGACri/2ID2b7oWpKrmD2Og9SZOU5Ntg6hOPIeJq5XtmA7y/MtJ6MFPeeNZ1nGKrKx2KDDkpakMP5fAF/MpdejbSUZ/W7yClszwRFpk7cWbkSj5fmqg2FAtQDt+PGkr1jz4FGn6HhAvK6lCWIR5AtAHZmzaKaq6MrW2kjI5LQEi+/xna42STfgC2azxKLXtPMlfb/w+PdWu9t8bsOZUJEXIoBnmy2Ni5OdY0Q6i0A/JGEBYBdYG5qWBhweJdrbcdwBFeMh9Ch/1kxZUgakwNQTAazyX4//qCJCRJBqaKMIKv1zzOpL+N9kqjMdwF26mUQ8TMZGbcghz9Y3JZ/NTubU1oRW/zOi3HkuyEajYLwa7PP8QtUxl5Idl2zrelRi8+1K16WaLaQuSw9Nr1p+r5vON7oTNWOYQsOxww+CT/Nf0NyA7PJQdbNNRqKdvR+8eNXmdaXtR13HOmfx478DgdOexLxRJ5KkI1PT1swzRbe5UyAaQtsFWOqlasHnAa8742c84WpIrY02xovQ7GL9mZuZ3EJC7uOlseSqc2xKf6lYYmIIqtY4ny1vbnRPG64L4XXLqgtNVRVXJs6JANB3LLi5BW9mdaZVbMUWnbDUXrmKGm7hwHgyEEFgNWOqR53J747JdE9FCXcpnhLy1NNbgeJDCmXMf3Wxr+hXL6IG42otAHVNZAsx+DM147E3urs0pAgpHfF7ULcoNCK17/y26LswlBdfiYedkpVTgjxfEtr8OZsbKFm3XaLxBgc8X9l8trfQJHpejZINoaTUSRaiSP+9fGuf/0w3zqLz/kEkuy4gd+pIDQr/tENzAv2XWi7ftQI5TzsNrTKYdzcCsbuMHmd77c0uJu13rPQYfY6XZzDEYlL8BlsGJOkrqlurCKXp1p4oXiLNyNBLsuW/0xODByjItGNOFr/Bzvjk2yAVxjqDNfhd+txJL8z3vW9HZ2nGqrKO7EgyZ5l+PqOCXYLduhP9baFSIeHK1EUfAFFtpfYlgAJisThHyiemNscvnf03rfQQDvsXDamcogjr9Mr8tGeXAAJcitL5mEo2PKgys5ptTe+nE0PzJxaAdOKFHbOAzjAv0gXiPmKVPI7rH5nt9/qfmDgdVHDyNP5NbazZ83qHrlszrK1mUaPRFHwdavPcThqNy1sy/9dpcjyEovHZR3OJhv4jPfgkpH811PshcB+FHFmOAapw//xcBzk4ixIhPERU8XlAYfnuVxEGc25qTzpKabFpplSacmz+CPZY75CnsB9OKNIiXSD6HTZwbIUidhva1qGxMTZKzYmFewIEgvgjOIcbjNK/Yv1I6SKsrOx85AIUqbhEm5g7GA8PpTjpmUV0Vny4ThfdQomru78eO1fwgp6jiJW58WfhMy0cVY40Fwv30E7oTFf0Yxyt8XvHN1sdd+Yj7Zs6AxeX1GuUHyl2NBE41DhbcWZ5sh8BLnDZyEfcADbQZFge8alEahHGCLfhIKqynsAxMZQKLRRVVmXJCk9QnQGQyEDQhoJwElp3RUl73p5RNlcfK8nbhqZbNCq3rAhSWS100ArpgNCXgkPsuKkNqtnZa7tm/PmdBWdFU7HmeNDJAbJln0KPdCeiNXnHB/o8Jyb61jD5IBj9btITzp1wFejURR7yepz/fH7jlV/SLZMrQcUEMzcZKcl8XoBrBb/2z3NJmU3/GwYXFpiUvipYFeWY9c7ylEeH1AUNK2BDgYwE4oue+EM/5/0bpA/0GBiMikUK2t6zOkeJtRLAq3e2/OV7SDvnokoWt2ORPkCf+InWKxJAcBZ5mrHJBQhjm49tPXHnDZCFQ8zDgNJQpCwE10xpnr8L3BWuQBnlZfSuX2tu7bKIJXPQVK4zF6HA0+FjQvT7NbZBu05Xc4odkEBg2JUm+rtj+IzmxtzejUOofMC9qZ2PYq5xes8Cv/pM1hYehBPBdZ4btMzGA+J+y5tPGInbMCf60XWPyDeIXJF2Ssmd8O8Fqf3v7mqHxW8V7Hzrsa3OyQo8jNs22KccV5DLfDBTZt6X1g+17c60f1IJKislPfnnFnwR3UalAraDZYLhBTxMM/scZkD9sZApjey+FyX4aS2d6Ch6ahsKc2RIO6OR/Dtb7acFe+K3p45AQ0WG7FAHfRkJMj9W87APuZqO1kfJNyrG4gh83EnJbreb6+TmdTIYh30ge0mKfIr+M9dHGjx3KVlSiVbntmzZ49pc7R9q6Vu+jGRAMvw7c9TFN0PO/p+ZaXK3diej4SA9/EckaULO0YZ6gU4Q8AuY6oVeuiSlroLBMAl9rBpsWn/dN16wyN9leM2fA7hANxmT8Nf8dCaacNoR91cZafIJbG+QS+HNnXN1dvWqPvEHwd/AyfXe1wPh5eKNWBIA0FQ6KJav73WwCQSa6bFfFWG/8gd5nrH0Ra//bxmq2dponvU+e0TsdyTSK59rV5nrb/B/YaWuoVg7+EPnIokfaCVOLIJ6x9wOl29oDAwWSoteXHfhbZDontJmmHxuHbHkf4+fLvZsUswTiuXGZEESVtpqK5YGHtfvPOyru4f5yybqz+TwYQJnILSxQ3diyqfEw+FTxIChS7FH8o0aqRMeyn9fCAoOB4wqR11GB/qEfd3MrZkRYN7PX1F5uBgNP6fwqSLsVx5pDzcjH/tgyqJD02zztYNqBs1QlmGA9EZOBD5UpXG0XemxMVpIAGJQf36Do4XWqIkJgQRTyotJYLEGGKKN9b/EJz7+mHppfro7la/KDFKcWNHo76o+fcfcpIQaCSrWVTjKi+v+ifJ9AO/x3M2VLRtFfi/oZhEBnqcG0to55wPKNhAbpwoyqUc0YCR/MxTFdv6geItDkReq8/1Pj4QIsq72OG/xffdQqhlHGBnLLQXnjfJEpuQZPlh70RfpILVbz8EJIkWcmJt7D7DBhw4cJajCDBlZaMPxV9ufEjA620OTyCRLrRsju9/Fp/jVABOLhpbVhMFe39NR+8TWttXECQhkGPM1CVTDx1vmPgMRfhIUIx+ofHJ7iOAX42HhpQVAmynu5FbM8JkYbtt+UiPSNcgsvMBi207JFvgGIjwEm+9cg2ARHGcYytbJ0LsoKX2/pYB5GhVUV5Fs80E+iwB2avZV6DIfUR4vyQOmm1ND9U12doVST5FAExFgrzTxdQ/UTYFre0sGJIQKBYrPrh5JpPyRJIcjklBsw7OJgemWr5FJXyv4a1SFB5KSpQ5eHhES9lZS2w7mU3KU6yf/hFGkAn1yGZ703uxJ8nMXzaU0G86YEUSalDk9tW6a2vane1x86+0OXy04JJ2MJKCIgmBNh2RKMfgA6Qp9Fdp3QT4zXwBdydaC5/eNL18tDy2GIcqy+AgKCLNI6nKWbzOX5YYFTJFGqRUC8HOaR5g9RBdEqYN4ERL9pMNcgXNRhn7s8dDwZGEECXKsUgU+pgOUX5mrrafjse/xvtytDRmoFlKEVkB2C1+19xErtazG22TjAblZuAwL/714vZmm/uugWfxtyTbtOSDGrBfsG2JJIQ+opjqZQMA/EL/HeA6nKIXDPTEoyVjBaRiJPocASXYp80+x+9a7d5/kEJNZjm1bsd+EmcnI0HIR6gk3nURJynP/IFUsPjtJmDSVRqqLs+89fFRsCQhEFGmLZj26zFV455PGZFlMEZxQ8lf2ADzC5lJtPuaMutREWljJAf+nNnr+M7qd63GI0VpqUp6hWDtvR2dxwzcOK5ZZBtTUabQHpiWjdpFGbQ5KQqaJAQyNJz8qG3exJ2VJfiwzDovPwJHtXkBW9OCvhNCqPcA8EHLzEVkHdtFX0lBaeo6hThoxYDg6lE9hGK1pXTVxbu0rf8heEG6DU2FgicJgQLK1Xidh1UA84cDcusAjmp31TXVtfSZrFDEFavPuTDJMvPWAlri/CdTBWUkfk8IWCe4OiJiai/2wN65O1kko3i0B0sgAuUB/u7uHw5fMWfwZqGp2k7u3QcmuZaWml/G/+/pQJtnQS4tgocFSQi00z7b5zjQyKANZxQ9MaTIL/oRlI0P6tt06gH1DAOTaHe/OgdN7cEOuEoA+wE74EbasQTayBJkih9encl1h9xErs7rf+y9LYG5yev4erHvw9QlU41j5UnTJYnNBCHqkDi0x5QHcVQ8sKp75VnxUrBZfI6jkcwXDb6EfYzP894QhF5otXo+2Xw+9a5YRhg2JCGQ26nF45oLEiNbrpTptGNACVPJG/HP9IFMYSx+1ynYeTNNyUCsexWY8KlCLBe0A9zm+V+yUS1iTqPszphEo/l0AOyYDPBzNizpRXNIZb/TEwsg2klfjr5upw2+ujp5JufsYGDhiDc/ybxd/bAORd4zm21NT8b70up11gDnA126V+GDvqy1temxfPmQxGJYkYRAvuj1HtchshQ2oUgVwS8GcAPqJwHydQ/fx9r4PBLlIeyZv9PbBiTGf5AYD27cFHxu0A5zilEtGsWFXi1958IKaqnsxDmHxAt66Z3haPa6ItDquSXTThR1jmujF86+l9Q3WmdwWT6JRczWtbgIJ8Pfe1jo/HabJ27AOEoPARKQAr75dxWC3b+mo3d+eId8iNJrDzuSEMjE2eJ1ngAcyKRa6whs5ABPT1tg26/PJGF98Nvfj5bHUiwqTXZHSA43Y6Hrm62eltSltYO8JfFAu89P1TxQo5ROrmyQOK3KhZe+RyW/WrwbCoaOa3F4X8t2J4qKpxQSdrlpselCqcR4AkqPp+kUd6mNb2Bvn58sqn+t2zbFoCikP/VFsyHHu+ObbY3/TLP5WcOwJAmhucH9jMXn3A0ArtZ+Few6plr5G46QR1IHoBhhdX77YQqTyLckSWoC8YYagnOz4aSUCtGIg0voVbOo5syK0sp5OMPQSE46VOyAsBpH2Vu+7ll5Z6LUytlE1JfjNn4Nv72+vuFQHHB+T8mBUlz2jirU61tbvc8mm+EsfvsMJAjZZPXtqK8O9QbntDi9b2Wp+Rlh2JKE0GL3XGv2OmgW0OoXQpiH+gmZMNxAH8gwzuRucEiK3MwG6zkbsSNe2tLhuTPXvvfxEI2GTsugj6GIOR5FTMpLWRFSxWebPl27PBshPPUi2tkpJvMLZHCICv8xEBEyaXaRcED5jJE1sRDPB+ze5vBslGCGI/3HbJLPAiaRY1TfgsY3SCwzEiRrSXgyxbAmCf0A9S/WHy+PKJ2Ko9oe2q+EP1h9jjf7jCDJVRjlYRNI4eiGu0QLvSpC7DeFEo8LRcxVjJZ0+5DjFR0twDa9iYc3ExZIMHfQLrypyX6o2aTQQLV7zFedoWDwIBQdC4YghGFNEgIFjcAOPg87+Aqm3TSBM+BP4nUH9JEAj+/VeJ37lQOE3T2/7vn8vHyIMdsSwnHCRpQdj7M/xfOdOqiAKk4J61YFhmFPEgJ1cIvPcUbS3CSDUYnE+vdMn2PWy7amNXQi6vV4Rk4auQ3D7HPsCoyfIY8o+y1LlJqDsSf8De6n8tgszdgqSEII5ybxu6woHx+v47KflgL/59QlUx3FWSP7QJ1lf4mLSzjww1lyN9B1Gzp7z81Xu/RiqyEJYX3w2zNGy2MpcvruKQtvQf04w8SHUU4+JhdxZLdFULginKUvlSVyxU69Qi+YuCm6DF6QGDYkodhWVVWSBUelyp7eDf+O54VGS7o4tR+DZWj3OHn67BgAwG/MHgdtcOXEHyEfCK9+cXaqAHYYROR9yuTlU4PBW/KV/s7kddolDldyaZC3YTKs7+7+UXOawKFAQZMkvBNdLv8cu/GhY6qVGajYXRPoaLov2XIs7ahb/M5rgcF1uioDSmnn/LbZ6r4l44bnEWR7Nc448RJZAiJ4acy4TblY5nFZ/qXV73qoq/uH+cviGBJmirC1bqX9l4LDfCTIDL3XC8GeyUW7somCIwntOJftMvownA2OryhXKJ+Ggk/y3109wf0o+oWWe7S0BG80mxTyP5mpp24k1p+wQ62hTFnptD3fQLGmdrxxEtk5JRMviTcnlRhH2nCkP76lwd2WjbopoY4sl51ornL8H9YwKV3DM6HmNnV5NlAwJKFIG6Wl8pkVU6pod7kvz8ZGnD3OCTg89+jRF8j+CMWu45FotIavw74r3KEesHidG2lHX8d1eQWJntVVyvUo1tBSqtaQJpNxpA/gIHA/KslXpKMDUDifivKqg3D0P0aRyynogyEzs0zxVavTszRXKROyhSEnicVt2ZkpxsvKShValYo1I/8ACXKEv8H9djoPkfKiWH2uP+CPGDftXBJIwOFx7EwGnFEe119zbmH1Oo9E0ZOC8E1I43Ii1Kk4Qx9t9TsfVYOhJ1qX+lckMhmhWb1icuWeDEQ9A25HgtAWZlnWoswI9uJwWCwZMpLsu9A2etRI+SpQjJSvxDjg6yUoQx+Vqay64ZOOm3FmokAS01IW7g9S+h+z+pxHdfcGz1zq8n2eSTuyASTHNMbhL/jKRpSXEThpnon6yplmk2O9xe+i4ORfAvmiYJ/AXluF7yfgs6OwroacxcMHNa2o/fnGkJAER+ljR40Mj4aD0peRaXRLa+8Z6lXLMk4KSbZN9R7XKbLE2lk64RoBDjIaFCsq9DevD35381DkfqcIIwZFvgJnNwqikIvfaxRSYHbsiTyFIwsGf+xuzk9VmSGvJKHVqvIy+b6E0U8oa6q96aJsTsFkVo+ixd00cqZ5izJU6K8aLW93ktnnunrjJx2P5sOwMBp+5yJ8ncjiJvwZ3sAf+PWc56HJEvJGElSk90VZ+HkWm2YhBvjQbm22NV6YCyUu+OOmS+WKssNxiNQQVCARYEcO7AEUQS5H0t20LvjdY7mYWUxepwXrOQvJQT74wymdgy4AEwkzBcQDJUbatMmo6o2Anw3khSQo8zo5cCJIXANEJMiTLQ1NF+RqlSNsBOl3nYFixMIs3A5JDnePlsfeYPG5HmUQwrb7VmQy+9U12XaTZflXOGP9SuIw2PBvK4RQtaU96ANtHuPzvg91s7cCbcH7s5WjXQtyThKz1+niHKhzDlTOIxBs+Rdf9p6kt5PRJpYeH49ma+OLSJRn0o0xHAejIglspLPNXsdKVPIX4//SJtSeZS1LW1YmWjGihEOzZlkmy7K0PzBOtmY2RVZ0evoNfwS5qoskhE1dvVeVlSofmE3KKSZ3w/H5csrKKUnwH9lbUuTnWCKCMLa2u7f3VxQySOs9w74IHsfZdSOtzfhR10MKBjvPVuRyWsbUE0RCCyaGswoDOw24kZlNjh4UyT7HGacDRwH634KCAeo2bDv8bmc2dCF8CgWrEkWBTwaKJ4DP9Q58rpeHs6H5XNcHWnv/mOtZJWckiW48kQ96wpi7OHecp2d5ddaSWSNx1KYoG+NwFPmL3jZR7C2Lz3EOANecmyJN0LJpNCsWxPwtIor2dC/sYeq9BiZRbGDayLzGZFIaDlhsO0pPyge9yBlJKsorL2FJzCVQtmpptTc9qlUPodWeEuNIiqTxM7xYS2zYuKBQNla/i/ZODk73HkVkBvztdSntsaBwUPj7UcQbCuBBg48JRbDlKLXMzVUy2pyQJGKYqCTNBxEKMc1LvSavc7LRoFCkjfAus8rU1zNpX1d372klRoUsVVNEIikiFxBCTZl6Lvn17HXUB/ePOTUBxa8AKvUOrTkz9SAnJCkvV45hSWM0ieZWu1uT4kaGdKhH0EPdbIYBIDLKd0iGkmaf6xwObFgYMm5l+LLV7k3L1KgPkd9/kABbzTg01rpts9udvo8zaeBA5IQkwMRByaVw0OQ/QLZD5VOqSPHvt7eiqjzjzbWArfERi89pBQjvZBeRJ+As8FzGm8UCjAm613YGRV44vWn6jGzuYeVIJ4H9kny5oWfNBk1h8it2qSK9xjTwPAdBpMnY5Lu3o/NUQ3XFz/BtsvYWkT2oIQjdn+lNBBMTIeEgDHuMlre7Ed+cpeVepOumWjzKOknClqNTqpIFXG5rHxBmPx7IOhgU48XxvsMHVIuHuLFk9YDaYW40H8KVkqXkE5Hp/YpIiWdbrZ4PMrkBbQGYPY7ZyUvBaajI36tFkceZ51azz/E4ZRtIVCZXq1sJZS0hhCZdBBQDKf7xfUEAfjFtwbRzKHdJes3bAsqEhXKsw6AoFJ0xaWbfIjLC+q7u3oxziJg9DXUazIskLkvkqZkyKAgAexcYf97qc5zvtzXdFq9M1klCxn/RXOtxw4biVJlyJIkmcDk6SZHtq6t2OBaPD6XZzH4gRQ+JYo7Goo1rW1ZERiAl5DitnqXJIBg/X8ueE+qa82oW1ZwWjYKZ+H5CvI9lUTjht1r9zkq/1X3FwDK5mklotogbelTLylTtaAf5fyTNkgTAr521ZNZz2fKPJqIcsNg2s6xUfh7vPisb9ywijF5VqCeiOPNi6qLJYfa4GrjEDtVYvKy8fBS5bydfbgYRk1MTLscZZe3AGSUnJBFC/Qd24vgkEZBSH5FATNWwRz2+xDiSMrUem0YT44J2bacumWodb5x4C9ZPQeqKG+WZ4dNgiB3dam/Sbac1EGQFbFAqdEkOoPLdWCqSMNbfJAr4zRav85PmBvdmY9ickOTrni8WYEe7iczLB34nQKT0ORcAIzT2zmOQ+W8kkiXTQTRI3Vlmr3MRB7i3qNCnBRRxxG0bOtfekErc0YLIYlAlxRzQJwoDVKQqIkJSKfR3SODA4cF6j2tFNP5ybkhCHc3ic1yGot4jg1sFSVIcRMCBrddcGTLf6nWu8ze4H9bVyBQINLgbaxfU7mGoqriAwg3hqZQPvAjK0xhObnRTtmypwntlu1Q+QTni9V5LKflSFuLquDhOq2Nkid2Lx7BolzPbrRa79zGzx37EwNTSSJzdUl6sivfDmQa1gWPZByw+V2WzrfHWNJqaENGl6mvNS8z3cKPxPGz96SxxLNttGR8IJIe6qeuhaB6TrICiwoyZEjaSTcvOTqV+lAIoLSTy3zkEpRQrJR7KGUloVxXlyOMMSvmyLRaxjOidUikOrPW8a652fMPi+MAnAP6v7BaLz7lH58a1Z2Vjiu/XnkgKt0vqX6z/o1xeeizWRmT5WTbrxdCg7wAAIABJREFUGIZAUUQ8iwroswG79+VsRz2h1HDV1QqlFt8rzVt0btq09hUN5RLGZhPAaZ8udyQhkDfZ7Eaby2gI70FEbK+A1VII/mT+zeRMZfU7cQSBc/TUh7PUiRXlVTNQnjw2mjsjq4i2mUxq7iZ3ZGTmsVjrL/HzztmuqwARQha8xgTzhFT2r/b2plc2O5Zl2aPU7HP9lkvsDpbEzUIDnk81WFI/lEeUJQzJirKMnTa1c+6ZSFv+WFEdKMbF+HFPfJVIFSUUCOLRZNd1dQdvLTEq8cINpcKeKE+SQ86NPR0bbtCyu58OoglKX+ecn1fvaZiOhDlIoNwMkZFpawjc0C3IqY28LZnaGgxubOkXf1m3hpAalibLT0Ay/JUPENHTgBrqDd6UqhBKBbQCm6x/caYYD8qLj3uzs/nLGq+zrgJ1B/x4BI74tLyalCS08YQd/Y/kWJNGlQpedwUq3cfiiH9Jq937TK6CoEXv+3r0dd30punlI/h2NZyzmcDgAOxk+2BbaFWmkJeT1+E/8S428D9hYrDQ6193f/lWvtJRhEf0irILQDaez/RF3IwPIe7S5FvC4bRURfCZHJC3aCnRBDlHWr3OU7Bxt1JwiGZrozvZNd93rLpxTPW4OWlv7gGbhFr90yav4wKs75qWhqZ/5TpiYNT6tDn6CmOmz1GNv/weKuNTeWQPiHzaJ7HIkmZlLtsTBZnvrMbe84UQ7Aus/3N8CJ9xpn6ysSv0Xi69+pIhrJhXy6ehyEOrh0k3j3Xgv993BC9NVcjit9uASRpiRYspeQ9O529w34/i10tMMfyOL+DeZMEcyDar1m8/wsAk8mRLJ6xnGDga7IuHhWav4y2cWW7p6Fj9bDbsvrQimkmrNfrqh9oFtaVihHF7hcP2IMvVQqhVAHw0/jgVqDmWYuPLcTZSAMIiXMzvJYjsNNJ34ZtuEIDyt7oBr1mngugQeBRc/U7t3fTdsjnL1hZSONHZPsf2BoDTxlQrFAtNb876ZPhOhNjP+1KQJwIF4zCbHCnFsQhg1JBEcCTxCw9XU2PZvORlyV2z3m93ykwiz8SUeywpsDcH/viY6vE3WXyuB4MQejidgATZRFRn+jz6yg0KJCC1CUVuicMpRuBHMv26Zip0qEKdE7A3pUwEa6p3kJi1f6pyUfQMacDsZLm9Y0Hm1eEHDNCII2s2wu+Mx5H5SoVJFGjOh53o8WDnpn8Ol4iCwwl1fvtERUhkrHosEiT1HllaEF/1BoNz2hy+d1KVxAF3qgySxlkk7I//zZBHldeKlgb3p7Xu2gMMSsXf8aMjS7fl4Z1czuwoF99r8TlfwsfyvNrVvTibm2LbGmiPAyRxuGAwDweiGpbYQypjUFAJ0dM9r80V+DpV2YgOpJCnq9YszVTBO8OGJARagkQ95kBzleMifOxXMx0p3zSgNBKjGH4hlZYGrT4Xhb1ZrDLV09rqfVPrrLctgsJHlZZWmjiAA9kwFyS2G8slMyIIoVZ2U+cnHVdric0cdb+g3XtdGQZUIXK7mZgLRBX9P9Z7XItlSdyPP0ZNDqqR8Rc249HMcZpBJW+N1e9qxVErEAqxtq7POt7KR9DsQoVpsakSjCUzUKOsw4+WivIq+g2yrWMkwztMqKc025qWMVvqwmFvRq/jQabfvGXNpk/XeocdSfpAO+o4OswyVTtOxhGL9lLG5rA6WoE5HOs5XJYYq5hS1YWkeRNHsleQOG+IYPCNtT98+14+V8zyhRqvc1Q5V/dmTNqXCTEd54cZONOSvdNQ7PusE0xcv2bN13dofdbhGcRrvwff/lZ3bYLdT4PhsCUJITqr3DtryaynSgwjz8efjcxYMjFl0AoKUzoTlf+Z4Z6iyGxM9fheq9/5Efadd5E8H4IQnwiufhwKSR+3O5u+LqQl2IGYtmCaoapqh0kAfAoIdYpgfBf838jebo8KDjuTh0+4YNZSXOnGJnym93Ru7L1BTxq7yY/aSswTHJST8Yg06lyv9nT9md4Ma5L0IeqdeGXNItsd5eXyOTja0RJfVZ6boVCkDjzuEe5L5BHKJEYzD071GyOxgckoEGhTbzWtmgghVjOVf43KzppQqHddryyvfa3N82M29B8yMZd2GT1SCoYqFYVXgYBqclMQnI2HsOEo7IDt2IF8fpDgtAcV8aoAXkimAT8gOR4MqezWPt8OraC9mAkTwqk+UgSNSAChXhk1bN06SNKH6Chz+fSm6TeM5tsdj+rEGdGOO9Qo6yNQ5GNEqSXXauqa5M0gS0pYqEf9R6AoR7v2P+J0H94sxMK0YdgDEV9xFfAXFNSb8TK6A55TQIRj45JJB71GokgYCcqt8L4qw6/+BCggOvTHJ/gv3r1BwENRSw1dQH11ppFzWsVKLx+NYN5Aq/fOPn1nqyJJH6KmIXejwnaP2dNgwQ51UjS71nCI5k49tyL8gv4ntxz7rxxBbIHhC9IxXkRyPIwdtDGd2ZT0D1OV42KcvSlWdHorn4J93hvq/E1s/VslSfoQ1QNop95PiUxHjFDmcRBHYY+i5JxbbRapYQTsiGIpDmLPiO6uZ/rEGy0rVgNBm4TmajuFrc0kiMd3QmVzKftA7MmtmiSxiKYRo2XABym+sCSVH8qBUco1MvoeDjPM1gKcMUQLEmNhd3fvC5mGGZq6ZKpxvGHSRTJIFO0zk99xdW+w19Hm8L038ItthiSxiI4UYcKQaftIaYyVA7hQsbWj2JIj04ltGIJ9LIB5hVCXqBu6vNky/zH7HIcjQW7O2FRJsPdFqBtnkObP4n29TZIkFlH9ZVH0xWr99h1lAVZgvB71aloZIWVbf3rrbRco4oqPRNhZC1pDEPK32bJrRGr1OVCk4jdw4OYs3O6Frp4fjk8Wv22bJ8lAkNUxHp6IvsK7y7y0tAZ/+Bk409QgcfZhEXfd4a8qZwerkBVv4vNZgY/klc7O3lf07GXogcVvnwFMuoIBz0YCpk6migsDDs89qfawiiRJgaihozv6CoOIw4wle3MOe+K4uTuAwNkGKKuX1sAVwxFrkAjvCQHv4vDwHvard6C3+63NynaOQO4U9fUNcwH4uUiQNFT6uHipu6f39HA0eQ1raEWSpIEocZpZjPchgXI6yvLIXTlXpwDAJGAwUUScxXaCSDBuMm8p1BmI/Ndpw44U6c+R/F8Kpq5kID5SN/V8lG+r6HDOzdLK35pN9t/3i7aTGT4QqrgoNjqjFhRJkkVE5dpXo69BoJWYathxnMHAxzImjUG5fSzOQmMgkpZuNMrwlfi+XESyhFUAHUV4xaYEqUV7jbRszWNeaswrNGDzcSMwsVGEPRbFBuxo64A8FhlbDyrrEBy+D4XYt5Lo/uaLVfxrPRmQc4moSHVCRXkV5bVMlsJDDz5F0eqmDZ+u/Vs6hqlFkuQR0cAKn7NceiEOQ9BiiUHAUahrnIgEyWY8s1eRHH8OtAWfDaexbkjvJkWSFDEkiBLjlwyAYhjMxtkvWyuIFGr1uWAI7m+1N0YCdadJjj4USVJEXkA+HRSfDHW1uSj6HWigSCXZIwaJikvw9eyGzo6F2Y7gWSRJETmDudE8jikGMwfuMnsdc/DUDlm8Pe29NKGO9VLox41NuYxPUCRJEVmD2efYlQuoE8BqgYGJG0qyEbSDEIwEzxPLVQFLhRAtFPMgS/dOibyThAK1QU9Ic5Q+Awt1J1qLr/fbd5EYmxgKSe/r9TcoIn2Q6FTXZP+JRGF5OJsuGOwLjO2HM0b1YHN8XehGfWIl3o/ysH8EqniXgXh7w8Z1b2VbhNKDvJOkhPGHwci1pvRCyJSKOm5QY0lIJwKwS8mxyepzfY6/zstCsJdDKlv+1Ve9bxbKsubWhp89aykXAkaGQPwgqew9JMo39NzZFhP/8rCfixB9OkcQdREK3LAJQFBn39C3FK2C+FZV+eqent7/rTi4+ZtC9ODcesStSEaqSUiaXxFpJk5Qei1+19v4Y71O8W3x2b8pOje9VYytlTmiERKzHrW/UILoDcTWQ5LBUKLhTUkUYBIlBRpRplr9rs9xRKMgZu8Ipr6HI9uHQ7GjXMTwwdZMknig6X8yzjaT8Xho3wqkVFrKkDzfMsE+Ekx8grPSZygKfIry8GchAV9907vyq3xFWC+i8LCtkSQZxiI5xgKD2vCnMH8gHCdkvHES+Z1/R+E08RwFcPgWiUY+KZ/6re57hrLRReQeRZJoA0lsY/EQju0Fm0PrkHk4K5JkK0eRJBlAMMjbWn0RQ4ciSTKBYJ8MdROKyD2KJMkIanEm2QZQJEkGAPJTKGKrx7ZGkjd7g73HZutmq1axj7N1ryIKF9sUSchbT0s2pCKKiMU2RZIiikgHRZIUsU2BghFGY61pRpEkRWwzoKB2o6Wxz1o8LmezvXFQONNEKJIkh4gE6ZbswPiOzbbGvyQrS342pQJcgrO9UHnaDgC4oFhXqlixZm3w36lyk8cD+X0csNiyo6LIu0kcxolwVBZRAirbKECsJ9u0zk71w1wFk9MKSvhZVSVNwH95JyHUkRx4Kf7fIRXERgDxbXe3+sXyuc1fpWtGT7laKqZUns+AU0Y0BSR2Hz4bs9b7FUmSRVDo/9rRjhpJEnMYA8eokcoMFnnGal2TrbHN4Xt/4DWRjLDydaXAT6OwQbFpFMIHDmxMtfJDvcfV0GpvjBuqaGAbTNUOF157hNnrcLJIvK8t96O/fEvyhopyiVn9zg8pJ4cA9e8tDb7WXPt0mJeYt+OK8RDBwYmtqMH/7yd9zQOIuqBwMj+NtLHEKFEipPUWv+stYKJFDUFzcN2Gpe3z2jclqydMjsmVR1TsUnUFfoyN8Vxf73H8jkXiQadEkSQZAjvveM6ZE39Tl7naQamzq+P45nFZUk7A40WxJ80+x77YQZ7Ft7ukqKa0C8RHyQpEO8TJ2IYL8eNEff8F7IpN3hWYdJrZ43jf7HPd1NrR9Hg03V7WYPHbTVjH+dxYciCLJCDSg1FY3sTILVhilxuqK7qQ3OTo1aYK8RoXsDIUCvVIMh/JBPxUANRWTKmirAFxo2ri73VTXVPdiwPTLMRDkSQZwOp3/VOWwukbUv7eAOznLIYkFq/zMJzyn2KRQHTJIVhLsoxPJGujOPFIViIdAtsNx/K/IdnOQRKfGLA1vZ7pLSl3iMz4nUgQe8bt24ISbKwFjxYOEZ9hiUe7szYX4ipZLr8Nj8ekKlgkSSYQ4rMYk+BU+Cnl8Vtqa/oGyfVr4EAJL7U9fxD/jneadA6Tx3EpiihXa76XduyNusFSq9d5tr/BfX+6N0ER6VSZSZSgs+BywOAPdzS277Fma6M7WbkiSTKAECyAFDlXa3kjY3uZvU4D10MQqicEiwaeC+seHvv9WP+JWu+TBowol9yHYs3OgQbPlXp0lUjudPttqPuck8P2ZQwQ7K7aBbV7JdNviiTJACEBK/Q8QMG4HfUXygys57IPmu2Ng/QRczXlJodcEiQGcDnqKkSQK7VegTPcjXgoaIKEAWyKUlV2HL67L1GRIkkyAIUxQtFpDYtEi08JHPUvYDoj7ohocqFY4Mh+Cd7mZD33yRjArkDR639aRC/Ut45CcfLCfDQrc4gHWlpDDyXL01gkSeagUV4TSVgaIalQwulHEpPXWSdxuFbvfbICDnegMv9qMmU+vLxrLLkrn81KE9/g61y/1f00syYvuK2RpKTWbUs7quBGWPv1QJMGHOlXYs+fmXnT4mJdW1uwrS/gczSJJmWYTed368LWvoE8/R4bXYV03Y/pV6aNqMw/he3YO1FgDG40Xsq0DxoDsQaf53/xef6ARwNElrJpxS6deHe0GjiC9U/l14n/+8sC2IL1wW8f12qesk2RhEIMGRQl6X5DMhhYNQXV+1e/k4J9lcO0PEvCKQOiQILMTyOJJiqk4rqu7h/vis0LWP9i/QhpRNnvsOm0Cz1Sx/2mjjNMOh+P1w/8osbrHFXB4RSd7aNnGFBVdlVre1PrwPzts5bYdjIalNNQVJ3Pwmsfmu/56sovew/ecUelShLdRhESG1rntn6fzkbpNkWSnADEdxkmrwpHRBdMtAshVnOAUvyBp1NKAiHUzaIWZdEqMY68QOe9NwgWcjVbPUsHfhEN0nc7ik9unB18TEcqO+ywF8/0Oe592da0JvZ8OYh5+G3qfZ9YCPHnQKvn/DA54uyiRFNYX1bvCe9JNeL7Km2NZA0TdpaOarY1Prr5XJrB74okyRAUqjPNBAI0oj3ULdTLae9k4JfTm6ZfIHfLm0e9EuOI/2P6Mz+dHo8gsUD94l3Uc45BPadJx30rShicySKz0GYAcJfO9vkDds98LaM7meRY/K4TcDjSnMoN23MVX8CfyNRyoEiSTMEhnbCpm4Qqjm1ucP8jUYFYeTmy5+A4VWcdrwYamp7QMnq2NLg9Vp+zkVEue40AgFOxA/5hQAfUp5sJmj+0iz/N1sYXrT7XcpwlDtB4yU9M1Q7S6JJuFqZCkSQZAn/hTp3CVjd2q0MCdrdX6wX1bgflk5+sqxZVPKCnAwrBHkAxSs9MsIO5qoEWTsMzEPlpjJbH7qTj+u8Cdm+bbhEIBA4soJUkyCdBdmJFkgwlsB/2hOMMawT22jsD9kbNBCFwKSzr62pXdzCoq2OsV79bMpqP7WG0PqERgvHDWZQk5XL1GKavke+ko0QLBm/p22iC6XrrGIgiSTJHMHWRGAimyysuAnDovGBlOEe5DpB4h6LMGzpEGRS5hKXvvSSgXA9FhBBpBSgHFa/TMShhm/TMbnFRJEmG4JyWLKWc3Z+MIo3A99B1kRBpBbugFBXY/TSTBHvg7qbFpspoRH5dgwXoWc6NASpARp1PW99qWxwUSVLgUATss9lDSiuAaXZNHYAPdZYHMJQSgdtZT89aZtSxNwkwSWddYXAQu+gUPZM6ZmlBkSQFDg6wdxqXfZFWZUL8j2m2/I+Cs93xb3vr8tY1ZpODslhpHbl3P2CxbYflc32r9VUITl3FBfta3/0HY1sjySeoKt6Y7sVC8Ley2RhNADFFr9KuChE3x2TK6xj7Rq/gyKPuwbSYa/G73sGWztB6aWmJchYeL9NaF5kUGRTll7oaCOxtXeXjYJsiCcrc3wRsjZr8mgsHoF/xVHlaJJEi9k66IPrt1As/tlcrSWjSOt/scfm0rPbVumurFKXiGaZTlxGq8OgpHw/bFEmGKcbpvUBl6aygMdYTCv5o4Iqua7CjV26uNxh6TpLli5KVHwADl9hii8/5R7Wr6454KfnId798cuUvDHIFSQCTdDWOsbWdm9a+pPOaQSiSpNAhwtlsdYFztSedqiRJ1n2dEGLzyN7i8L5m9bnasb21Om5hAICrpdLSS61+1+t4v3eReD8IwUbicULFlCqamfQYYMY0jt2bjdTWRZIUOkCU6tVJKGpIOlUJAfr2fNjgpVw1FJzPZbmd6V8Xp03MmUiYsGmL3vWDOPh6gxA3ZXwXViTJMADk7TeS1G6JSTq3LwD67ZoHHN7lKD5dR7NDFpumF2pIFScmizCjB0WSFD669F4gSZJm05JY9DJu1H2hEIOcr1rsnmvNHns1EuisdNqRKZC181sa3Euydb8iSQodgm3SrZOkuZstMdB9nQAYROKoTdbZVq/zfcbhZpaFXW+NCGGLzm22uv+azZsWSVLoALJx0qmTCP2dPVyVzHVfByyxDZa/wX23yetcJHEgv5Oj8aVv6UwfvhQs9Ntmq8eX7RsXSVLwgK90XwFCr3NW9Do+Ru81qOwn3TFHsYd2/0+Y7XNcbAQ4Dmu5BD9XJrtGJ9bjbHvH9x29f0onqLgWFElS8BD/0zuTgA5X3P5VqeMY6HOzBGCrUpWx+O2zDYyfgaUPZuku5/YHrcItQ5nuqe7uH56K9d3PBYokKXCoAv6rxzKcAABj06uN76D7EqEOipTfByTHDBDSbQBSrU6eEwleEELQUraM/89GrGidYLAShcn/dKr8tWytXGlBkSQFDi7EW3o3DVAESs+HAthPdF4huno2/DfeFxa/83Jg0tV4T337JUIs7A0FL46XpmKoUCRJgWNV78r/jDdO0mNdS4P21HTqAsH21DnifxhP1KEIk8DgOp3V031O8tvcz+m8LucokqTAQUHgrD5nq54gDdjR9+HXcD4whlUyhAPfGSftp6txQgxaSarz2ycqTLomXvGkt2LsiFTR3YcKRZIMA6As/hIO8HqCNIwy19nJD+UNrReMM04yM50RHYUIx8HqB1lIxyBJ9S71bmxZ06TL7z+fGAYkgZymJhsO2NTV+0xZqXIL05OugYeTC2kmCeI3OpvVsWbt14MsbFF92l/nfQhl5mq7B/WYRhBiI4vYkPV7qSB6APhGEWKdIdG7prubrc5XrsfCJ4lIN+7e1gPy3rP4XW6cTeZqvQZ1glNqFtX8SYsVrMVt2RkU41F62oQj19Nvz3t7kCElnq9KzzYRLHidhUH8NFV9+RNBovcKU+RwpjFa4XoPa21TQ7Cktb3Jr0fE1Iq8kwSYkPSs+wtgWc3bN1wBQr2FAddMEsS4ivLKOznnv0sWuod0F7PJcTfTJ2oF8Za3JfhOt61ZBhjFwgHxYCaX2Pn4f3xp9TluWdXzxX2JAnqng/zPJAC6lgSRVNv8TELw25r8Vr9zGT6RWdqvghNMHrtx34W2M14/zLdu4LfTFkwzmCIEOVhnc55oaXB/GrdGJj7U7YeePeyMA8lfxhsnnWpqajiW/FuycdOhELd0rpsXZ5I+oOR5DjAJiaI9+jAA/GbUSGUOimuP40cfqOJrVcBILokZY6rHU5rmVJl/B2Jdt1AvTthGlXmAszN13jPb2F2S5TYUx47zWxszXlLOO0lw3pd0yqy6HYG2VjRbPa9Yfc77sOefpvNS0hN+z+gVzo9OSE9zEEI9P16A7z50frp2ccUuVZ/j7SelVUH2QOLj02afQwRsTQsyudFQzCT6lhnT9NfeWtHT0TnfUF1Rh2+n5btu/C2ebLY1PZSszIqTV/TWe1y/liVGARjK89S0RJA48MesXucH/gZ32lFThkJxH61zFMuJZedwBWWJrffbfy4zqQ0/6re1ShtixZo1QU2R7VvtjS+b3A21KPLcpdPfPRcoFRwe5NfwWemufA3BTAL6zLghrdQGWzVarZ5PcLQ+MDpap5t6TQ/+q3Z3H/T2vIDmAavF6aUYZXWzG22TDAblYBwWaTefgldTpq68zjAUC8xUZ/85vk2Y6iIZ8kqSaJ4NbZmK+pCFCHxbI3C0ftPicc1CJXlxGiniNANFrBZ106bD44X70YJo4O47Y89R1i7ZWD5OiizhVqBUVMFUUQq0qMNBwvcKjv4GEGoZDpLbYTffkUXESwqpmpZrMnA4gw0Hkhyw2EL/rE6dRF2Zo+YMe1B+9xqvc/8KgNvx42+zfHsUTcSfOj9eeyXpGdm8cdQoUrcPSDglnjLiYCTSeSwyM+mBaabPUT0whZ0W5JUkBoO0j95ruIC4pthFRBD1qzjB7HE9waVwCNd0zEL6AWcPXyjELmq1u19Nlb45n4iS6ym+gD9jrrY/QPtAOi6nODC0x7QoZckByCtJgHG9eTY2BNZ63k14PyFW4k3btNcPaaUkSAY1KNZLstDcBuyC6QWzTgEKFYri7AyT12YFJp2Epw5i+rwAyQ7qBcFCD9BSs976UUfaR5JYnZayoIp2f4Nbj11ZP1AKutoFtWcYqsudUVFMEzgLp7AoXJJMftRWMnGCoss+CNGWLCkkPuj78XB/Zi3LDNFd3fqhbEMfouYnZL7u49fYZHO9VCOA74dTA0V+3wlHiQoQzIjHH4UQPwCwL1Co+iikhl5rW+p/IxO7J1liZKaiad4JZeF50Sqfxed6Ev+HC7Vegw9HM6FikTeSTJwg0waYLt9r/Kf+naPmbPWI5n9fFn2lht45PgYk65cCN2stv4llHumdgAR5U98VoiKdevJCEloGNBoUvY443aK765mcNKiIrMJAeQlBu6nMa23BTtaQeb1CFSroSg2XnttFzkkS9Xh7Gt+O0HMdigNPBuYE0kohUER+wUFsr2eDeEa9REu/uleZBgIAdK1wARNp7bnllCRkhm2qtz/M9Ob3JnPrUM8fctGmIrIP7Ky6IjSWCCAFf2EmdU5bYKsYU60cp+caIeB/6dSVM5JE/BTs9+Ij1OvxRm6hf2p2NH+Wi3YVkQuAPtMhDhfyBXxRskWZVBhTLd/BdOq4KkWeSQM5IUnNopoyc739MXx4+lJ3RfDamo5V12e9UUXkDqr4WE/aaCw521Rlv3/agmmnxfNuTIbIKikRRNceCaFr7drgyzqvCSPrJKn326dWlFeiDpJWkvnvRLD7CL0ProihxYZP175ZMaWKZhPNq0coop04pnrcTKvfdeP3a3r/mSpEKSUhLSuVfz5xgjKf6feBIfHk3+mGQc06SSQmkadbOgT5UQ0GDwkUxaxhBzJbwc7+T3x7rL4rgTb3HkPdosfid72PM8wHKGqTjVgXADMIIch2ayc8P6WsVNmZpesEwyiIOLs93WuzTpIeof7GCJzW5vVEA1wfUsXBLQ7v8my3p4j8INQbvFVS5GNYeh3ZgBfthce9YoNVQhbSXRGQeC+2NLh1WEX0R9ZJQl5rZp/jYA58KYtYeSaHYJ+rTD2spaHpP9luSxH5A5nGW3yuB7BfnzLUbRmAjl4InZ7JDXKiuAdsTe+aPa5fcolRXKZkgcr+tWFj74n5ip9URG6xpqN3PopO5GT1s6FuSxS9KKEc1d7g0Z2+IhY5WwImgzuzz3U6B/ZAnK87VEFWpk0PJQt3U8TwAinGFrflQFCMAaZP3M4FelShHo0SSmHncQ/YGh+0+J1TgEFfbu8elK/u7untvK7d2d5RDDu39aHZ2fxlrd9eb2ASbRbq9fnIFr4VLPTrgC07Wa9ybpbS0uK51GyyjxUCvuvu6f3rsjm+tHY9ixg+aLd6vpq6ZGrtOOPEa3CAPJdBy7cAAAAAtklEQVSl6U2YBkgqeULt7pqfTZOmnJMkan59Yq7rKaKwEI2geHG93/6AJKTzUKH/LctdglHynHwBxasbUR9+Pds3L/xYwEUMa1DQCjycYVpsuhxKSg9DHZUCeZNZfaZ5E38QgjWDEI3dIP6RLBZYpiiSpIi8IBpI4hF6UUCQek/D7sDYdGB8FwFsMp7fDgSrZkCRVISBcgGj8NSDn7tQhurAsqsEE1+ByshT9e1AW/DtqM9MzvH/uFCgxBI9EGYAAAAASUVORK5CYII= + mediatype: image/png + install: + spec: + deployments: + - name: xray-operator + spec: + replicas: 1 + selector: + matchLabels: + name: xray-operator + strategy: {} + template: + metadata: + labels: + name: xray-operator + spec: + containers: + - env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: xray-operator + - name: RELATED_IMAGE_XRAY_SERVER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-server:3.10.3-1 + - name: RELATED_IMAGE_XRAY_ANALYSIS_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-analysis:3.10.3-1 + - name: RELATED_IMAGE_XRAY_PERSIST_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-persist:3.10.3-1 + - name: RELATED_IMAGE_XRAY_INDEXER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-indexer:3.10.3-1 + - name: RELATED_IMAGE_XRAY_ROUTER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-router:3.10.3-1 + - name: RELATED_IMAGE_XRAY_RABBITMQ_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-rabbitmq:3.10.3-1 + image: registry.connect.redhat.com/jfrog/xray-operator:3.10.3 + imagePullPolicy: Always + name: xray-operator + resources: {} + serviceAccountName: xray-operator + permissions: + - rules: + - apiGroups: + - '' + resources: + - pods + - services + - services/finalizers + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - namespaces + verbs: + - get + - apiGroups: + - '' + resourceNames: + - xray-operator + resources: + - '*' + verbs: + - '*' + - apiGroups: + - '' + resources: + - events + verbs: + - create + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - apps + resourceNames: + - xray-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - apiGroups: + - apps + resources: + - replicasets + - deployments + verbs: + - get + - apiGroups: + - charts.helm.k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.k8s.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - policy + resources: + - '*' + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - '*' + verbs: + - '*' + serviceAccountName: xray-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - DevOps + - CI/CD + - Developers + - Software + - Productivity + - Artifact Repository + - Repository Manager + - Docker + - Maven + - Git + - Helm + - npm + - go + - golang + - kubernetes + - k8s + - rpm + - yum + links: + - name: JFrog + url: https://www.jfrog.com + - name: JFrog Xray Continuous Security + url: https://jfrog.com/xray/ + - name: JFrog Xray Continuous Security Video + url: https://youtu.be/wGzyKlQklKQ + maintainers: + - email: partner-support@jfrog.com + name: JFrog + maturity: alpha + provider: + name: JFrog + replaces: xray-operator.v1.1.2 + version: 1.1.3 +status: + certsLastUpdated: null + certsRotateAt: null + lastTransitionTime: null + lastUpdateTime: null diff --git a/Openshift4/operator/xray-operator/bundle/1.1.3/metadata/annotations.yaml b/Openshift4/operator/xray-operator/bundle/1.1.3/metadata/annotations.yaml new file mode 100644 index 0000000..2b47077 --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.3/metadata/annotations.yaml @@ -0,0 +1,12 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: openshiftxray-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v1.0.1 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 \ No newline at end of file diff --git a/Openshift4/operator/xray-operator/bundle/1.1.3/metadata/openshiftxray-operator.package.yaml b/Openshift4/operator/xray-operator/bundle/1.1.3/metadata/openshiftxray-operator.package.yaml new file mode 100644 index 0000000..bfb834e --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.3/metadata/openshiftxray-operator.package.yaml @@ -0,0 +1,5 @@ +channels: +- currentCSV: xray-operator.v1.1.3 + name: alpha +defaultChannel: '' +packageName: openshiftxray-operator diff --git a/Openshift4/operator/xray-operator/bundle/1.1.4/manifests/openshiftxrays.charts.helm.k8s.io.crd.yaml b/Openshift4/operator/xray-operator/bundle/1.1.4/manifests/openshiftxrays.charts.helm.k8s.io.crd.yaml new file mode 100644 index 0000000..e956a17 --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.4/manifests/openshiftxrays.charts.helm.k8s.io.crd.yaml @@ -0,0 +1,29 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: openshiftxrays.charts.helm.k8s.io +spec: + group: charts.helm.k8s.io + names: + kind: OpenshiftXray + listKind: OpenshiftXrayList + plural: openshiftxrays + singular: openshiftxray + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: '' + plural: '' + conditions: null + storedVersions: null diff --git a/Openshift4/operator/xray-operator/bundle/1.1.4/manifests/xray-operator.v1.1.4.clusterserviceversion.yaml b/Openshift4/operator/xray-operator/bundle/1.1.4/manifests/xray-operator.v1.1.4.clusterserviceversion.yaml new file mode 100644 index 0000000..e3b3aab --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.4/manifests/xray-operator.v1.1.4.clusterserviceversion.yaml @@ -0,0 +1,474 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "charts.helm.k8s.io/v1alpha1", + "kind": "OpenshiftXray", + "metadata": { + "name": "openshiftxray" + }, + "spec": { + "xray": { + "initContainerImage": "registry.connect.redhat.com/jfrog/init:1.0.1", + "common": { + "xrayUserId": "1000721035", + "xrayGroupId": "1000721035", + "xrayVersion": "3.10.3-1" + }, + "analysis": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-analysis" + }, + "name": "xray-analysis", + "podManagementPolicy": "Parallel", + "preStartCommand": null, + "updateStrategy": "RollingUpdate" + }, + "database": { + "password": "OVERRIDE", + "url": "OVERRIDE", + "user": "OVERRIDE" + }, + "global": { + "postgresqlTlsSecret": null + }, + "indexer": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-indexer" + }, + "name": "xray-indexer", + "podManagementPolicy": "Parallel", + "updateStrategy": "RollingUpdate" + }, + "persist": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-persist" + }, + "name": "xray-persist", + "persistence": { + "size": "10Gi" + }, + "podManagementPolicy": "Parallel", + "preStartCommand": null, + "updateStrategy": "RollingUpdate" + }, + "postgresql": { + "enabled": false + }, + "rabbitmq-ha": { + "enabled": true, + "image": { + "repository": "registry.connect.redhat.com/jfrog/xray-rabbitmq", + "tag": "3.10.3-1" + }, + "rabbitmqUsername": "guest", + "rabbitmqPassword": "guest", + "managementUsername": "guest", + "managementPassword": "guest", + "initContainer": { + "enabled": false + }, + "securityContext": { + "fsGroup": 1000721035, + "runAsUser": 1000721035, + "runAsGroup": 1000721035 + }, + "replicaCount": 1 + }, + "replicaCount": 1, + "unifiedUpgradeAllowed": "true", + "router": { + "image": { + "imagePullPolicy": "IfNotPresent", + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-router", + "tag": "3.10.3-1" + }, + "name": "router" + }, + "server": { + "image": { + "registry": "registry.connect.redhat.com", + "repository": "jfrog/xray-server" + }, + "name": "xray-server", + "podManagementPolicy": "Parallel", + "replicaCount": 1, + "updateStrategy": "RollingUpdate" + }, + "xray": { + "consoleLog": false, + "jfrogUrl": "OVERRIDE", + "joinKey": "OVERRIDE", + "masterKey": "OVERRIDE" + } + } + } + } + ] + capabilities: Seamless Upgrades + categories: Developer Tools,Integration & Delivery + certified: 'true' + containerImage: registry.connect.redhat.com/jfrog/xray-operator:3.10 + createdAt: 2020-05-22 00:00:00+00:00 + description: JFrog Xray Enterprise deploys Xray continuous security scanner into + Openshift (Requires Jfrog Artifactory) + repository: https://github.com/jfrog/JFrog-Cloud-Installers/tree/openshift4/Openshift4 + support: JFrog + creationTimestamp: null + name: xray-operator.v1.1.4 + namespace: default +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Represents Xray Instances + displayName: Xray + kind: OpenshiftXray + name: openshiftxrays.charts.helm.k8s.io + resources: + - kind: Deployment + name: '' + version: v1 + - kind: Service + name: '' + version: v1 + - kind: ReplicaSet + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + - kind: Secret + name: '' + version: v1 + - kind: ConfigMap + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: apps/v1 + version: v1alpha1 + description: '## Overview + + Openshift Operator to deploy JFrog Xray Continuous Security scanner into your Openshift cluster. + + + ## Security Context Constraints + + To deploy this helm chart you will need to be a cluster admin w/ access to the anyuid scc and add the operator service account to the anyuid scc. + + + ``` + + oc adm policy add-scc-to-user anyuid -z xray-operator + + ``` + + ``` + + oc adm policy add-scc-to-user anyuid -z openshiftxray + + ``` + + ``` + + oc adm policy add-scc-to-user anyuid -z openshiftxray-rabbitmq-ha + + ``` + + + ## Usage + + + An external DB is required. The operator will not deploy a DB but will require + you to specify the configuration values to connect to it. + + + Search for JFrog and click JFrog Xray Operator to install. + + + Go to the Installed Operators. + + + Wait for the JFrog Xray Operator to complete the installation. + + + Open the Operator and click on the provided API: Xray + + + Click Create New Instance and provide the following parameters for your DB configuration: + + + ``` + + JFROG_URL + + DATABASE_URL + + DATABASE_USER + + DATABASE_PASSWORD + + ``` + + + JFROG_URL is the external ip or DNS of your Artifactory to connect Xray to. Artifactory + is required to use this operator. + + + DATABASE_URL must be a Postgresql URL in the format: + + ``` + + postgres://postgres-postgresql:5432/xraydb?sslmode=disable + + ``` + + DATABASE_USER and DATABASE_PASSWORD must supply a valid user on Postgresql. + + + Click Create for Xray to deploy into OpenShift. + + + Open Artifactory in a web browser to complete the onboarding wizard for Xray! + + + ## Air gap environments + + + To use Xray Operator in an air gap environment you will need to download the images as image streams into your Openshift air gap cluster manually. + + + Use the image overrides to then specify the image stream locations that are local to your cluster. + + + Next you will need to setup the database of index data for xray to use when scanning artifacts. + + + Follow the link below for instructions on setup: + + + https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray#ConfiguringXray-SynchronizingtheDatabase + + + ' + displayName: JFrog Xray Continuous Security Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAMkAAADCCAYAAADjAebGAAAKN2lDQ1BzUkdCIElFQzYxOTY2LTIuMQAAeJydlndUU9kWh8+9N71QkhCKlNBraFICSA29SJEuKjEJEErAkAAiNkRUcERRkaYIMijggKNDkbEiioUBUbHrBBlE1HFwFBuWSWStGd+8ee/Nm98f935rn73P3Wfvfda6AJD8gwXCTFgJgAyhWBTh58WIjYtnYAcBDPAAA2wA4HCzs0IW+EYCmQJ82IxsmRP4F726DiD5+yrTP4zBAP+flLlZIjEAUJiM5/L42VwZF8k4PVecJbdPyZi2NE3OMErOIlmCMlaTc/IsW3z2mWUPOfMyhDwZy3PO4mXw5Nwn4405Er6MkWAZF+cI+LkyviZjg3RJhkDGb+SxGXxONgAoktwu5nNTZGwtY5IoMoIt43kA4EjJX/DSL1jMzxPLD8XOzFouEiSniBkmXFOGjZMTi+HPz03ni8XMMA43jSPiMdiZGVkc4XIAZs/8WRR5bRmyIjvYODk4MG0tbb4o1H9d/JuS93aWXoR/7hlEH/jD9ld+mQ0AsKZltdn6h21pFQBd6wFQu/2HzWAvAIqyvnUOfXEeunxeUsTiLGcrq9zcXEsBn2spL+jv+p8Of0NffM9Svt3v5WF485M4knQxQ143bmZ6pkTEyM7icPkM5p+H+B8H/nUeFhH8JL6IL5RFRMumTCBMlrVbyBOIBZlChkD4n5r4D8P+pNm5lona+BHQllgCpSEaQH4eACgqESAJe2Qr0O99C8ZHA/nNi9GZmJ37z4L+fVe4TP7IFiR/jmNHRDK4ElHO7Jr8WgI0IABFQAPqQBvoAxPABLbAEbgAD+ADAkEoiARxYDHgghSQAUQgFxSAtaAYlIKtYCeoBnWgETSDNnAYdIFj4DQ4By6By2AE3AFSMA6egCnwCsxAEISFyBAVUod0IEPIHLKFWJAb5AMFQxFQHJQIJUNCSAIVQOugUqgcqobqoWboW+godBq6AA1Dt6BRaBL6FXoHIzAJpsFasBFsBbNgTzgIjoQXwcnwMjgfLoK3wJVwA3wQ7oRPw5fgEVgKP4GnEYAQETqiizARFsJGQpF4JAkRIauQEqQCaUDakB6kH7mKSJGnyFsUBkVFMVBMlAvKHxWF4qKWoVahNqOqUQdQnag+1FXUKGoK9RFNRmuizdHO6AB0LDoZnYsuRlegm9Ad6LPoEfQ4+hUGg6FjjDGOGH9MHCYVswKzGbMb0445hRnGjGGmsVisOtYc64oNxXKwYmwxtgp7EHsSewU7jn2DI+J0cLY4X1w8TogrxFXgWnAncFdwE7gZvBLeEO+MD8Xz8MvxZfhGfA9+CD+OnyEoE4wJroRIQiphLaGS0EY4S7hLeEEkEvWITsRwooC4hlhJPEQ8TxwlviVRSGYkNimBJCFtIe0nnSLdIr0gk8lGZA9yPFlM3kJuJp8h3ye/UaAqWCoEKPAUVivUKHQqXFF4pohXNFT0VFysmK9YoXhEcUjxqRJeyUiJrcRRWqVUo3RU6YbStDJV2UY5VDlDebNyi/IF5UcULMWI4kPhUYoo+yhnKGNUhKpPZVO51HXURupZ6jgNQzOmBdBSaaW0b2iDtCkVioqdSrRKnkqNynEVKR2hG9ED6On0Mvph+nX6O1UtVU9Vvuom1TbVK6qv1eaoeajx1UrU2tVG1N6pM9R91NPUt6l3qd/TQGmYaYRr5Grs0Tir8XQObY7LHO6ckjmH59zWhDXNNCM0V2ju0xzQnNbS1vLTytKq0jqj9VSbru2hnaq9Q/uE9qQOVcdNR6CzQ+ekzmOGCsOTkc6oZPQxpnQ1df11Jbr1uoO6M3rGelF6hXrtevf0Cfos/ST9Hfq9+lMGOgYhBgUGrQa3DfGGLMMUw12G/YavjYyNYow2GHUZPTJWMw4wzjduNb5rQjZxN1lm0mByzRRjyjJNM91tetkMNrM3SzGrMRsyh80dzAXmu82HLdAWThZCiwaLG0wS05OZw2xljlrSLYMtCy27LJ9ZGVjFW22z6rf6aG1vnW7daH3HhmITaFNo02Pzq62ZLde2xvbaXPJc37mr53bPfW5nbse322N3055qH2K/wb7X/oODo4PIoc1h0tHAMdGx1vEGi8YKY21mnXdCO3k5rXY65vTW2cFZ7HzY+RcXpkuaS4vLo3nG8/jzGueNueq5clzrXaVuDLdEt71uUnddd457g/sDD30PnkeTx4SnqWeq50HPZ17WXiKvDq/XbGf2SvYpb8Tbz7vEe9CH4hPlU+1z31fPN9m31XfKz95vhd8pf7R/kP82/xsBWgHcgOaAqUDHwJWBfUGkoAVB1UEPgs2CRcE9IXBIYMj2kLvzDecL53eFgtCA0O2h98KMw5aFfR+OCQ8Lrwl/GGETURDRv4C6YMmClgWvIr0iyyLvRJlESaJ6oxWjE6Kbo1/HeMeUx0hjrWJXxl6K04gTxHXHY+Oj45vipxf6LNy5cDzBPqE44foi40V5iy4s1licvvj4EsUlnCVHEtGJMYktie85oZwGzvTSgKW1S6e4bO4u7hOeB28Hb5Lvyi/nTyS5JpUnPUp2Td6ePJninlKR8lTAFlQLnqf6p9alvk4LTduf9ik9Jr09A5eRmHFUSBGmCfsytTPzMoezzLOKs6TLnJftXDYlChI1ZUPZi7K7xTTZz9SAxESyXjKa45ZTk/MmNzr3SJ5ynjBvYLnZ8k3LJ/J9879egVrBXdFboFuwtmB0pefK+lXQqqWrelfrry5aPb7Gb82BtYS1aWt/KLQuLC98uS5mXU+RVtGaorH1futbixWKRcU3NrhsqNuI2ijYOLhp7qaqTR9LeCUXS61LK0rfb+ZuvviVzVeVX33akrRlsMyhbM9WzFbh1uvb3LcdKFcuzy8f2x6yvXMHY0fJjpc7l+y8UGFXUbeLsEuyS1oZXNldZVC1tep9dUr1SI1XTXutZu2m2te7ebuv7PHY01anVVda926vYO/Ner/6zgajhop9mH05+x42Rjf2f836urlJo6m06cN+4X7pgYgDfc2Ozc0tmi1lrXCrpHXyYMLBy994f9Pdxmyrb6e3lx4ChySHHn+b+O31w0GHe4+wjrR9Z/hdbQe1o6QT6lzeOdWV0iXtjusePhp4tLfHpafje8vv9x/TPVZzXOV42QnCiaITn07mn5w+lXXq6enk02O9S3rvnIk9c60vvG/wbNDZ8+d8z53p9+w/ed71/LELzheOXmRd7LrkcKlzwH6g4wf7HzoGHQY7hxyHui87Xe4Znjd84or7ldNXva+euxZw7dLI/JHh61HXb95IuCG9ybv56Fb6ree3c27P3FlzF3235J7SvYr7mvcbfjT9sV3qID0+6j068GDBgztj3LEnP2X/9H686CH5YcWEzkTzI9tHxyZ9Jy8/Xvh4/EnWk5mnxT8r/1z7zOTZd794/DIwFTs1/lz0/NOvm1+ov9j/0u5l73TY9P1XGa9mXpe8UX9z4C3rbf+7mHcTM7nvse8rP5h+6PkY9PHup4xPn34D94Tz+49wZioAAAAJcEhZcwAACxIAAAsSAdLdfvwAACAASURBVHic7V0HfBzF1Z83u3un5iLJGGzAdoyDgWDAgIxtSdd0xZiaxEASWiDARw9gei8hQCghhN5CJ4BDMHGMdbqiU7ExpgZCb4ZgTLFsg2Wr3O18792d7JN0ZfeaTvb9f7/T3u3N7oz25j/z3swrshCCEfg1nJvqG44F4HWMCQlPrwQmWgKt3oB6laqyIorYRiHTnzBBTI6ngLGjIqeBAUSOZpNjpdXrvDLg8DyuqqoYuqYWUcTQIEwSU73jtC0EGYSJjMOjZq/jQL6AH6POU0N5bF8RGaDe49pHkthM/G27u4W6eKmt6ZuhbtNwhIwdXzJX2y+hWSMFfmWqtv8Xj3/IQ7uKyBA4+58uS3BX32cj8A6LxzWz2d740VC2azhCrhtl3QcJsqOWwiiEzZ+1ZNYdy+Ys+yHXDUsEi98+Gxi/HlszDT/2oO60Aph6p9/W1DRUbSpIcDhnwJkq4OIsPJ49FM0pFNQ8UKNUTKk6hgl2NHZo7PusmwnxzKqelZd8MOeD7njXyAByhY46RpcYR/4Sj3/LSot1YrbPsb0RpCX4dkTfOdSdDsUecbDJ63S1NLg9Q9GuAsXYOOd2zXsrCgjYR+oqplQ+xOg5xApOAOeOM0wche9+F+86uWNd72tjqpW1+L5SS0VCCAsbIpIYGduXxRAkBpxzQJGRFUmyBV/ia1S/MwAdQ9OUoYfF7/qFxOEZFtXDBwIATqh1225od/o+Hvid/PY83wazx3UEl9jf8fOYVJXhzeKNUHlBD4j/GBgLsjj/KA4M+wxBkwoWgrHX8Jns2e+cUP89VO0ZSuy70DZ61EiFZpC4BIkCFFk6AI+DSUJ/AvZGr7nRvBdXjH9DFriSVym+zKC9GaHd6vnK6nNdhoy4kQ1caRCsqJDGAAmxAIAfv/kzY6+0tIaeYbahbNXQYNRI+Qg8jE5VTgj4Pt75zcwKuAJfo8xyoNlrPxP73014qjTefdQQPJp2a7MAv63xT1av8yVUTC/Ej7/Gl4Sv7pAQFw9luwoNAVvTIqvfebpgMA9//f91bgzOV6/yBYe6XUMD2FdDoVWre1c2x/ui3/QT3Sz8a73f7paF9CiO1QfEfi8EuwFnnfa025ol+Bvcb+PhWLPPcQMwOIKB+lJLg+eVoW5XocFvdd+Dh3uGuh0FgGRiVh/OT7i6Fe9kq9XzAb/GVmcyKSehTHMkztUGlbEHA7bGRzJpabaBo+W7eLhmqNtRRKFDvJtsHxBnhvuarY1PJ/o+IcOiU/O90VcRRQxbbOgMPl5RrvyekfVIf3QIIe5oaQ1ez6yJr9cyDRVRxLDGioN939csqtmjvLxqDgh1Jyagi4F47/uO1cvfnvd2T6rFjIxJYvU5rAz4efiW9JdynLw+wEb8vadjw1/b57VvyvT+abRnlgB+C74tYaq4trnBvTDfbSgUYMcoKy+tPETt7nK3zG1ZO9TtGUqsOHjFRjw8n861GZHE4nedA8BvY/0EPpiOn6YbqiuOq3XbDo+3OZMrWNyWnUExvgR9m2gcnrd4nUciUf6RrzYUEirKKp9iAIdJpSXN+DGJQFFEMqRNkmiH/BNLrBH9zCArfvMS876BOYHv0q1HD0Ax0LJw7C4zBw4PmBvNS2mJOx9tKBRYmiw/Adl4WOQTWCwe10+Lxo3pIW2SgCLTDreSvBDbiRuMZC5yXrr16AMcFudkJZKZxK+j89OGwgBwQ33sZ8HVvfGw1ZIExWz8f/kswVinYGpTwNb0YbbunTZJenrV9wyKRPsqyW3sAU6Y/Kjt0k+P93WlW5cWYB0lEycoO8dvAvwaH+KDfluTP5dtKCgA2z/2IwcYN1RNySXqmmx7KrJ8Dwt71EY6IzCuWn3O+wKtwbOzsYGaNklI17D6nY9gk05IUXT0xJ3kI/H4WLp1aUF5+XcqY+MTkRbwId6DRNon12QtGACri/2ID2b7oWpKrmD2Og9SZOU5Ntg6hOPIeJq5XtmA7y/MtJ6MFPeeNZ1nGKrKx2KDDkpakMP5fAF/MpdejbSUZ/W7yClszwRFpk7cWbkSj5fmqg2FAtQDt+PGkr1jz4FGn6HhAvK6lCWIR5AtAHZmzaKaq6MrW2kjI5LQEi+/xna42STfgC2azxKLXtPMlfb/w+PdWu9t8bsOZUJEXIoBnmy2Ni5OdY0Q6i0A/JGEBYBdYG5qWBhweJdrbcdwBFeMh9Ch/1kxZUgakwNQTAazyX4//qCJCRJBqaKMIKv1zzOpL+N9kqjMdwF26mUQ8TMZGbcghz9Y3JZ/NTubU1oRW/zOi3HkuyEajYLwa7PP8QtUxl5Idl2zrelRi8+1K16WaLaQuSw9Nr1p+r5vON7oTNWOYQsOxww+CT/Nf0NyA7PJQdbNNRqKdvR+8eNXmdaXtR13HOmfx478DgdOexLxRJ5KkI1PT1swzRbe5UyAaQtsFWOqlasHnAa8742c84WpIrY02xovQ7GL9mZuZ3EJC7uOlseSqc2xKf6lYYmIIqtY4ny1vbnRPG64L4XXLqgtNVRVXJs6JANB3LLi5BW9mdaZVbMUWnbDUXrmKGm7hwHgyEEFgNWOqR53J747JdE9FCXcpnhLy1NNbgeJDCmXMf3Wxr+hXL6IG42otAHVNZAsx+DM147E3urs0pAgpHfF7ULcoNCK17/y26LswlBdfiYedkpVTgjxfEtr8OZsbKFm3XaLxBgc8X9l8trfQJHpejZINoaTUSRaiSP+9fGuf/0w3zqLz/kEkuy4gd+pIDQr/tENzAv2XWi7ftQI5TzsNrTKYdzcCsbuMHmd77c0uJu13rPQYfY6XZzDEYlL8BlsGJOkrqlurCKXp1p4oXiLNyNBLsuW/0xODByjItGNOFr/Bzvjk2yAVxjqDNfhd+txJL8z3vW9HZ2nGqrKO7EgyZ5l+PqOCXYLduhP9baFSIeHK1EUfAFFtpfYlgAJisThHyiemNscvnf03rfQQDvsXDamcogjr9Mr8tGeXAAJcitL5mEo2PKgys5ptTe+nE0PzJxaAdOKFHbOAzjAv0gXiPmKVPI7rH5nt9/qfmDgdVHDyNP5NbazZ83qHrlszrK1mUaPRFHwdavPcThqNy1sy/9dpcjyEovHZR3OJhv4jPfgkpH811PshcB+FHFmOAapw//xcBzk4ixIhPERU8XlAYfnuVxEGc25qTzpKabFpplSacmz+CPZY75CnsB9OKNIiXSD6HTZwbIUidhva1qGxMTZKzYmFewIEgvgjOIcbjNK/Yv1I6SKsrOx85AIUqbhEm5g7GA8PpTjpmUV0Vny4ThfdQomru78eO1fwgp6jiJW58WfhMy0cVY40Fwv30E7oTFf0Yxyt8XvHN1sdd+Yj7Zs6AxeX1GuUHyl2NBE41DhbcWZ5sh8BLnDZyEfcADbQZFge8alEahHGCLfhIKqynsAxMZQKLRRVVmXJCk9QnQGQyEDQhoJwElp3RUl73p5RNlcfK8nbhqZbNCq3rAhSWS100ArpgNCXgkPsuKkNqtnZa7tm/PmdBWdFU7HmeNDJAbJln0KPdCeiNXnHB/o8Jyb61jD5IBj9btITzp1wFejURR7yepz/fH7jlV/SLZMrQcUEMzcZKcl8XoBrBb/2z3NJmU3/GwYXFpiUvipYFeWY9c7ylEeH1AUNK2BDgYwE4oue+EM/5/0bpA/0GBiMikUK2t6zOkeJtRLAq3e2/OV7SDvnokoWt2ORPkCf+InWKxJAcBZ5mrHJBQhjm49tPXHnDZCFQ8zDgNJQpCwE10xpnr8L3BWuQBnlZfSuX2tu7bKIJXPQVK4zF6HA0+FjQvT7NbZBu05Xc4odkEBg2JUm+rtj+IzmxtzejUOofMC9qZ2PYq5xes8Cv/pM1hYehBPBdZ4btMzGA+J+y5tPGInbMCf60XWPyDeIXJF2Ssmd8O8Fqf3v7mqHxW8V7Hzrsa3OyQo8jNs22KccV5DLfDBTZt6X1g+17c60f1IJKislPfnnFnwR3UalAraDZYLhBTxMM/scZkD9sZApjey+FyX4aS2d6Ch6ahsKc2RIO6OR/Dtb7acFe+K3p45AQ0WG7FAHfRkJMj9W87APuZqO1kfJNyrG4gh83EnJbreb6+TmdTIYh30ge0mKfIr+M9dHGjx3KVlSiVbntmzZ49pc7R9q6Vu+jGRAMvw7c9TFN0PO/p+ZaXK3diej4SA9/EckaULO0YZ6gU4Q8AuY6oVeuiSlroLBMAl9rBpsWn/dN16wyN9leM2fA7hANxmT8Nf8dCaacNoR91cZafIJbG+QS+HNnXN1dvWqPvEHwd/AyfXe1wPh5eKNWBIA0FQ6KJav73WwCQSa6bFfFWG/8gd5nrH0Ra//bxmq2dponvU+e0TsdyTSK59rV5nrb/B/YaWuoVg7+EPnIokfaCVOLIJ6x9wOl29oDAwWSoteXHfhbZDontJmmHxuHbHkf4+fLvZsUswTiuXGZEESVtpqK5YGHtfvPOyru4f5yybqz+TwYQJnILSxQ3diyqfEw+FTxIChS7FH8o0aqRMeyn9fCAoOB4wqR11GB/qEfd3MrZkRYN7PX1F5uBgNP6fwqSLsVx5pDzcjH/tgyqJD02zztYNqBs1QlmGA9EZOBD5UpXG0XemxMVpIAGJQf36Do4XWqIkJgQRTyotJYLEGGKKN9b/EJz7+mHppfro7la/KDFKcWNHo76o+fcfcpIQaCSrWVTjKi+v+ifJ9AO/x3M2VLRtFfi/oZhEBnqcG0to55wPKNhAbpwoyqUc0YCR/MxTFdv6geItDkReq8/1Pj4QIsq72OG/xffdQqhlHGBnLLQXnjfJEpuQZPlh70RfpILVbz8EJIkWcmJt7D7DBhw4cJajCDBlZaMPxV9ufEjA620OTyCRLrRsju9/Fp/jVABOLhpbVhMFe39NR+8TWttXECQhkGPM1CVTDx1vmPgMRfhIUIx+ofHJ7iOAX42HhpQVAmynu5FbM8JkYbtt+UiPSNcgsvMBi207JFvgGIjwEm+9cg2ARHGcYytbJ0LsoKX2/pYB5GhVUV5Fs80E+iwB2avZV6DIfUR4vyQOmm1ND9U12doVST5FAExFgrzTxdQ/UTYFre0sGJIQKBYrPrh5JpPyRJIcjklBsw7OJgemWr5FJXyv4a1SFB5KSpQ5eHhES9lZS2w7mU3KU6yf/hFGkAn1yGZ703uxJ8nMXzaU0G86YEUSalDk9tW6a2vane1x86+0OXy04JJ2MJKCIgmBNh2RKMfgA6Qp9Fdp3QT4zXwBdydaC5/eNL18tDy2GIcqy+AgKCLNI6nKWbzOX5YYFTJFGqRUC8HOaR5g9RBdEqYN4ERL9pMNcgXNRhn7s8dDwZGEECXKsUgU+pgOUX5mrrafjse/xvtytDRmoFlKEVkB2C1+19xErtazG22TjAblZuAwL/714vZmm/uugWfxtyTbtOSDGrBfsG2JJIQ+opjqZQMA/EL/HeA6nKIXDPTEoyVjBaRiJPocASXYp80+x+9a7d5/kEJNZjm1bsd+EmcnI0HIR6gk3nURJynP/IFUsPjtJmDSVRqqLs+89fFRsCQhEFGmLZj26zFV455PGZFlMEZxQ8lf2ADzC5lJtPuaMutREWljJAf+nNnr+M7qd63GI0VpqUp6hWDtvR2dxwzcOK5ZZBtTUabQHpiWjdpFGbQ5KQqaJAQyNJz8qG3exJ2VJfiwzDovPwJHtXkBW9OCvhNCqPcA8EHLzEVkHdtFX0lBaeo6hThoxYDg6lE9hGK1pXTVxbu0rf8heEG6DU2FgicJgQLK1Xidh1UA84cDcusAjmp31TXVtfSZrFDEFavPuTDJMvPWAlri/CdTBWUkfk8IWCe4OiJiai/2wN65O1kko3i0B0sgAuUB/u7uHw5fMWfwZqGp2k7u3QcmuZaWml/G/+/pQJtnQS4tgocFSQi00z7b5zjQyKANZxQ9MaTIL/oRlI0P6tt06gH1DAOTaHe/OgdN7cEOuEoA+wE74EbasQTayBJkih9encl1h9xErs7rf+y9LYG5yev4erHvw9QlU41j5UnTJYnNBCHqkDi0x5QHcVQ8sKp75VnxUrBZfI6jkcwXDb6EfYzP894QhF5otXo+2Xw+9a5YRhg2JCGQ26nF45oLEiNbrpTptGNACVPJG/HP9IFMYSx+1ynYeTNNyUCsexWY8KlCLBe0A9zm+V+yUS1iTqPszphEo/l0AOyYDPBzNizpRXNIZb/TEwsg2klfjr5upw2+ujp5JufsYGDhiDc/ybxd/bAORd4zm21NT8b70up11gDnA126V+GDvqy1temxfPmQxGJYkYRAvuj1HtchshQ2oUgVwS8GcAPqJwHydQ/fx9r4PBLlIeyZv9PbBiTGf5AYD27cFHxu0A5zilEtGsWFXi1958IKaqnsxDmHxAt66Z3haPa6ItDquSXTThR1jmujF86+l9Q3WmdwWT6JRczWtbgIJ8Pfe1jo/HabJ27AOEoPARKQAr75dxWC3b+mo3d+eId8iNJrDzuSEMjE2eJ1ngAcyKRa6whs5ABPT1tg26/PJGF98Nvfj5bHUiwqTXZHSA43Y6Hrm62eltSltYO8JfFAu89P1TxQo5ROrmyQOK3KhZe+RyW/WrwbCoaOa3F4X8t2J4qKpxQSdrlpselCqcR4AkqPp+kUd6mNb2Bvn58sqn+t2zbFoCikP/VFsyHHu+ObbY3/TLP5WcOwJAmhucH9jMXn3A0ArtZ+Few6plr5G46QR1IHoBhhdX77YQqTyLckSWoC8YYagnOz4aSUCtGIg0voVbOo5syK0sp5OMPQSE46VOyAsBpH2Vu+7ll5Z6LUytlE1JfjNn4Nv72+vuFQHHB+T8mBUlz2jirU61tbvc8mm+EsfvsMJAjZZPXtqK8O9QbntDi9b2Wp+Rlh2JKE0GL3XGv2OmgW0OoXQpiH+gmZMNxAH8gwzuRucEiK3MwG6zkbsSNe2tLhuTPXvvfxEI2GTsugj6GIOR5FTMpLWRFSxWebPl27PBshPPUi2tkpJvMLZHCICv8xEBEyaXaRcED5jJE1sRDPB+ze5vBslGCGI/3HbJLPAiaRY1TfgsY3SCwzEiRrSXgyxbAmCf0A9S/WHy+PKJ2Ko9oe2q+EP1h9jjf7jCDJVRjlYRNI4eiGu0QLvSpC7DeFEo8LRcxVjJZ0+5DjFR0twDa9iYc3ExZIMHfQLrypyX6o2aTQQLV7zFedoWDwIBQdC4YghGFNEgIFjcAOPg87+Aqm3TSBM+BP4nUH9JEAj+/VeJ37lQOE3T2/7vn8vHyIMdsSwnHCRpQdj7M/xfOdOqiAKk4J61YFhmFPEgJ1cIvPcUbS3CSDUYnE+vdMn2PWy7amNXQi6vV4Rk4auQ3D7HPsCoyfIY8o+y1LlJqDsSf8De6n8tgszdgqSEII5ybxu6woHx+v47KflgL/59QlUx3FWSP7QJ1lf4mLSzjww1lyN9B1Gzp7z81Xu/RiqyEJYX3w2zNGy2MpcvruKQtvQf04w8SHUU4+JhdxZLdFULginKUvlSVyxU69Qi+YuCm6DF6QGDYkodhWVVWSBUelyp7eDf+O54VGS7o4tR+DZWj3OHn67BgAwG/MHgdtcOXEHyEfCK9+cXaqAHYYROR9yuTlU4PBW/KV/s7kddolDldyaZC3YTKs7+7+UXOawKFAQZMkvBNdLv8cu/GhY6qVGajYXRPoaLov2XIs7ahb/M5rgcF1uioDSmnn/LbZ6r4l44bnEWR7Nc448RJZAiJ4acy4TblY5nFZ/qXV73qoq/uH+cviGBJmirC1bqX9l4LDfCTIDL3XC8GeyUW7somCIwntOJftMvownA2OryhXKJ+Ggk/y3109wf0o+oWWe7S0BG80mxTyP5mpp24k1p+wQ62hTFnptD3fQLGmdrxxEtk5JRMviTcnlRhH2nCkP76lwd2WjbopoY4sl51ornL8H9YwKV3DM6HmNnV5NlAwJKFIG6Wl8pkVU6pod7kvz8ZGnD3OCTg89+jRF8j+CMWu45FotIavw74r3KEesHidG2lHX8d1eQWJntVVyvUo1tBSqtaQJpNxpA/gIHA/KslXpKMDUDifivKqg3D0P0aRyynogyEzs0zxVavTszRXKROyhSEnicVt2ZkpxsvKShValYo1I/8ACXKEv8H9djoPkfKiWH2uP+CPGDftXBJIwOFx7EwGnFEe119zbmH1Oo9E0ZOC8E1I43Ii1Kk4Qx9t9TsfVYOhJ1qX+lckMhmhWb1icuWeDEQ9A25HgtAWZlnWoswI9uJwWCwZMpLsu9A2etRI+SpQjJSvxDjg6yUoQx+Vqay64ZOOm3FmokAS01IW7g9S+h+z+pxHdfcGz1zq8n2eSTuyASTHNMbhL/jKRpSXEThpnon6yplmk2O9xe+i4ORfAvmiYJ/AXluF7yfgs6OwroacxcMHNa2o/fnGkJAER+ljR40Mj4aD0peRaXRLa+8Z6lXLMk4KSbZN9R7XKbLE2lk64RoBDjIaFCsq9DevD35381DkfqcIIwZFvgJnNwqikIvfaxRSYHbsiTyFIwsGf+xuzk9VmSGvJKHVqvIy+b6E0U8oa6q96aJsTsFkVo+ixd00cqZ5izJU6K8aLW93ktnnunrjJx2P5sOwMBp+5yJ8ncjiJvwZ3sAf+PWc56HJEvJGElSk90VZ+HkWm2YhBvjQbm22NV6YCyUu+OOmS+WKssNxiNQQVCARYEcO7AEUQS5H0t20LvjdY7mYWUxepwXrOQvJQT74wymdgy4AEwkzBcQDJUbatMmo6o2Anw3khSQo8zo5cCJIXANEJMiTLQ1NF+RqlSNsBOl3nYFixMIs3A5JDnePlsfeYPG5HmUQwrb7VmQy+9U12XaTZflXOGP9SuIw2PBvK4RQtaU96ANtHuPzvg91s7cCbcH7s5WjXQtyThKz1+niHKhzDlTOIxBs+Rdf9p6kt5PRJpYeH49ma+OLSJRn0o0xHAejIglspLPNXsdKVPIX4//SJtSeZS1LW1YmWjGihEOzZlkmy7K0PzBOtmY2RVZ0evoNfwS5qoskhE1dvVeVlSofmE3KKSZ3w/H5csrKKUnwH9lbUuTnWCKCMLa2u7f3VxQySOs9w74IHsfZdSOtzfhR10MKBjvPVuRyWsbUE0RCCyaGswoDOw24kZlNjh4UyT7HGacDRwH634KCAeo2bDv8bmc2dCF8CgWrEkWBTwaKJ4DP9Q58rpeHs6H5XNcHWnv/mOtZJWckiW48kQ96wpi7OHecp2d5ddaSWSNx1KYoG+NwFPmL3jZR7C2Lz3EOANecmyJN0LJpNCsWxPwtIor2dC/sYeq9BiZRbGDayLzGZFIaDlhsO0pPyge9yBlJKsorL2FJzCVQtmpptTc9qlUPodWeEuNIiqTxM7xYS2zYuKBQNla/i/ZODk73HkVkBvztdSntsaBwUPj7UcQbCuBBg48JRbDlKLXMzVUy2pyQJGKYqCTNBxEKMc1LvSavc7LRoFCkjfAus8rU1zNpX1d372klRoUsVVNEIikiFxBCTZl6Lvn17HXUB/ePOTUBxa8AKvUOrTkz9SAnJCkvV45hSWM0ieZWu1uT4kaGdKhH0EPdbIYBIDLKd0iGkmaf6xwObFgYMm5l+LLV7k3L1KgPkd9/kABbzTg01rpts9udvo8zaeBA5IQkwMRByaVw0OQ/QLZD5VOqSPHvt7eiqjzjzbWArfERi89pBQjvZBeRJ+As8FzGm8UCjAm613YGRV44vWn6jGzuYeVIJ4H9kny5oWfNBk1h8it2qSK9xjTwPAdBpMnY5Lu3o/NUQ3XFz/BtsvYWkT2oIQjdn+lNBBMTIeEgDHuMlre7Ed+cpeVepOumWjzKOknClqNTqpIFXG5rHxBmPx7IOhgU48XxvsMHVIuHuLFk9YDaYW40H8KVkqXkE5Hp/YpIiWdbrZ4PMrkBbQGYPY7ZyUvBaajI36tFkceZ51azz/E4ZRtIVCZXq1sJZS0hhCZdBBQDKf7xfUEAfjFtwbRzKHdJes3bAsqEhXKsw6AoFJ0xaWbfIjLC+q7u3oxziJg9DXUazIskLkvkqZkyKAgAexcYf97qc5zvtzXdFq9M1klCxn/RXOtxw4biVJlyJIkmcDk6SZHtq6t2OBaPD6XZzH4gRQ+JYo7Goo1rW1ZERiAl5DitnqXJIBg/X8ueE+qa82oW1ZwWjYKZ+H5CvI9lUTjht1r9zkq/1X3FwDK5mklotogbelTLylTtaAf5fyTNkgTAr521ZNZz2fKPJqIcsNg2s6xUfh7vPisb9ywijF5VqCeiOPNi6qLJYfa4GrjEDtVYvKy8fBS5bydfbgYRk1MTLscZZe3AGSUnJBFC/Qd24vgkEZBSH5FATNWwRz2+xDiSMrUem0YT44J2bacumWodb5x4C9ZPQeqKG+WZ4dNgiB3dam/Sbac1EGQFbFAqdEkOoPLdWCqSMNbfJAr4zRav85PmBvdmY9ickOTrni8WYEe7iczLB34nQKT0ORcAIzT2zmOQ+W8kkiXTQTRI3Vlmr3MRB7i3qNCnBRRxxG0bOtfekErc0YLIYlAlxRzQJwoDVKQqIkJSKfR3SODA4cF6j2tFNP5ybkhCHc3ic1yGot4jg1sFSVIcRMCBrddcGTLf6nWu8ze4H9bVyBQINLgbaxfU7mGoqriAwg3hqZQPvAjK0xhObnRTtmypwntlu1Q+QTni9V5LKflSFuLquDhOq2Nkid2Lx7BolzPbrRa79zGzx37EwNTSSJzdUl6sivfDmQa1gWPZByw+V2WzrfHWNJqaENGl6mvNS8z3cKPxPGz96SxxLNttGR8IJIe6qeuhaB6TrICiwoyZEjaSTcvOTqV+lAIoLSTy3zkEpRQrJR7KGUloVxXlyOMMSvmyLRaxjOidUikOrPW8a652fMPi+MAnAP6v7BaLz7lH58a1Z2Vjiu/XnkgKt0vqX6z/o1xeeizWRmT5WTbrxdCg7wAAIABJREFUGIZAUUQ8iwroswG79+VsRz2h1HDV1QqlFt8rzVt0btq09hUN5RLGZhPAaZ8udyQhkDfZ7Eaby2gI70FEbK+A1VII/mT+zeRMZfU7cQSBc/TUh7PUiRXlVTNQnjw2mjsjq4i2mUxq7iZ3ZGTmsVjrL/HzztmuqwARQha8xgTzhFT2r/b2plc2O5Zl2aPU7HP9lkvsDpbEzUIDnk81WFI/lEeUJQzJirKMnTa1c+6ZSFv+WFEdKMbF+HFPfJVIFSUUCOLRZNd1dQdvLTEq8cINpcKeKE+SQ86NPR0bbtCyu58OoglKX+ecn1fvaZiOhDlIoNwMkZFpawjc0C3IqY28LZnaGgxubOkXf1m3hpAalibLT0Ay/JUPENHTgBrqDd6UqhBKBbQCm6x/caYYD8qLj3uzs/nLGq+zrgJ1B/x4BI74tLyalCS08YQd/Y/kWJNGlQpedwUq3cfiiH9Jq937TK6CoEXv+3r0dd30punlI/h2NZyzmcDgAOxk+2BbaFWmkJeT1+E/8S428D9hYrDQ6193f/lWvtJRhEf0irILQDaez/RF3IwPIe7S5FvC4bRURfCZHJC3aCnRBDlHWr3OU7Bxt1JwiGZrozvZNd93rLpxTPW4OWlv7gGbhFr90yav4wKs75qWhqZ/5TpiYNT6tDn6CmOmz1GNv/weKuNTeWQPiHzaJ7HIkmZlLtsTBZnvrMbe84UQ7Aus/3N8CJ9xpn6ysSv0Xi69+pIhrJhXy6ehyEOrh0k3j3Xgv993BC9NVcjit9uASRpiRYspeQ9O529w34/i10tMMfyOL+DeZMEcyDar1m8/wsAk8mRLJ6xnGDga7IuHhWav4y2cWW7p6Fj9bDbsvrQimkmrNfrqh9oFtaVihHF7hcP2IMvVQqhVAHw0/jgVqDmWYuPLcTZSAMIiXMzvJYjsNNJ34ZtuEIDyt7oBr1mngugQeBRc/U7t3fTdsjnL1hZSONHZPsf2BoDTxlQrFAtNb876ZPhOhNjP+1KQJwIF4zCbHCnFsQhg1JBEcCTxCw9XU2PZvORlyV2z3m93ykwiz8SUeywpsDcH/viY6vE3WXyuB4MQejidgATZRFRn+jz6yg0KJCC1CUVuicMpRuBHMv26Zip0qEKdE7A3pUwEa6p3kJi1f6pyUfQMacDsZLm9Y0Hm1eEHDNCII2s2wu+Mx5H5SoVJFGjOh53o8WDnpn8Ol4iCwwl1fvtERUhkrHosEiT1HllaEF/1BoNz2hy+d1KVxAF3qgySxlkk7I//zZBHldeKlgb3p7Xu2gMMSsXf8aMjS7fl4Z1czuwoF99r8TlfwsfyvNrVvTibm2LbGmiPAyRxuGAwDweiGpbYQypjUFAJ0dM9r80V+DpV2YgOpJCnq9YszVTBO8OGJARagkQ95kBzleMifOxXMx0p3zSgNBKjGH4hlZYGrT4Xhb1ZrDLV09rqfVPrrLctgsJHlZZWmjiAA9kwFyS2G8slMyIIoVZ2U+cnHVdric0cdb+g3XtdGQZUIXK7mZgLRBX9P9Z7XItlSdyPP0ZNDqqR8Rc249HMcZpBJW+N1e9qxVErEAqxtq7POt7KR9DsQoVpsakSjCUzUKOsw4+WivIq+g2yrWMkwztMqKc025qWMVvqwmFvRq/jQabfvGXNpk/XeocdSfpAO+o4OswyVTtOxhGL9lLG5rA6WoE5HOs5XJYYq5hS1YWkeRNHsleQOG+IYPCNtT98+14+V8zyhRqvc1Q5V/dmTNqXCTEd54cZONOSvdNQ7PusE0xcv2bN13dofdbhGcRrvwff/lZ3bYLdT4PhsCUJITqr3DtryaynSgwjz8efjcxYMjFl0AoKUzoTlf+Z4Z6iyGxM9fheq9/5Efadd5E8H4IQnwiufhwKSR+3O5u+LqQl2IGYtmCaoapqh0kAfAoIdYpgfBf838jebo8KDjuTh0+4YNZSXOnGJnym93Ru7L1BTxq7yY/aSswTHJST8Yg06lyv9nT9md4Ma5L0IeqdeGXNItsd5eXyOTja0RJfVZ6boVCkDjzuEe5L5BHKJEYzD071GyOxgckoEGhTbzWtmgghVjOVf43KzppQqHddryyvfa3N82M29B8yMZd2GT1SCoYqFYVXgYBqclMQnI2HsOEo7IDt2IF8fpDgtAcV8aoAXkimAT8gOR4MqezWPt8OraC9mAkTwqk+UgSNSAChXhk1bN06SNKH6Chz+fSm6TeM5tsdj+rEGdGOO9Qo6yNQ5GNEqSXXauqa5M0gS0pYqEf9R6AoR7v2P+J0H94sxMK0YdgDEV9xFfAXFNSb8TK6A55TQIRj45JJB71GokgYCcqt8L4qw6/+BCggOvTHJ/gv3r1BwENRSw1dQH11ppFzWsVKLx+NYN5Aq/fOPn1nqyJJH6KmIXejwnaP2dNgwQ51UjS71nCI5k49tyL8gv4ntxz7rxxBbIHhC9IxXkRyPIwdtDGd2ZT0D1OV42KcvSlWdHorn4J93hvq/E1s/VslSfoQ1QNop95PiUxHjFDmcRBHYY+i5JxbbRapYQTsiGIpDmLPiO6uZ/rEGy0rVgNBm4TmajuFrc0kiMd3QmVzKftA7MmtmiSxiKYRo2XABym+sCSVH8qBUco1MvoeDjPM1gKcMUQLEmNhd3fvC5mGGZq6ZKpxvGHSRTJIFO0zk99xdW+w19Hm8L038ItthiSxiI4UYcKQaftIaYyVA7hQsbWj2JIj04ltGIJ9LIB5hVCXqBu6vNky/zH7HIcjQW7O2FRJsPdFqBtnkObP4n29TZIkFlH9ZVH0xWr99h1lAVZgvB71aloZIWVbf3rrbRco4oqPRNhZC1pDEPK32bJrRGr1OVCk4jdw4OYs3O6Frp4fjk8Wv22bJ8lAkNUxHp6IvsK7y7y0tAZ/+Bk409QgcfZhEXfd4a8qZwerkBVv4vNZgY/klc7O3lf07GXogcVvnwFMuoIBz0YCpk6migsDDs89qfawiiRJgaihozv6CoOIw4wle3MOe+K4uTuAwNkGKKuX1sAVwxFrkAjvCQHv4vDwHvard6C3+63NynaOQO4U9fUNcwH4uUiQNFT6uHipu6f39HA0eQ1raEWSpIEocZpZjPchgXI6yvLIXTlXpwDAJGAwUUScxXaCSDBuMm8p1BmI/Ndpw44U6c+R/F8Kpq5kID5SN/V8lG+r6HDOzdLK35pN9t/3i7aTGT4QqrgoNjqjFhRJkkVE5dpXo69BoJWYathxnMHAxzImjUG5fSzOQmMgkpZuNMrwlfi+XESyhFUAHUV4xaYEqUV7jbRszWNeaswrNGDzcSMwsVGEPRbFBuxo64A8FhlbDyrrEBy+D4XYt5Lo/uaLVfxrPRmQc4moSHVCRXkV5bVMlsJDDz5F0eqmDZ+u/Vs6hqlFkuQR0cAKn7NceiEOQ9BiiUHAUahrnIgEyWY8s1eRHH8OtAWfDaexbkjvJkWSFDEkiBLjlwyAYhjMxtkvWyuIFGr1uWAI7m+1N0YCdadJjj4USVJEXkA+HRSfDHW1uSj6HWigSCXZIwaJikvw9eyGzo6F2Y7gWSRJETmDudE8jikGMwfuMnsdc/DUDlm8Pe29NKGO9VLox41NuYxPUCRJEVmD2efYlQuoE8BqgYGJG0qyEbSDEIwEzxPLVQFLhRAtFPMgS/dOibyThAK1QU9Ic5Q+Awt1J1qLr/fbd5EYmxgKSe/r9TcoIn2Q6FTXZP+JRGF5OJsuGOwLjO2HM0b1YHN8XehGfWIl3o/ysH8EqniXgXh7w8Z1b2VbhNKDvJOkhPGHwci1pvRCyJSKOm5QY0lIJwKwS8mxyepzfY6/zstCsJdDKlv+1Ve9bxbKsubWhp89aykXAkaGQPwgqew9JMo39NzZFhP/8rCfixB9OkcQdREK3LAJQFBn39C3FK2C+FZV+eqent7/rTi4+ZtC9ODcesStSEaqSUiaXxFpJk5Qei1+19v4Y71O8W3x2b8pOje9VYytlTmiERKzHrW/UILoDcTWQ5LBUKLhTUkUYBIlBRpRplr9rs9xRKMgZu8Ipr6HI9uHQ7GjXMTwwdZMknig6X8yzjaT8Xho3wqkVFrKkDzfMsE+Ekx8grPSZygKfIry8GchAV9907vyq3xFWC+i8LCtkSQZxiI5xgKD2vCnMH8gHCdkvHES+Z1/R+E08RwFcPgWiUY+KZ/6re57hrLRReQeRZJoA0lsY/EQju0Fm0PrkHk4K5JkK0eRJBlAMMjbWn0RQ4ciSTKBYJ8MdROKyD2KJMkIanEm2QZQJEkGAPJTKGKrx7ZGkjd7g73HZutmq1axj7N1ryIKF9sUSchbT0s2pCKKiMU2RZIiikgHRZIUsU2BghFGY61pRpEkRWwzoKB2o6Wxz1o8LmezvXFQONNEKJIkh4gE6ZbswPiOzbbGvyQrS342pQJcgrO9UHnaDgC4oFhXqlixZm3w36lyk8cD+X0csNiyo6LIu0kcxolwVBZRAirbKECsJ9u0zk71w1wFk9MKSvhZVSVNwH95JyHUkRx4Kf7fIRXERgDxbXe3+sXyuc1fpWtGT7laKqZUns+AU0Y0BSR2Hz4bs9b7FUmSRVDo/9rRjhpJEnMYA8eokcoMFnnGal2TrbHN4Xt/4DWRjLDydaXAT6OwQbFpFMIHDmxMtfJDvcfV0GpvjBuqaGAbTNUOF157hNnrcLJIvK8t96O/fEvyhopyiVn9zg8pJ4cA9e8tDb7WXPt0mJeYt+OK8RDBwYmtqMH/7yd9zQOIuqBwMj+NtLHEKFEipPUWv+stYKJFDUFzcN2Gpe3z2jclqydMjsmVR1TsUnUFfoyN8Vxf73H8jkXiQadEkSQZAjvveM6ZE39Tl7naQamzq+P45nFZUk7A40WxJ80+x77YQZ7Ft7ukqKa0C8RHyQpEO8TJ2IYL8eNEff8F7IpN3hWYdJrZ43jf7HPd1NrR9Hg03V7WYPHbTVjH+dxYciCLJCDSg1FY3sTILVhilxuqK7qQ3OTo1aYK8RoXsDIUCvVIMh/JBPxUANRWTKmirAFxo2ri73VTXVPdiwPTLMRDkSQZwOp3/VOWwukbUv7eAOznLIYkFq/zMJzyn2KRQHTJIVhLsoxPJGujOPFIViIdAtsNx/K/IdnOQRKfGLA1vZ7pLSl3iMz4nUgQe8bt24ISbKwFjxYOEZ9hiUe7szYX4ipZLr8Nj8ekKlgkSSYQ4rMYk+BU+Cnl8Vtqa/oGyfVr4EAJL7U9fxD/jneadA6Tx3EpiihXa76XduyNusFSq9d5tr/BfX+6N0ER6VSZSZSgs+BywOAPdzS277Fma6M7WbkiSTKAECyAFDlXa3kjY3uZvU4D10MQqicEiwaeC+seHvv9WP+JWu+TBowol9yHYs3OgQbPlXp0lUjudPttqPuck8P2ZQwQ7K7aBbV7JdNviiTJACEBK/Q8QMG4HfUXygys57IPmu2Ng/QRczXlJodcEiQGcDnqKkSQK7VegTPcjXgoaIKEAWyKUlV2HL67L1GRIkkyAIUxQtFpDYtEi08JHPUvYDoj7ohocqFY4Mh+Cd7mZD33yRjArkDR639aRC/Ut45CcfLCfDQrc4gHWlpDDyXL01gkSeagUV4TSVgaIalQwulHEpPXWSdxuFbvfbICDnegMv9qMmU+vLxrLLkrn81KE9/g61y/1f00syYvuK2RpKTWbUs7quBGWPv1QJMGHOlXYs+fmXnT4mJdW1uwrS/gczSJJmWYTed368LWvoE8/R4bXYV03Y/pV6aNqMw/he3YO1FgDG40Xsq0DxoDsQaf53/xef6ARwNElrJpxS6deHe0GjiC9U/l14n/+8sC2IL1wW8f12qesk2RhEIMGRQl6X5DMhhYNQXV+1e/k4J9lcO0PEvCKQOiQILMTyOJJiqk4rqu7h/vis0LWP9i/QhpRNnvsOm0Cz1Sx/2mjjNMOh+P1w/8osbrHFXB4RSd7aNnGFBVdlVre1PrwPzts5bYdjIalNNQVJ3Pwmsfmu/56sovew/ecUelShLdRhESG1rntn6fzkbpNkWSnADEdxkmrwpHRBdMtAshVnOAUvyBp1NKAiHUzaIWZdEqMY68QOe9NwgWcjVbPUsHfhEN0nc7ik9unB18TEcqO+ywF8/0Oe592da0JvZ8OYh5+G3qfZ9YCPHnQKvn/DA54uyiRFNYX1bvCe9JNeL7Km2NZA0TdpaOarY1Prr5XJrB74okyRAUqjPNBAI0oj3ULdTLae9k4JfTm6ZfIHfLm0e9EuOI/2P6Mz+dHo8gsUD94l3Uc45BPadJx30rShicySKz0GYAcJfO9vkDds98LaM7meRY/K4TcDjSnMoN23MVX8CfyNRyoEiSTMEhnbCpm4Qqjm1ucP8jUYFYeTmy5+A4VWcdrwYamp7QMnq2NLg9Vp+zkVEue40AgFOxA/5hQAfUp5sJmj+0iz/N1sYXrT7XcpwlDtB4yU9M1Q7S6JJuFqZCkSQZAn/hTp3CVjd2q0MCdrdX6wX1bgflk5+sqxZVPKCnAwrBHkAxSs9MsIO5qoEWTsMzEPlpjJbH7qTj+u8Cdm+bbhEIBA4soJUkyCdBdmJFkgwlsB/2hOMMawT22jsD9kbNBCFwKSzr62pXdzCoq2OsV79bMpqP7WG0PqERgvHDWZQk5XL1GKavke+ko0QLBm/p22iC6XrrGIgiSTJHMHWRGAimyysuAnDovGBlOEe5DpB4h6LMGzpEGRS5hKXvvSSgXA9FhBBpBSgHFa/TMShhm/TMbnFRJEmG4JyWLKWc3Z+MIo3A99B1kRBpBbugFBXY/TSTBHvg7qbFpspoRH5dgwXoWc6NASpARp1PW99qWxwUSVLgUATss9lDSiuAaXZNHYAPdZYHMJQSgdtZT89aZtSxNwkwSWddYXAQu+gUPZM6ZmlBkSQFDg6wdxqXfZFWZUL8j2m2/I+Cs93xb3vr8tY1ZpODslhpHbl3P2CxbYflc32r9VUITl3FBfta3/0HY1sjySeoKt6Y7sVC8Ley2RhNADFFr9KuChE3x2TK6xj7Rq/gyKPuwbSYa/G73sGWztB6aWmJchYeL9NaF5kUGRTll7oaCOxtXeXjYJsiCcrc3wRsjZr8mgsHoF/xVHlaJJEi9k66IPrt1As/tlcrSWjSOt/scfm0rPbVumurFKXiGaZTlxGq8OgpHw/bFEmGKcbpvUBl6aygMdYTCv5o4Iqua7CjV26uNxh6TpLli5KVHwADl9hii8/5R7Wr6454KfnId798cuUvDHIFSQCTdDWOsbWdm9a+pPOaQSiSpNAhwtlsdYFztSedqiRJ1n2dEGLzyN7i8L5m9bnasb21Om5hAICrpdLSS61+1+t4v3eReD8IwUbicULFlCqamfQYYMY0jt2bjdTWRZIUOkCU6tVJKGpIOlUJAfr2fNjgpVw1FJzPZbmd6V8Xp03MmUiYsGmL3vWDOPh6gxA3ZXwXViTJMADk7TeS1G6JSTq3LwD67ZoHHN7lKD5dR7NDFpumF2pIFScmizCjB0WSFD669F4gSZJm05JY9DJu1H2hEIOcr1rsnmvNHns1EuisdNqRKZC181sa3Euydb8iSQodgm3SrZOkuZstMdB9nQAYROKoTdbZVq/zfcbhZpaFXW+NCGGLzm22uv+azZsWSVLoALJx0qmTCP2dPVyVzHVfByyxDZa/wX23yetcJHEgv5Oj8aVv6UwfvhQs9Ntmq8eX7RsXSVLwgK90XwFCr3NW9Do+Ru81qOwn3TFHsYd2/0+Y7XNcbAQ4Dmu5BD9XJrtGJ9bjbHvH9x29f0onqLgWFElS8BD/0zuTgA5X3P5VqeMY6HOzBGCrUpWx+O2zDYyfgaUPZuku5/YHrcItQ5nuqe7uH56K9d3PBYokKXCoAv6rxzKcAABj06uN76D7EqEOipTfByTHDBDSbQBSrU6eEwleEELQUraM/89GrGidYLAShcn/dKr8tWytXGlBkSQFDi7EW3o3DVAESs+HAthPdF4huno2/DfeFxa/83Jg0tV4T337JUIs7A0FL46XpmKoUCRJgWNV78r/jDdO0mNdS4P21HTqAsH21DnifxhP1KEIk8DgOp3V031O8tvcz+m8LucokqTAQUHgrD5nq54gDdjR9+HXcD4whlUyhAPfGSftp6txQgxaSarz2ycqTLomXvGkt2LsiFTR3YcKRZIMA6As/hIO8HqCNIwy19nJD+UNrReMM04yM50RHYUIx8HqB1lIxyBJ9S71bmxZ06TL7z+fGAYkgZymJhsO2NTV+0xZqXIL05OugYeTC2kmCeI3OpvVsWbt14MsbFF92l/nfQhl5mq7B/WYRhBiI4vYkPV7qSB6APhGEWKdIdG7prubrc5XrsfCJ4lIN+7e1gPy3rP4XW6cTeZqvQZ1glNqFtX8SYsVrMVt2RkU41F62oQj19Nvz3t7kCElnq9KzzYRLHidhUH8NFV9+RNBovcKU+RwpjFa4XoPa21TQ7Cktb3Jr0fE1Iq8kwSYkPSs+wtgWc3bN1wBQr2FAddMEsS4ivLKOznnv0sWuod0F7PJcTfTJ2oF8Za3JfhOt61ZBhjFwgHxYCaX2Pn4f3xp9TluWdXzxX2JAnqng/zPJAC6lgSRVNv8TELw25r8Vr9zGT6RWdqvghNMHrtx34W2M14/zLdu4LfTFkwzmCIEOVhnc55oaXB/GrdGJj7U7YeePeyMA8lfxhsnnWpqajiW/FuycdOhELd0rpsXZ5I+oOR5DjAJiaI9+jAA/GbUSGUOimuP40cfqOJrVcBILokZY6rHU5rmVJl/B2Jdt1AvTthGlXmAszN13jPb2F2S5TYUx47zWxszXlLOO0lw3pd0yqy6HYG2VjRbPa9Yfc77sOefpvNS0hN+z+gVzo9OSE9zEEI9P16A7z50frp2ccUuVZ/j7SelVUH2QOLj02afQwRsTQsyudFQzCT6lhnT9NfeWtHT0TnfUF1Rh2+n5btu/C2ebLY1PZSszIqTV/TWe1y/liVGARjK89S0RJA48MesXucH/gZ32lFThkJxH61zFMuJZedwBWWJrffbfy4zqQ0/6re1ShtixZo1QU2R7VvtjS+b3A21KPLcpdPfPRcoFRwe5NfwWemufA3BTAL6zLghrdQGWzVarZ5PcLQ+MDpap5t6TQ/+q3Z3H/T2vIDmAavF6aUYZXWzG22TDAblYBwWaTefgldTpq68zjAUC8xUZ/85vk2Y6iIZ8kqSaJ4NbZmK+pCFCHxbI3C0ftPicc1CJXlxGiniNANFrBZ106bD44X70YJo4O47Y89R1i7ZWD5OiizhVqBUVMFUUQq0qMNBwvcKjv4GEGoZDpLbYTffkUXESwqpmpZrMnA4gw0Hkhyw2EL/rE6dRF2Zo+YMe1B+9xqvc/8KgNvx42+zfHsUTcSfOj9eeyXpGdm8cdQoUrcPSDglnjLiYCTSeSwyM+mBaabPUT0whZ0W5JUkBoO0j95ruIC4pthFRBD1qzjB7HE9waVwCNd0zEL6AWcPXyjELmq1u19Nlb45n4iS6ym+gD9jrrY/QPtAOi6nODC0x7QoZckByCtJgHG9eTY2BNZ63k14PyFW4k3btNcPaaUkSAY1KNZLstDcBuyC6QWzTgEKFYri7AyT12YFJp2Epw5i+rwAyQ7qBcFCD9BSs976UUfaR5JYnZayoIp2f4Nbj11ZP1AKutoFtWcYqsudUVFMEzgLp7AoXJJMftRWMnGCoss+CNGWLCkkPuj78XB/Zi3LDNFd3fqhbEMfouYnZL7u49fYZHO9VCOA74dTA0V+3wlHiQoQzIjHH4UQPwCwL1Co+iikhl5rW+p/IxO7J1liZKaiad4JZeF50Sqfxed6Ev+HC7Vegw9HM6FikTeSTJwg0waYLt9r/Kf+naPmbPWI5n9fFn2lht45PgYk65cCN2stv4llHumdgAR5U98VoiKdevJCEloGNBoUvY443aK765mcNKiIrMJAeQlBu6nMa23BTtaQeb1CFSroSg2XnttFzkkS9Xh7Gt+O0HMdigNPBuYE0kohUER+wUFsr2eDeEa9REu/uleZBgIAdK1wARNp7bnllCRkhm2qtz/M9Ob3JnPrUM8fctGmIrIP7Ky6IjSWCCAFf2EmdU5bYKsYU60cp+caIeB/6dSVM5JE/BTs9+Ij1OvxRm6hf2p2NH+Wi3YVkQuAPtMhDhfyBXxRskWZVBhTLd/BdOq4KkWeSQM5IUnNopoyc739MXx4+lJ3RfDamo5V12e9UUXkDqr4WE/aaCw521Rlv3/agmmnxfNuTIbIKikRRNceCaFr7drgyzqvCSPrJKn326dWlFeiDpJWkvnvRLD7CL0ProihxYZP175ZMaWKZhPNq0coop04pnrcTKvfdeP3a3r/mSpEKSUhLSuVfz5xgjKf6feBIfHk3+mGQc06SSQmkadbOgT5UQ0GDwkUxaxhBzJbwc7+T3x7rL4rgTb3HkPdosfid72PM8wHKGqTjVgXADMIIch2ayc8P6WsVNmZpesEwyiIOLs93WuzTpIeof7GCJzW5vVEA1wfUsXBLQ7v8my3p4j8INQbvFVS5GNYeh3ZgBfthce9YoNVQhbSXRGQeC+2NLh1WEX0R9ZJQl5rZp/jYA58KYtYeSaHYJ+rTD2spaHpP9luSxH5A5nGW3yuB7BfnzLUbRmAjl4InZ7JDXKiuAdsTe+aPa5fcolRXKZkgcr+tWFj74n5ip9URG6xpqN3PopO5GT1s6FuSxS9KKEc1d7g0Z2+IhY5WwImgzuzz3U6B/ZAnK87VEFWpk0PJQt3U8TwAinGFrflQFCMAaZP3M4FelShHo0SSmHncQ/YGh+0+J1TgEFfbu8elK/u7untvK7d2d5RDDu39aHZ2fxlrd9eb2ASbRbq9fnIFr4VLPTrgC07Wa9ybpbS0uK51GyyjxUCvuvu6f3rsjm+tHY9ixg+aLd6vpq6ZGrtOOPEa3CAPJdBy7cAAAAAtklEQVSl6U2YBkgqeULt7pqfTZOmnJMkan59Yq7rKaKwEI2geHG93/6AJKTzUKH/LctdglHynHwBxasbUR9+Pds3L/xYwEUMa1DQCjycYVpsuhxKSg9DHZUCeZNZfaZ5E38QgjWDEI3dIP6RLBZYpiiSpIi8IBpI4hF6UUCQek/D7sDYdGB8FwFsMp7fDgSrZkCRVISBcgGj8NSDn7tQhurAsqsEE1+ByshT9e1AW/DtqM9MzvH/uFCgxBI9EGYAAAAASUVORK5CYII= + mediatype: image/png + install: + spec: + deployments: + - name: xray-operator + spec: + replicas: 1 + selector: + matchLabels: + name: xray-operator + strategy: {} + template: + metadata: + labels: + name: xray-operator + spec: + containers: + - env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: xray-operator + - name: RELATED_IMAGE_XRAY_SERVER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-server:3.10.3-1 + - name: RELATED_IMAGE_XRAY_ANALYSIS_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-analysis:3.10.3-1 + - name: RELATED_IMAGE_XRAY_PERSIST_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-persist:3.10.3-1 + - name: RELATED_IMAGE_XRAY_INDEXER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-indexer:3.10.3-1 + - name: RELATED_IMAGE_XRAY_ROUTER_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-router:3.10.3-1 + - name: RELATED_IMAGE_XRAY_RABBITMQ_IMAGE_REPOSITORY + value: registry.connect.redhat.com/jfrog/xray-rabbitmq:3.10.3-1 + image: registry.connect.redhat.com/jfrog/xray-operator:3.10 + imagePullPolicy: Always + name: xray-operator + resources: {} + serviceAccountName: xray-operator + permissions: + - rules: + - apiGroups: + - '' + resources: + - pods + - services + - services/finalizers + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - namespaces + verbs: + - get + - apiGroups: + - '' + resourceNames: + - xray-operator + resources: + - '*' + verbs: + - '*' + - apiGroups: + - '' + resources: + - events + verbs: + - create + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - apps + resourceNames: + - xray-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - apiGroups: + - apps + resources: + - replicasets + - deployments + verbs: + - get + - apiGroups: + - charts.helm.k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.k8s.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - policy + resources: + - '*' + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - '*' + verbs: + - '*' + serviceAccountName: xray-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - DevOps + - CI/CD + - Developers + - Software + - Productivity + - Artifact Repository + - Repository Manager + - Docker + - Maven + - Git + - Helm + - npm + - go + - golang + - kubernetes + - k8s + - rpm + - yum + links: + - name: JFrog + url: https://www.jfrog.com + - name: JFrog Xray Continuous Security + url: https://jfrog.com/xray/ + - name: JFrog Xray Continuous Security Video + url: https://youtu.be/wGzyKlQklKQ + maintainers: + - email: partner-support@jfrog.com + name: JFrog + maturity: alpha + provider: + name: JFrog + replaces: xray-operator.v1.1.3 + version: 1.1.4 +status: + certsLastUpdated: null + certsRotateAt: null + lastTransitionTime: null + lastUpdateTime: null diff --git a/Openshift4/operator/xray-operator/bundle/1.1.4/metadata/annotations.yaml b/Openshift4/operator/xray-operator/bundle/1.1.4/metadata/annotations.yaml new file mode 100644 index 0000000..2b47077 --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.4/metadata/annotations.yaml @@ -0,0 +1,12 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: openshiftxray-operator + operators.operatorframework.io.metrics.builder: operator-sdk-v1.0.1 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 \ No newline at end of file diff --git a/Openshift4/operator/xray-operator/bundle/1.1.4/metadata/openshiftxray-operator.package.yaml b/Openshift4/operator/xray-operator/bundle/1.1.4/metadata/openshiftxray-operator.package.yaml new file mode 100644 index 0000000..467ce1e --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/1.1.4/metadata/openshiftxray-operator.package.yaml @@ -0,0 +1,5 @@ +channels: +- currentCSV: xray-operator.v1.1.4 + name: alpha +defaultChannel: '' +packageName: openshiftxray-operator diff --git a/Openshift4/operator/xray-operator/bundle/bundle-1.1.3.Dockerfile b/Openshift4/operator/xray-operator/bundle/bundle-1.1.3.Dockerfile new file mode 100644 index 0000000..0875274 --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/bundle-1.1.3.Dockerfile @@ -0,0 +1,19 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=openshiftxray-operator +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.0.1 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 + +COPY 1.1.3/manifests /manifests/ +COPY 1.1.3/metadata /metadata/ +LABEL com.redhat.openshift.versions="v4.5,v4.6" +LABEL com.redhat.delivery.operator.bundle=true +LABEL com.redhat.delivery.backport=true diff --git a/Openshift4/operator/xray-operator/bundle/bundle-1.1.4.Dockerfile b/Openshift4/operator/xray-operator/bundle/bundle-1.1.4.Dockerfile new file mode 100644 index 0000000..3de8131 --- /dev/null +++ b/Openshift4/operator/xray-operator/bundle/bundle-1.1.4.Dockerfile @@ -0,0 +1,19 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=openshiftxray-operator +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.0.1 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 + +COPY 1.1.4/manifests /manifests/ +COPY 1.1.4/metadata /metadata/ +LABEL com.redhat.openshift.versions="v4.5,v4.6" +LABEL com.redhat.delivery.operator.bundle=true +LABEL com.redhat.delivery.backport=true diff --git a/Openshift4/operator/xray-operator/watches.yaml b/Openshift4/operator/xray-operator/watches.yaml index c74dbda..1064cda 100644 --- a/Openshift4/operator/xray-operator/watches.yaml +++ b/Openshift4/operator/xray-operator/watches.yaml @@ -4,7 +4,6 @@ kind: OpenshiftXray chart: helm-charts/openshift-xray overrideValues: - xray.initContainerImage.override: $RELATED_IMAGE_XRAY_INIT_IMAGE_REPOSITORY xray.server.image.override: $RELATED_IMAGE_XRAY_SERVER_IMAGE_REPOSITORY xray.analysis.image.override: $RELATED_IMAGE_XRAY_ANALYSIS_IMAGE_REPOSITORY xray.persist.image.override: $RELATED_IMAGE_XRAY_PERSIST_IMAGE_REPOSITORY